Future of Access Governance
Facebook Twitter LinkedIn

Future of Access Governance

Combined Session
Thursday, May 11, 2023 12:00—13:00
Location: B 07-08

Panel: Rethinking Cloud Access Management

We must secure our organization’s processes regardless of what tech they run on. Originally, security leaders had leverage. We controlled the horizontal. We controlled the vertical. And if people wanted to work, they needed to follow our rules to access corporate apps and services. But then came Cloud apps, and BYOD, and consumerization, pushing security beyond our outer limits. Security happens where psychology and technology intersect. The everyday decisions of employees increase or decrease an organization’s risk.

Employees don’t need us. And by employee, I mean more than end-users. This is a broader conversation; including software developers, IT engineers, DevOps practitioners, and more. To get people to opt in and follow secure practices, we turn to behavior science. IT security leaders must offer them a compelling experience. In this panel we will discuss how to carefully balance the need for security, compliance, and efficient resource management to ensure that your cloud environment is both secure and effective.

Matthias Bauer
Matthias Bauer
One Identity
Matthias Bauer is the Senior Manager of Product Development for Identity Manager and Senior architect for Identity Governance solutions. Prior to One Identity, Matthias was at Dell Security and...
Wolfgang Goerlich
Wolfgang Goerlich
J. Wolfgang Goerlich is an Advisory CISO for Cisco Secure. Prior to this role, he led IT and IT security in the healthcare and financial services verticals. Wolfgang has held VP positions at...
Morey J. Haber
Morey J. Haber
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four books: Cloud Attack Vectors, Privileged Attack Vectors, Asset...

Breaking the Status Quo: Achieving Mature Access Governance Within Days

Securing access to data and applications has become a cornerstone of any modern cybersecurity strategy.

User access governance projects however have a history of incurring multi-year roll-outs and requiring specialized personnel, making many companies shy away and bear excessive cyber risk.

For those companies, approaching user access governance as a data problem can provide the answer. This approach effectively trims down user access governance to its essentials: low-effort data collection, user-friendly risk analytics, access reviews and plugging into the existing ITSM processes. This data-driven approach has the potential to let companies achieve mature access governance in a matter of days, not months.

In this session, Elimity CEO Maarten will give an overview of the essentials of user access governance and will showcase how this approach is successfully applied in practice by industry leaders such as Securitas, the Belgian Railroads and Federale Assurances.

Dr. Maarten Decat
Dr. Maarten Decat
Maarten is Elimity's founder and CEO. Maarten is a highly-skilled Identity and Access Management professional with a history of working in, amongst others, the financial services industry and...

Graph-Based Access Control: What, Why and How ?

“Graph-Based Access Control'' (GBAC) is a generic term that refers to the use of graphs and networked data to solve Identity and Access Control problems. You may have seen this before through the disguise of acronyms such as ReBAC (relationship-based), KBAC (knowledge-based), PBAC (policy-based), NGAC (Next-Generation), FGA (fine-grained), and even some implementations of ABAC (attribute-based). All of these terms refer to techniques that use graphs to enforce access-control for any level of coarseness.

In this session you will learn why all the latest Dynamic Authorization offerings on the market use GBAC in a way or another, and how you can successfully adopt the technique yourself. Graphs are becoming ubiquitous - one can just look at the rise of the GraphQL API model to witness their popularity first-hand. Through concrete, real-life examples we will showcase the use of graphs to solve common access problems using the same modern and future-proof techniques that you see in the current authorization market.

As a result, storing all identity data in graphs truly unlocks its full potential. Graphs are data-science and analytics enablers, and have the potential to transform the IAM practice from a cost centre to a true revenue generator. We’ll explore how this can happen for you too…

Alexandre Babeanu
Alexandre Babeanu
Alex has been involved in Graphs and Graph databases for Identity and Access Management for almost 10 years. As a graph-certified and IAM-accredited consultant, he has implemented solutions for...


On-Demand Access
Re-live EIC 2023
Watch 200 sessions on-demand
Download all available presentations
Subscribe for updates
Please provide your email address