Name: Policy-Based Access Control | What it is and why you can’t modernize without it
Start: 2023-07-26T16:00:00Z
End: 2023-07-26T16:00:53.000Z
Location: BrightTALK
Rating: 4.8

PlainID is the world's leading provider of enterprise Authorization, helping enterprises address the complex challenges of Identity Security. The PlainID Platform allows you to discover, manage, and authorize access control policies for enterprise applications and data. Our solution is architected to protect against identity-centric security threats powered by Policy-Based Access Control (PBAC).

Join Mickey Martin, VP of Sales Engineering, and Nick Hunt, Founder, Chief Identity Officer, HATSec, as they discuss what it means to adopt Policy Based Access Control, and how this changes how identity teams attest compliance to audit. In the world of Identity Audits, we are used to looking at reports of which users are granted membership into roles, groups, and entitlements and making assumptions about access based on company knowledge. Centralized Management of authorization policies takes out the guesswork of how authorization is decided based on identities controlled in IGA and context of access being requested.

Talking Points & Key Takeaways:
- What does it mean to Centralize Authorization in your ecosystem?
- How does Dynamic Authorization reduce risk and minimize exposure due to standing privilege?
- How does this affect periodic attestations and compliance to support identity audits?
- Discuss the importance of looking at both sides of the Identity-Centric Security Coin - Identity attributes, roles, groups, entitlements and how Authorizations allows or denies user actions based on these identities.
- How do we design an Identity program that tightens security vs checks the boxes? We tend to build systems that answer to the audit vs. answer to attack.

Audit What’s Not There - Shifting Mindset and Compliance in a Dynamic / Policy Driven Environment

Join Mickey Martin, VP of Sales Engineering, as he dives into a PlainID customer’s Authorization Journey, including a multistage experience that aimed at establishing a centralized, fine-grained, scalable, and modernized identity & authorization framework.

Talking Points & Key Takeaways:

- How the customer understood the technology gap, and how traditional RBAC solutions did not adequately manage access to data for complex, distributed applications.

- How PBAC (Policy Based Access Control) addresses and solves the gap by providing a cutting-edge approach to authorization, offering a hybrid of Role Based Access Control (RBAC) and Attribute Based Access Control’s (ABAC) strongest features.

- Discuss the vendor selection criteria for PBAC and why PlainID has more breadth and offers a one-stop solution for most application/data PBAC requirements. 

- Understand the pathway to a successful implementation of Policy Based Access Control (PBAC).

Customer’s AuthZ Journey: Global 100 Firm Externalized Access Control Policies to Optimize Data Access Compliance w/PBAC

A poor access control and authorization strategy not only exposes valuable data to adversarial activity, but also limits data sharing, collaboration and business agility. Homegrown and legacy authorization technologies have become outdated  - unable to be extended and support contemporary use cases focused on sharing, security, and usability. A more identity-centric approach to authorization can securely protect a broader array of assets, and engage the right stakeholders to create human-readable and adaptive access control policy that improves security, reduces risk, and supports business change.

This webinar will discuss the rise of this identity-centric approach, the core requirements focused on centralized policy management, a broad array of integration options, and a discussion on migration approaches to this new landscape.

Migrating to an Identity Centric Authorization Strategy

For decades, people have been challenged by modernizing legacy authorization approaches & meeting the demands of Security & User Experience. Times have changed.

Allow PlainID to take you through three case studies to show how firms are modernizing and optimizing their business through authorization. 

Join Gal Helemski, CPO & Co-founder, PlainID, and Mickey Martin, VP of Sales Engineering, PlainID as they discuss the value and power of central policy management, distributed enforcement, and how PBAC helps address identity-centric security challenges.

Making the Complex Simple:  Authorization for the Modern Enterprise

Traditionally, Authorization has been coded into every application. With the move to lightweight digital services, however, this becomes unwieldy and impractical. Businesses need to move fast to provide customer-driven, unattended transactions and responsive customer experiences.

Enterprises have continued to tackle Authorization with homegrown solutions, yet industry analysts have been validating the need for externalized Authorization for the last several years.

Join Mickey Martin, VP of Sales Engineering, PlainID, and  Hub City Media’s CTO & Co-founder, Steve Giovannetti to talk about how homegrown and legacy authorization solutions do not align to modern business standards, driving the demand for an Enterprise Authorization solution.

Modernize your Enterprise with Authorization

The increasing intricacies and granularity of data access call for a proactive security approach across all enterprise architecture layers.

Learn how PlainID helps firms modernize their approach to Authorization while increasing identity-centric security and protecting data access.

Join Mickey Martin, Director of Product Outreach, as he discusses the challenges facing enterprises today in preventing identity related security risks, addressing advanced data access challenges including compliance & regulatory requirements.


Key Takeaways: 

Addressing Data Access with Policy Based Access Control:  How & why PBAC can help support data privacy, data compliance, and data regulation.

Central Policy Management & Distributed Enforcement:  Learn how standardization of authorization policy management & enforcement reduces both security risk and operational cost.

The Future of Data Access Control: Discuss market trends, insights and how PlainID is planning to address the challenges of Identity & Data Security.

Sample Architecture: A real world reference architecture on leveraging PBAC, and securing access to mission critical data.

PlainID Addresses Data Access with Snowflake

The increasing intricacies and granularity of data access call for a proactive security approach across all enterprise architecture layers.

Learn how PlainID helps firms modernize their approach to Authorization while increasing identity-centric security and protecting data access.

Join Mickey Martin, Director of Product Outreach, & Tom Ammirati Chief Revenue Officer  PlainID, as they discuss the challenges facing enterprises today in preventing identity related security risks, addressing advanced data access challenges including compliance & regulatory requirements.


Key Takeaways: 

Policy Based Access Control:  How & why PBAC can help increase your identity-centric security level, address common access control patterns & modernize your authorization engine.

Central Policy Management & Distributed Enforcement:  Learn how standardization of authorization policy management & enforcement reduces both security risk and operational cost.

The Identity Attack Surface & Future of Access Control: Discuss market trends, insights, and how PlainID is planning to address the challenges of Identity Security.

Customer case study: Will discuss a real-world customer’s journey of externalizing authorization policies, leveraging PBAC, and securing access to mission-critical applications.

How Dynamic Authorization Secures Identities & Protects Data Access

The increasing intricacies and granularity of network access call for a proactive security approach that grants visibility across the enterprise. Learn how PlainID helps modernize businesses' approach to authorization to bridge security gaps and better protect mission-critical data and the applications that rely on it. 

Join Mickey Martin, Director of Product Outreach, PlainID, as he discusses the challenges facing enterprises today in securing connections to endpoints and applications while keeping in alignment with identity security posture and security best practices.

Key Takeaways: 

- Customer case study on how an organization is incorporating Policy Based Access Control to address their data security and user experience objectives in their Segmented SASE environment.

- Streamline Access to Endpoints - Centralize and automate policy management to reduce manual efforts required to enforce policies across the network.

 - Minimize Security Gaps - Ensure policies are consistently applied across the enterprise with a Policy-based Access Control (PBAC) framework. 

- Gain Visibility and Monitoring - Track access policies from a single dashboard that provides reporting and alerting to inform administrators on policy changes. 

- Adapt to Evolving Requirements - Facilitate quick updates and adjustments to keep up with evolving business needs, security threats, or regulatory changes for compliance.

PlainID Brings Identity Security Posture Management to SASE with Zscaler

The increasing intricacies and granularity of data access call for a proactive security approach across all enterprise architecture layers. Learn how PlainID helps modernize businesses' approach to Authorization to bridge security gaps and better protect mission-critical data and the applications that rely on it. Join Mickey Martin, Director of Product Outreach, PlainID, as he discusses the challenges facing enterprises today in securing data access, specifically in large SaaS applications, and how they are leveraging Policy Based Access control.

Key Takeaways: 

- Customer case study on how an organization is incorporating Policy Based Access Control to address their data security and user experience objectives in their Power BI environment.

- Streamline Access to Data - Centralize and automate policy management to reduce manual efforts required to enforce policies across BI tools and the data ecosystem.

- Minimize Security Gaps - Ensure policies are consistently applied across the enterprise with a Policy-based Access Control (PBAC) framework.

- Gain Visibility and Monitoring - Track access policies from a single dashboard that provides reporting and alerting to inform administrators on policy changes. 

- Adapt to Evolving Requirements - Facilitate quick updates and adjustments to keep up with evolving business needs, security threats, or regulatory changes for compliance

How PlainID Optimizes Security, Access, and Data Compliance for Power BI

We live in the era of identity-centric security. Organizations need Visibility, Policy Management, and Authorization to secure the user journey. Please join Gal Helemski, PlainID Co-Founder & CTO / CPO & Mickey Martin, PlainID Director of Product Outreach as they discuss the importance of Identity Security Posture Management (ISPM).

Further, Learn How:
- The Identity and Access (IAM) market is transitioning to the Identity Security market in response to the rise in identity-driven cyber attacks.
- Identity security posture management (ISPM) is a growing market category, driven by cloud adoption.
- ISPM is about discovery, policy management, and authorization of identities and its access.
- PlainID already owns leadership positions in policy management and authorization.

What is Identity Security Posture Management (ISPM), and Why Should Orgs Care?

The importance of building an identity-centric security framework to address identity security threats, data compliance and optimize the user journey. Learn how PlainID’s ISPM platform can help your firm address one of the most vulnerable attack surfaces today. Please join Gal Helemski, PlainID Co-Founder & CTO / CPO & Tom Ammirati, PlainID CRO as they discuss how firms can enhance their identity security posture.

Key Highlights:
- Review why addressing Identity Security and ISPM have become a “must have” for Cyber Security & IAM professionals.

- Know Your Identity’s Entitlements (KYI), learn how PlainID’s Identity Insights module can provide real time visibility into the digital journeys of your identities from authentication through authorization and ultimately to accessing data across your enterprise.

- Discuss the security and operational benefits of a consistent and centralized approach to managing authorization policies for SaaS applications such as Power BI, Snowflake, & Zscaler via PlainID’s SaaS Authorization Management module.

- Review the benefits of Policy Based Access Control and how PlainID’s Dynamic Authorization Service can help firms modernize authorization while balancing the demands of their business without compromising security, data compliance, or user experience.

The Era of Identity Centric Security & How to Mitigate Identity Related Breaches

Redefining Identity and Data Security

In today's digital landscape, data security, and privacy have become paramount concerns for organizations across industries. Effective management of data access is essential to safeguard sensitive information and maintain compliance with regulations. Join Wissam Ali-Ahmad, Technical Architect, BigID & Mickey Martin, Director of Product Outreach, PlainID, and understand how PlainID and BigID together strengthen data protection, and redefine identity and data security.

Key Highlights:
- Understanding Identity Security Posture Management: We will demystify the concept of authorization, shedding light on its distinction from authentication and its multifaceted implications for identity-aware security.
- The importance of Data Security Posture Management: How having knowledge and control of your data comprehensively addresses data security, compliance, privacy & governance.
- How ISPM + DSPM drives value: Understand how an ISPM + DSPM framework contributes to regulatory compliance, including GDPR, HIPAA, and more, and how non-compliance can result in severe penalties and negative business consequences.
- Real-world Applications: Explore real-world case studies that highlight the significance of effective ISPM & DSPM in preventing data breaches, insider threats, and unauthorized access incidents.
- Future Trends: Get a glimpse into the future of identity and data-centric security, its impact on holistic security posture management, and how it can impact security and business outcomes.

Join us to explore how PlainID + BigID can help your organization prevent identity-related security events and ensure appropriate data access and compliance.

PlainID and BigID Integrate for a Modern, Resilient Data Protection Framework

In an era where cyber threats are continually evolving and data privacy regulations are becoming more stringent, understanding the dynamics of modern authorization (AuthZ) is pivotal for organizations striving to fortify their security measures and achieve data compliance.

Key Highlights:
- Reinforce Risk Management Strategy: Discover how to proactively manage security and access with risk-based authorization. Be ready for Zero Trust initiatives by embracing the “never trust, always verify” Zero Trust Paradigm.
- Navigating Data Compliance Regulations through Modern AuthZ: Amidst the tightening grip of data privacy regulations, explore how strong authorization plays a crucial role in safeguarding sensitive data - and ensures compliance with ever-changing mandates, improving shared responsibility and accountability.
- Leveraging the Benefits of Centralized AuthZ Policy Management: Understand the value of externalizing and centralizing policy management and how it provides visibility, manageability, and control to support risk mitigation and protect against identity-related breaches. 

Join Dr. Edward Amoroso, CEO, of TAG Cyber with Gal Helemski, CPO and Co-Founder, of PlainID to delve into the multifaceted landscape of modern authorization and its profound impact on cyber security and data compliance.

What is Modern Authorization and Its Role in Cyber Security & Data Compliance

Join Martin Glowik, Security Managing Director, Accenture & Mickey Martin, Director of Global Outreach, PlainID, and explore how authorization is a core component in solving zero trust. They will discuss how a modern authorization architecture furthers success in zero trust strategies. 

Topics to Discuss:

- Core Principles of Zero Trust & Trends 
   * Zero Trust is a philosophy & a technical framework is required to mitigate risk
  * Never Trust / Always Verify
- Importance of Authorization in a Zero Trust Framework
  * Where and why does authorization fit?
  * Increase Security resiliency post AuthN & Network Access Control
- Zero Trust and compliance with Data Regulations 
  * The role of Authorization & a Zero Trust framework in supporting data privacy 
 efforts   
- Importance of Visibility, Manageability & Enforcement of Access Control
  * Visibility and analytics are vital to a Zero Trust framework

Why Authorization is Key in Achieving Your Zero Trust Journey

For years organizations either relied on course-grained access controls or attempted to implement complex and unmanageable controls for access to specific data. When organizations attempt to control data level access using roles, the result is role explosion.  Attribute-based access helped control access to specific data values but even then access was siloed and segregated into its respective data stores.

Using modern, policy-based authorization, organizations now can more easily control access to specific data and infrastructure components and put security controls in place that prevent detrimental actions (intentionally or unintentionally).  
Learn how leading-edge organizations have deployed identity-centric access throughout the infrastructure stack using fine-grained authorization.  This includes access to microservices, APIs, and other infrastructure that typically relies on generic system accounts.  Apply policies to enable control over this access based on the individual or process that initiated the transaction (i.e., last-mile security).

By attending the webinar you will:
- Have a better understanding of Policy-based Access Control (PBAC) and identity-centric access
-  Learn how to apply PBAC to control access to specific data and infrastructure components
-  See how leading-edge organizations have taken advantage of PBAC
-  See a demo of an exciting sensitive data use case
- Understand how to move your organization to the next level of access control

Finally, a Solution to Control Access!

In the era of the digital economy, organizations grapple with complex cross-border data regulations. Efficient access control, powered by modern authorization, has emerged as a critical component in ensuring data compliance, privacy, and risk management.

Join us and explore the role of authorization in navigating enterprise access control and cross-border regulatory challenges. Learn how centralized management of policies and distributed enforcement simplifies managing identities' access within regional norms, offering a targeted response to evolving data laws and advanced cyber threats.

We will discuss how a modern authorization platform helps promote efficient management of access control, improve business agility, and bolster enterprise security through granular, policy-based controls.

Key takeaways include:
- Understanding the complexity of cross-border data regulations and the drivers behind it
- Deep dive into how authorization is foundational in any security strategy for compliance and risk mitigation
- Learning how modern authorization platforms simplify, and centralize management of access policies 
- The business case for policy-based, granular approach to data access and control

How Authorization Enables Data Compliance, Privacy, & Cross-Border Access

Struggling to effectively demonstrate the impact of authorization policy changes to your customers or showcase the value of Policy Based Access Control? Without the ability to effectively communicate the impact of these changes, you may face difficulties in engaging your customers and convincing them of the value and necessity of implementing new authorization policies. But worry no more!

Unlock the potential of the PlainID Policy Simulator in enhancing your customer interactions! Join PlainID's Paul Volosen, PlainID Sales Engineering, to learn how the PlainID Policy Simulator can enhance your customer interactions and help you better illustrate customer’s use cases.

During the session, we will dive into the key best practices to maximize the value of the PlainID Policy Simulator in your next customer engagements. The topics we will cover include:

- Basic demo flow using the simulator: Gain insights into how to seamlessly navigate and utilize the PlainID Policy Simulator. Discover its intuitive features and uncover the potential it holds for showcasing the relevance of your solutions.

- How to use the simulator to create an “Aha!” moment with your customers: Learn powerful techniques to captivate and impress your customers. Explore strategies that will leave them astounded by the effectiveness and practicality of your offerings.

Don't miss out on this opportunity to transform your customer interactions and demonstrate the true value of authorization policy changes.

Enhancing Customer Engagement: PlainID Policy Simulator Best Practices

Join PlainID’s Lani Leuthvilay, Head of Product Marketing, and Mickey Martin, Director of Product Outreach in Episode 4, Talking AuthZ with PlainID about Policy-Based Access Control.  Together they will explain the fundamentals of Policy-based Access Control (PBAC) and its significance in modern security frameworks.  

During this session, dive into the core principles of PBAC, including:
- What is Policy-Based Access Control
- Why is Policy-Based Access Control Crucial to the Modern Business
- How PBAC overcomes the management and scalability challenges of RBAC and ABAC 

By attending this webinar, you will gain a clear understanding of how PBAC differs from traditional access control models and learn how to use effective policies to protect sensitive data and ensure regulatory compliance. Whether you are an IT professional, an IAM expert, a security architect, or a decision-maker responsible for safeguarding critical information assets, this webinar will provide you with practical insights and best practices to enhance your organization's access control strategy.

Policy-Based Access Control | What it is and why you can’t modernize without it

Authorization

PBAC

Policy Based Access Control

Zero Trust

Authentication

Access Control

Data Privacy

Data Compliance

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Policy-Based Access Control | What it is and why you can’t modernize without it

Presented by

About this talk

More from this channel