Authorization that Scales to the Cloud and Beyond

Companies are leveraging cloud native capabilities such as storage, orchestration, and compute to deliver value to their business; and much of net new application development now takes place in the cloud at a faster pace than ever before. We see the proliferation of more services, more users, and more data which all translate to more […]

Axiomatics Policy Server Product Sheet

The Axiomatics Policy Server is the industry-leading solution to control access to critical applications. Using externalized dynamic authorization, it provides the most efficient policy engine on the market, and the most complete solution available for enterprise-wide roll out of Policy and Attribute Based Access Control (PBAC and ABAC). With on-premise, hybrid and cloud-native capabilities, this […]

IT Pro Portal:Critical Data Security Trends for 2019 and beyond

An article by Gerry Gebel in www.itproportal.com; IT Pro Portal covers the Critical Data Security Trends for 2019 and beyond.  It originally appeared here. Critical data security trends for 2019 and beyond Let’s take an in-depth look into the trends we expect to shape the data security landscape next year. Enterprise security is rapidly evolving […]

DZone: Breaking Down the DevSecOps Approach

Take a look at how DevSecOps truly works to make your apps more secure. A feature article in DZone by Gerry Gebel. To keep pace with today’s on-demand world, organizations have shifted toward modern development practices like DevOps to immediately deliver products and services to their customers. DevOps merges software development and software operations teams, […]

TMCnet InfoTech Spotlight: Federated Identity Management and Dynamic Authorization

TMCnet InfoTech Spotlight: Combining Federated Identity Management with Dynamic Authorization The virtualization of nearly everything digital is pushing more and more applications, services, storage, and compute to the cloud, now including real time communications (voice, video, messaging, collaboration) and combinations of connected machines and humans. Enterprises, governments, and individuals are operating in continuous contact, in […]

Dynamic Policy Driven Authorization for Agile Enterprises

Authorization is more relevant than ever. In particular, the pace of technological change argues against the hard-coded access control hierarchies of the past. Business disruptors impact many industries (such as IoT) and force companies to be more agile and proactive (rather than reactive). The new way forward is to choose patterns and technologies that will […]

5 Hidden Pitfalls of DIY Access Control Development and How to Avoid Them

Build V. Buy: Organizations that attempt to build their own access control internally often overlook or significantly underestimate the effort required to build, operate, and maintain security, functionality, and compliance in their DIY solutions. This is particularly true for regulated entities where internal development efforts undervalue the burden of compliance with internal audits or regulatory regimes […]

Top 10 Misconceptions of a Policy-Based Approach

Even for senior software developers, wading into the world of IAM (Identity & Access Management) and access control can be daunting. Making your way through the acronyms is a chore in and of itself — RBAC, ABAC, PBAC, XACML, SAML, etc. Then, you must wrap your head around the complexities of roles, permissions, attributes and so […]

Securing Critical Enterprise Applications and APIs with Dynamic, Risk-based Authorization and Governance

Until now, Identity Governance and Administration (IGA) and ABAC tools have largely been deployed and operated independently of each other. However, there is significant value in describing and implementing a set of use cases where integrations between IGA and ABAC systems can be accomplished to further ensure best-in-class IAM. Growing customer requirements are the key […]

Dynamic Authorization Extension for SharePoint®

The Dynamic Authorization Extension for SharePoint integrates the Axiomatics Policy Server into existing SharePoint sites to provide dynamic Attribute Based Access Control (ABAC) to assets managed within SharePoint. This extension will reduce time spent managing authorization and enable centralized reporting to ease the administration and management burden. The visibility into access control helps to audit […]

CloudPOST Feature: Establishing a Secure Cloud Infrastructure with Dynamic Authorization

By David Brossard for CloudPOST Today, it is imperative for businesses to increase scalability and enable collaboration among development teams to help solve complex challenges, all while cutting down on IT business costs. To accomplish this daunting task, more and more organizations are shifting their entire IT infrastructure to the cloud and adopting a “cloud everything” […]

DZone Feature: The Journey Toward Securing the Cloud

by Gerry Gebel for DZone.com If you are in the process of moving to the cloud or still in the planning stages, the need to address complex access control cases for cloud-based resources is a must. The migration from on-premise infrastructure to the cloud is underway. Many organizations are actively adopting a cloud-first approach and […]

Infographic: Build vs. Buy for Dynamic Authorization Solutions

When making a Build vs Buy decision for IAM and dynamic authorization, you must take into account the hidden costs of DIY. In this infographic, we dive deeper into the Build vs Buy decision to explore hidden costs, including: human costs, costs of risk, cost of technical debt, competitive losses, and opportunity costs. Fill out […]

Authorization Made Simple: Using ALFA, REST, and JSON to Secure Applications

As more companies across all industries develop more applications, the challenge of securing those applications becomes more complex. In this webinar, Jonas Iggbom and David Brossard of Axiomatics discuss how easily authorization can be externalized from your apps, expressed as policies, and enforced consistently using ALFA, XACML, and the Axiomatics Policy Server. Fill out the […]

Build vs Buy for Dynamic Authorization Solutions

When should you consider investing in Dynamic Authorization software versus building your own in-house solution? When evaluating the best approach to securing your APIs, applications, databases, and cloud, organizations are often caught in the decision of building a framework in-house vs. engaging a vendor to help. There are several key advantages to partnering with a […]

CSO Online Feature: Why You Need Both Authorization and Authentication

How to effectively manage IAM controls to secure critical assets by Gerry Gebel In previous posts I have discussed in depth the importance of authorization, specifically dynamic authorization, to control access to critical information assets. However, authorization is only a portion of the access control equation, another piece that organizations require is the authentication step […]

Streamline Access Control with Federated Identity and ABAC

Enterprises are pained by legacy access control approaches. They are looking to achieve better access control management and consistency along with strong audit control and ease of record keeping and archiving. But the challenges are many: Lines of business have defined their own roles for access. Silos in the organization have different models and patterns […]

KuppingerCole Report – Executive View: Axiomatics Policy Server

The Axiomatics Policy Server (APS) has been named among the leading access control solutions for its outstanding features according to KuppingerCole in this Executive View report. Axiomatics provides a complete enterprise-grade dynamic authorization solution that can address an organization’s breadth of access control needs. APS makes available a suite of tools and services to manage […]

CSO Online Feature: Striking a Balance between Customer Experience, Security and Privacy

Everyone is a consumer with Consumer Identity and Access Management (CIAM) by Gerry Gebel, for CSO Online Competitive forces and market dynamics in many industries have led more organizations to focus on digital transformation projects to modernize their applications. A key driver for these projects is improving customer experience. To be successful, organizations must provide […]

ReadITQuik Interviews Niklas Jakobsson, Axiomatics CEO

This week, read Niklas Jakobsson, CEO at Axiomatics talk about security services organizations should use to access data and resources and how the first line of protection should always be based on Attribute Based Access Control (ABAC) – a platform that can turn collaboration into a competitive advantage by enabling individuals within an organization to […]

Fortune 500 Transportation Company Simplifies Access Control for 175,000 Users

One of the largest freight transportation companies in the world, with over 50,000 employees, stores and manages data with access in mind for over 175,000 user accounts. Over the past 50 years, the company has solved difficult technical problems for this population with innovative, forward-thinking solutions. With time however, the company had outgrown its systems, […]

Empower the New Identity Architecture: Combine a Federated Identity Service with Attribute Based Access Control (ABAC)

In today’s complex identity infrastructures, flexibility has become an essential requirement. The rise of cloud-based platforms, SaaS applications along with other industry trends such as Internet of Things (IoT), and Big Data has added to the number of distributed identity silos that enterprises must manage. Implementing fine-grained access control across a wider array of sensitive […]

EY Digital Identity and Access Management Report

As organizations shift business strategies towards new digital channels to maintain a competitive advantage, and consumers become increasingly reliant on multiple device connections, cybersecurity threats are becoming more prolific and more sophisticated than ever before. Cybersecurity is no longer about prevention, but rather about detection and readiness for the inevitable. And everyone, from boardroom to […]

Security Compliance Using Externalized Authorization

Central Decision Point for Fine-grained Access Control: Entitlements Management To effectively comply with various industry regulations, businesses require integrated, cost-effective information risk management solutions that can protect data and manage entitlements over applications. This document offers guidance on conducting an organizational IT risk assessment, and provides a template for determining what type of security controls […]

KuppingerCole Executive View: Axiomatics Policy Management Suite

The Axiomatics Policy Management suite provides a solution for companies wanting to provide fine grained access control to protected resources. This means evaluating a user’s access request, at runtime, against pre-determined policies to either permit or deny the user’s request. Applications then apply the decision. The Axiomatics Policy Suite was featured in this Leadership Compass […]

Why Axiomatics?

As the global independent leader in Dynamic Authorization solutions, our people, expertise, and our best-in-class software set us apart. Customers come to us to solve complex use cases around access control to applications, databases, Big Data, microservices, and APIs. Through a policy-based approach to dynamic authorization that utilizes the Attribute Based Access Control (ABAC) model, […]

Federal Mission: Security Compliance using Externalized Authorization Management (EAM)

United States federal agencies are beholden to myriad regulations and standards, some of the most notable of which are the FIPS Publication 200 and the NIST Special Publication 800-53. Both documents, in combination, “ensure that appropriate security requirements and security controls are applied to all federal information and information systems.” These documents offer guidance on […]

Protect Critical Data and Enable Collaboration with ABAC

Access control has evolved to meet the changing security challenges organizations face in the digital age. Attribute Based Access Control, known in brief as ABAC, is quickly becoming the standard model for organizations confronted by the need for a robust and flexible solution to today’s increasingly complex security demands. Download the PDF to learn more […]

How ABAC fits into an IAM Framework

IAM teams are finding that Attribute Based Access Control is key to meeting regulatory and compliance requirements. ABAC is an access control approach that is recommended by NIST and discussed in their Guide to Attribute Based Access Control (ABAC) Definition and Considerations (NIST Special Publication 800-162) document. With ABAC, the use of subject, environment, and […]

The Basics of Attribute Based Access Control (ABAC)

Traditionally, the focus of authorization and access control has been on building barriers to sensitive data and only making it available to a select few. But that’s changed as companies want to get more from their data and make it really work for them. Authorization is now about facilitating user access to the right data […]

Axiomatics Dynamic Authorization

Unified Dynamic Authorization: Enterprise Access Control, Anywhere, anytime.  Axiomatics provides externalized authorization through attribute and policy-based access control for applications, databases, Big Data, APIs and microservices. As the premier vendor in authorization, Axiomatics solutions are ideal for enterprises and government agencies that need to securely share information, while complying with complex and ever-evolving regulations. The Axiomatics […]

Extending CA Single Sign-On with XACML Capabilities

Axiomatics CA Validated extension for CA Single Sign-On leverages Single Sign-On’s existing authorization capabilities and allows users to implement risk-intelligent policies that adapt with an organization’s changing IT environment. When used in combination, the solutions enable organizations to implement data governance with standards-based policies that control SOA and WAM. The CA Single Sign-On product is […]

Bell: Cutting through the Code to Meet Export Control Regulations

When Bell realized the scale required to develop an in-house access control system to manage strict export regulations, the decision was made to look externally, and enlist a proven vendor solution. Axiomatics served up what was needed: Dynamic Authorization with Attribute Based Access Control (ABAC) for sensitive and regulated data, throughout the entire enterprise. The […]

KuppingerCole Leadership Compass 2014

The Axiomatics Policy Server was featured in this Leadership Compass from KuppingerCole, by analyst Graham Williamson: Dynamic Authorization Management: Leaders in innovation, product features, and market reach for Dynamic Authorization Management. Your compass for finding the right path in the market. Axiomatics provides a sophisticated policy management environment. It divides policies into domains and allows a […]

Five Ways to Prepare for an ABAC Program

As adoption of a policy-based approach to access control using ABAC becomes more widespread, organizations are faced with the challenges of how to prepare for a deployment: to ensure speed-to-market, enterprise-wide adoption and ROI achievement. Check out this guide to the five areas to consider in preparing for ABAC in your organization.

Danish Defence – A Secure Solution for Sharing Information Electronically

A joint project with Axway, Axiomatics and Sopra Steria, this case study outlines the Danish Defence project. A secure solution forexposing APIs to send and receive information between their secure network and e-Boks. The solution also had to enable Danish Defence to communicate with other trusted third-party vendors, automate their processes, and sharply reduce costs. Read this case study […]

The Evolution of RBAC Models to Next-Generation ABAC

The management and administration of roles to set permission for access control have become challenging enterprises of all sizes. In this whitepaper, you’ll learn why Role-Based Access Control is becoming unmanageable (called “role explosion”), and why this legacy access control mechanism must evolve. Enter attribute-based access control – ABAC. ABAC builds upon existing roles, and […]

Attribute Based Access Control for Manufacturing

Attribute Based Access Control for Manufacturing Manufacturers around the globe are faced with the growing risk of breaches – in many cases the attackers are after IP and sensitive customer data. Using an Attribute Based Access Control approach can help balance the need to protect these critical assets, while facilitating collaboration through the sharing of […]

How Top Banks Use an Attribute-Based Approach (ABAC) to Protect PII, Critical Assets, and Meet Regulations

Find out why Attribute Based Access Control is the solution for the world’s leading banks and financial institutions. As demands for better online services– from customers, staff and third parties – escalate, so too do the number and complexity of regulations. The list of requirements is many: FFIEC, FRB, FDIC, OCC, NCUA, CFPB, ACSSS to […]

Centralizing the Code – Separating Authorization Logic from Apps

For any business in the Fortune 1000 – such as health care, insurance, banking, pharmaceuticals and manufacturing – the need to shift beyond legacy role-based access control models becomes more immediate with every data breach. There’s one trend that’s crossing industries – separating hard-coded authorization logic from applications: externalizing authorization and using a policy-based approach […]