Authorization as a Business Need
Facebook Twitter LinkedIn

Authorization as a Business Need

Combined Session
Wednesday, May 15, 2019 14:30—15:30
Location: ALPSEE

Panel: The Changing Landscape of Policy-driven Authorization: A Discussion of NextGen Use Cases

Authorization has become a critical component of the Identity & Access Management landscape. Where identity lays the foundation, dynamic authorization helps ensure the right access at the right time to the right resources, ensuring secure collaboration between the IAM teams and the business. With the rapid change in business models and technology trends, it is imperative that authorization services keep pace to meet evolving requirements. This panel of experts should provide a lively discussion about the changing landscape of authorization systems.

Key takeaways:

Gerry Gebel
Gerry Gebel
Axiomatics
Gerry is responsible for sales, marketing and business development for the Americas region. In addition, he contributes to product strategy and manages Axiomatics’ global partner relations....
Gal Helemski
Gal Helemski
PlainID
Gal is a recognized specialist in cyber security with specific focus on identity and access management. In the past 16 years she has defined solutions to customers, wrote the project specs,...
Eve Maler
Eve Maler
ForgeRock
Eve Maler (@xmlgrrl) is VP of Innovation & Emerging Technology in ForgeRock's Office of the CTO. She is a renowned strategist, innovator, and communicator on digital identity, security,...
Patrick Parker
Patrick Parker
EmpowerID
Patrick Parker is the founder and CEO of EmpowerID, a company specializing in Identity and Access Management for over 20 years. He pioneered the unique use of Role and Attribute-Based Access...

Implementation of Role-Based Access Control in a Mid-sized Financial Institution

Managing accesses represents an incredible organizational challenge. The usual way is to grant rights on a case by case basis, complicating the task of security administrators, often by copying rights that similar employees currently have or had in the past. Over time, risk is that employees accumulate undue privileges or that accounts are forgotten and not deactivated, leading to a higher insider risk or account hijacking by external attackers. The risk is even higher with IT employees who obviously have extended privileges. The process of creation is often slow, leading to disgruntled managers and employees, whereas the removal process is unsound. Setting up RBAC can drastically reduce these risks and increase employees’ productivity. Discover through this case study the best practices in implementing RBAC and what were the lessons learned.

Key Takeaways:

1) Get an example of a practical implementation of RBAC 
2) Understand what to focus on when implementing RBAC 
3) Get a sense of the required process 
4) Understand how to get buy-in for such a project

Implementation of Role-Based Access Control in a Mid-sized Financial Institution
Presentation deck
Implementation of Role-Based Access Control in a Mid-sized Financial Institution
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Dimitri Chichlo
Dimitri Chichlo
UBP
Dimitri Chichlo holds an Executive MBA from INSEAD. He currently works for Union Bancaire Privée in Geneva as Senior IT Security Advisor. He was formerly VP Information Security & BCM at...

Why Prevention No Longer Works? A New Approach Using AI for Identity Management

Raghu Dev
Raghu Dev
BNY Mellon
Raghu Dev is currently leads Identity and Access Management as the Global Managing Director at Bank of New York Mellon. Prior to his current role he was the Identity and Access Management Strategy...
Subscribe for updates
Please provide your email address