Download your copy of our State of Authorization: Playbook Edition Get it now »

A Practical Guide to Policy Modeling

A solid access control policy ensures the right data or processes are only accessed by the right people at the right time.

With this in mind, many organizations wonder how to build policies that not only reflect appropriate access, but also address all applications and databases (whether in the cloud or on-premises) while being both repeatable as well as scalable.

Axiomatics advocates that strong policies are built on an Orchestrated Authorization model.

This is particularly true when thinking about Zero Trust, as the Orchestrated Authorization model is the foundation for building a policy that continuously validates permissions for each user based on a set of attributes (who, what, where, when, why and how).

A policy based on an Orchestrated Authorization strategy requires several key elements, which are obtained through the policy modeling process.

This practical guide will go through the five steps Axiomatics recommends when developing policies.