Enforcing Fine Grained Access Control Policies to Meet Legal Requirements
- LANGUAGE: English DATE: Thursday, April 28, 2016 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Attribute Based Access Control (ABAC) solutions provide an organization with the power to control access to protected resources via a set of policies. These policies express the increasingly complicated legal and business environments in which companies operate these days. However, due to the number of moving parts, it becomes harder to understand the effect a policy change might have in a complex policy set. These moving parts include the policies themselves, attribute values and the specific queries under consideration.
A new solution enables users to analyse the effect of a policy change and review access control decisions against ABAC policies, based on template-driven customizable questions/queries that are of interest to the organization. Customizable reports can be created to satisfy a wide variety of requirements from managers signing off access requests to audit/compliance personnel who needs to check the current state of access control to a specific system.
In this KuppingerCole webinar, you will hear about
- Providing the power to create and enforce fine grained access control policies
- A solution that makes the journey to ABAC as frictionless as possible
- A gap analysis tool that’s able to provide answers to complex access control questions
- Improving governance and reducing software development costs through authorisation
- How to centralise policy for disparate applications
- Governance improvements in authorisation service approach using access review management.
In the first part of the webinar, Graham Williamson, Senior Analyst at KuppingerCole, will explain the need for fine-grained authorisation with a recent use case from a State Health Department. He also answers the question how differing or limited access to hospital system can be assured and the modifications that will be necessary for legacy application to leverage an authorisation service.
In the second part of the webinar, Srijith Nair, Product Manager at Axiomatics, will introduce a new tool of the product suite, Axiomatics Review Manager, that aims to make ABAC as smooth as possible. It enables users to create access review reports, based on template-driven customizable questions/queries that are of interest to the organization.
As users, devices and application workloads move outside the corporate network, the traditional model of enforcing security at the network perimeter is no longer effective. A Zero Trust model offers an alternative that secures data while ensuring it is accessible to employees, regardless of where they are working. But the path to achieving Zero Trust is unclear for many organizations.