KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
PlainID, the Authorization Company, simplifies the complexity businesses face when securely connecting identities to digital assets. Powered by PBAC, PlainID provides a SaaS-based, centralized policy management platform with decentralized enforcement to manage who can access what across the enterprise technology stack; including applications, data, API, microservices and more.
Join security experts from KuppingerCole Analysts and PlainID as they discuss identity management in the digital era, the limitations of ABAC and RBAC, and the benefits of policy-based access control (PBAC)
Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, will talk about the latent potential for using PBAC for legacy use cases, modern authentication, and fraud prevention, and building modern digital services. He will also look at why organizations need to create a unified strategy and approach on PBAC across all areas.
Gal Helemski, PlainID co-founder and CPO, will explain how to navigate the path to modernized authorization and how to kickstart your PBAC program from initial assessment to implementation. She will be joined by Allan Foster, a long time expert and leader in Identity.
Now is the time to implement the Zero Trust security model because the traditional model of enforcing security at the network perimeter is no longer effective with users, devices and workloads moving outside the corporate network, but success depends on understanding the essential components of a Zero Trust Architecture.
In the digital age, collaboration is becoming more dynamic and integrated than ever before. External partners often require specific information, and therefore need access to internal systems. Providing efficient processes to manage partners is key to building a strong partner network.
The evolution of cybersecurity protection demands a more nuanced response to providing access to a company’s sensitive resources. Policy-based access control (PBAC) combines identity attributes and context variables to enable sophisticated granting of access to corporate systems and protected resources based on centrally managed policies that ensure consistent access control decisions across the enterprise. Advancement in both business requirements and technology (such as growing use of micro-services), require a better way to control access. In a way that is consistent across all silos, dynamic enough to react to change in risk, and provides better control for the application business owners.
PBAC facilitates the application of consistent policy across all applications that use the PBAC authorization service. Furthermore, policies are evaluated in real-time against current attributes rather than having to wait for a nightly update of identity attributes before access control policy is correctly applied. PBAC also facilitates a risk management approach to access decisions. If access outside business hours represents a greater risk the authorization service could prompt for an additional authentication factor before access is granted.
Mastering authorization is critical for modern organizations with multiple user constituencies, applications, and data types. Authorization has become a crucial part of security infrastructures and can no longer be considered just another feature of existing IAM solutions. Instead, authorization control infrastructures have developed their own segment in the security market. There is a need for more than just one technology to meet different needs of the market, especially in the areas of administration and governance - both dictate the need for an authorization solution. Furthermore, customers face challenges in several areas – the main one is having no insight into what data and functionalities users are able to access. And while there is a constant need for businesses to continuously modify, extend, and modernize their processes and business models, there is a lack of adequate and agile data access control and management functionality.
RBAC (Role Based Access Control) has proven handy for adding manageability and assurance to coarse- or medium-grained authorization but break down in the face of dynamic environments or complex access policies. Attribute-based access control (ABAC) has gained adherents but is in fact just another piece of the puzzle. Policy-based Access Control (PBAC) is an emerging model that seeks to help enterprises address the need to implement actionable access control schemes based on corporate policy and governance requirements. In general, PBAC can be considered the harmonization and standardization of the ABAC and RBAC models at an enterprise level in support of specific governance objectives.