Audit What’s Not There: Shifting Mindset and Compliance in a Dynamic Policy Driven Environment

Logo
Presented by

Mickey Martin, VP of Sales Engineering, and Nick Hunt, Founder, Chief Identity Officer, HATSec

About this talk

Join Mickey Martin, VP of Sales Engineering, and Nick Hunt, Founder, Chief Identity Officer, HATSec, as they discuss what it means to adopt Policy Based Access Control, and how this changes how identity teams attest compliance to audit. In the world of Identity Audits, we are used to looking at reports of which users are granted membership into roles, groups, and entitlements and making assumptions about access based on company knowledge. Centralized Management of authorization policies takes out the guesswork of how authorization is decided based on identities controlled in IGA and context of access being requested. Talking Points & Key Takeaways: - What does it mean to Centralize Authorization in your ecosystem? - How does Dynamic Authorization reduce risk and minimize exposure due to standing privilege? - How does this affect periodic attestations and compliance to support identity audits? - Discuss the importance of looking at both sides of the Identity-Centric Security Coin - Identity attributes, roles, groups, entitlements and how Authorizations allows or denies user actions based on these identities. - How do we design an Identity program that tightens security vs checks the boxes? We tend to build systems that answer to the audit vs. answer to attack.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (54)
Subscribers (3851)
PlainID is the world's leading provider of enterprise Authorization, helping enterprises address the complex challenges of Identity Security. The PlainID Platform allows you to discover, manage, and authorize access control policies for enterprise applications and data. Our solution is architected to protect against identity-centric security threats powered by Policy-Based Access Control (PBAC).