Field report from a compliance-driven implementing of a full-blown IGA system at a German finance corporation.
Identity & Access Management is a key requirement from banning regulations.
At Creditplus, a new IAM solution was implemented recently. Drivers for IAM as well as the overall design of the new solutions are presented in this talk.
IGA vendors often point to ABAC vendors when asked how authorization should actually be enforced and ABAC vendors point in the direction of IGA vendors when asked where all that context information is coming from. The talk will shed some light on how the grey area between IGA and cloud native authorization systems like Styra DAS / Open Policy Agent can be bridged. The focus will be on inhouse applications not on commercial off the shelf software as bolting a foreign authorization system onto existing software brings little benefit. We will share where different concerns like auditability, scalability and user experience for engineers and end users can be solved.
Zalando has 4000+ inhouse applications and 280+ engineering teams so we will also talk about organizational scalability by using 100% automation and self service.
