Access Governance

Enterprise hiring in the time of Covid is putting greater emphasis on supporting remote on boarding of new employees. This creates new challenges for the IAM team as it is no longer self evident that new contractors and employees to show up at a physical helpdesk, provide ID and pick up their new accounts. How do you organize the remote onboarding and are there technologies and approaches that are used in digital customer onboarding and KYC processes that can be leveraged to also handle employee onboarding?

Another important aspect is that remote working has become the norm and securing the remote connections is critical. A big part of that effort is to implement MFA at scale but in this situation how do you handle the roll out of the MFA when the users are not present in the office?

How do you support remote onboarding at scale?
How do you roll out MFA to a 100 000 people organisation?
What is the future for remote onboarding of contractors and employees?

We will look at OAuth protocol and its misusage for authorization purposes. What is the difference between client and user authorization and at which stage should each happen? We will revise what Identity is at its core and what should or should not be part of it. And what about Group Membership – a ‘domain-driven’ advise how to triage roles between Identity and Authorization. All these best practices are backed by real-life experience.

- OAuth and its misusage as an authorization protocol
- Essence of Identity
- Difference between client authorization and user authorization in the context of OAuth
- Group Membership – where do roles belong?
- Theory backed by practice