The 3 Pillars of Access Control Optimization: IAM, GRC and User Monitoring
- LANGUAGE: English DATE: Wednesday, December 09, 2020 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
Identity & Access Management (IAM) tools are used to automate processes of user lifecycle management and control user access permissions from a single point. We can improve these processes by using conditions and policies, and eventually implementing rule-based access controls (RBAC) and policy-based access controls (PBAC). However, allocating these authorizations might expose the organization to risk if compliance is not taken into account. It is imperative to combine IAM and governance, risk management, and compliance (GRC) in order to verify that access is granted correctly, without violating any policy.
Optimizing access is essential to keeping authorizations to an absolute minimum and free of any policy violations. This can only be done by adding a layer of access usage analysis to ensure that we don’t further complicate an already complex authorization structure. Over the past few years, we have seen the benefits of automating processes for granting authorizations in accordance with compliance requirements, together with automatic removal of unused authorizations and un-required authorizations.
Join this webinar to learn more about:
- IAM, GRC and access usage monitoring and the main purpose of each
- How to add functionality to existing product(s)
- Best practices and the most effective use cases for combining IAM, GRC and usage monitoring
- The advantages of using a united platform like ProfileTailor Dynamics
Martin Kuppinger, Principal Analyst at KuppingerCole, will explain why IAM, GRC and user monitoring need to be combined for a modern approach in access control.
He will be joined by Moshe Panzer, CEO at Xpandion, who will present advantages, disadvantages and best practices from using one united platform.
Xpandion is the leading provider of ERP usage inspection solutions, delivering unprecedented real-time visibility into management systems, significantly improving security, optimizing licensing usage and enabling GRC/SOX compliance. Available in cloud or on-premises, Xpandion’s ProfileTailor™ Dynamics suite is implemented rapidly and does not require any changes to monitored systems.
As users, devices and application workloads move outside the corporate network, the traditional model of enforcing security at the network perimeter is no longer effective. A Zero Trust model offers an alternative that secures data while ensuring it is accessible to employees, regardless of where they are working. But the path to achieving Zero Trust is unclear for many organizations.