+

New Years Detox – Eliminating Toxic Combinations in your Access Control

As access control has become more complex, the assignment of roles has exploded out of control, making it harder to eliminate toxic combinations of roles that end up allowing access that should actually be denied. For example, the same person entering a trade should not be allowed to confirm it as well, as this can lead to fraud or that employees in certain lines of business should not be allowed to access specific applications.

A policy-based access control approach that uses attributes to build policies is an intelligent – and scalable – way to overcome this potential compliance nightmare.

Key takeaways

  • Overview of toxic combinations and Segregation of Duties
  • Introduction to attribute and policy-based access control
  • Guidelines to simplicity of set-up, and working intuitively within this framework
  • Policy modeling hands-on workshop

 

 

Other Resources

Webinars
Zero Trust Through Dynamic Authorization And Policy Driven Access
Join experts from KuppingerCole Analysts, Ericom and Axiomatics for an interactive discussion on the role of fine-grained access controls in adopting Zero Trust and how best to address that challenge to meet the needs of a hybrid workforce using cloud-based applications and adopting new ways of working, such as DevOps.
Webinars
The Convergence of Cloud, DevOps and Access Control
Security experts from industry-leading NTT DATA and Axiomatics are making a deep dive into migrating access control to the cloud. Follow the demonstration of how to set up a project for containerization using ALFA and Jenkins.
Webinars
ABAC as code – Applying Modern DevOps to Policy Authoring
A DevOps approach to externalized business policy engineering can ensure modern CI/CD processes help IT adoption of access control policy authoring.