This article by Niklas Jakobsson, CEO of Axiomatics, originally appeared in SC Magazine.
Not all security controls are created equal
Automation is critical
With dynamic authorisation, businesses can easily automate policy changes the same way they can automate code changes. The ABAC service itself is also managed like a microservice, meaning it has the same flexibility, deployment and automation characteristics as any application microservices. In the end, the lifecycle of redeploying the application and security components is fully automated and any changes to policies are part of the automation process.
Businesses deliver a multitude of benefits with the automated approach, including:
* Relieving pressure on developers since they are no longer required to write security rules into their code.
* Access rules are now enforced consistently across applications, APIs, microservices and data resources, reducing the risk of overexposure to information and security breaches.
* Developers can now spend the bulk of their time on business functionality instead of worrying about access security.
Security technologies like dynamic authorisation delivered with ABAC play an integral role in the DevSecOps process. Dynamic authorisation implanted directly into the development cycle, allows organisations to successfully achieve DevSecOps, compete more effectively and securely in the market and better serve customers across the globe. Are you ready for the evolution?