Event Recording

Patrick Parker - How to Manage Authorizations in Cloud Services: Getting a Grip on Both Microsoft Azure and Amazon AWS

Show description
Speaker
Patrick Parker
Founder and CEO
EmpowerID
Patrick Parker
Patrick Parker is the founder and CEO of EmpowerID, a company specializing in Identity and Access Management for over 20 years. He pioneered the unique use of Role and Attribute-Based Access Control within an Identity Orchestration framework to realize a modern and comprehensive vision of...
View profile
Top related content
Event Recording
EIC 2012 Keynote: Identity Management & Cloud Security - There’s a Workflow for That
May 01, 2012

Patrick Parker, Founder and CEO, The Dot Net Factory
April 17, 2012 19:10

Event Recording
Alex Simons - Identity Imperatives in the World of Cloud and Devices
May 09, 2017

The tectonic shift of enterprise IT to a world of cloud and devices is upon us. As enterprises around the world look to embrace the incredible opportunities and address the competitive pressures this tectonic shift creates, they are discovering that digital identity is the cornerstone technology of a successful modern IT estate. This tectonic shift brings a new set of identity design and architectural imperatives that legacy systems are poorly suited to address. Alex will discuss these trends, the new set of design and architectural imperatives they create and give examples of how these new approaches are already in use today.

Webinar Recording
Policy-Based Access Management – A Reliable Foundation for Your Next-Generation Unified IAM
Jun 07, 2018

As companies adopt numerous new technologies and establish new communications channels with their partners, suppliers or even customers, the amounts of sensitive information that’s stored across on-premises systems and cloud services are growing exponentially, and the task of managing secure access to this data by numerous third parties is quickly getting out of control. Hence, instead of managing access to individual systems with separate technology stacks, many companies are looking for more universal and future-proof alternatives, aiming for establishing granular, centrally-managed policies enforced across the whole corporate IT environment.

Webinar Recording
Enabling Cloud Governance
Apr 22, 2015
While many organisations have good governance over their on-premise identity and access management environment with authentication monitoring and attestation reporting this too often gets relegated to the “too-hard” basket when it comes time to migrating the Cloud services.
Webinar Recording
Managing Azure AD – Regardless of How You Use It
Dec 03, 2020

Microsoft Azure Active Directory (Azure AD) has gained widespread adoption. Coming with Microsoft Azure Cloud as well as Microsoft 365 (i.e. Office 365), it appears in many organizations just because of decisions made outside of the IAM team.

Webinar Recording
Multi-Cloud Permissions Management
Jul 27, 2022

Most businesses are adopting cloud services from multiple providers to remain flexible, agile, efficient, and competitive, but many do not have enterprise-wide control over and visibility of tens of thousands of cloud access permissions, exposing the enterprise to risk of security breaches.

Webinar Recording
Making the Cloud a Secure and Easy to Use Environment
Apr 07, 2017

Most of today’s organizations store even their sensitive data in the cloud. Moving workloads to the cloud results in improved flexibility, elasticity, and reduced time to market for organizations. Nevertheless, companies have to realize these benefits painlessly, while keeping sensitive data secure. Applying an on-premises security model for infrastructure and apps in the cloud can achieve this. When it comes to on-boarding thousands of business partners quickly, engaging with millions of customers easily, or simply providing a single sign-on experience to new Cloud applications, new approaches are also required.

Event Recording
Modern Authorization: The Next IAM Frontier
May 10, 2023

Identity and access have always been joined at the hip. In the age of LDAP, authenticated users were granted permissions based on group membership. But this mechanism hasn’t transferred into the federated identity landscape.

Instead, modern identity systems try to generalize permissions into scopes that are embedded into access tokens. But this doesn’t facilitate fine-grained authorization - a “read:document” scope doesn’t typically mean the user can access every document!

While identity has moved to the cloud, we still don’t have fine-grained, scalable mechanisms for generalizing authorization. So every application builds its own, and IT ends up administering every application differently.

Fixing this is arguably the most pressing challenge for the IAM industry. In this talk, we propose a set of principles, inspired by zero-trust and the latest work in cloud-native authorization, that should underlie the solutions we build:

  1. Support for fine-grained authorization (both ABAC and ReBAC), delivering on the principle of least privilege. Google’s Zanzibar provides an important blueprint.
  2. Managing authorization policy-as-code, enabling separation of duties and policy-based access management. Open Policy Agent is a good building block.
  3. Performing real-time access checks for continuous verification. This function should be downstream from authentication.
  4. Collecting fine-grained decision logs, providing the underpinning for comprehensive offline auditing and access analysis.
Webinar Recording
Cloud IAM – Get the Full Picture to Make a Real Win out of a Quick Win!
Dec 14, 2016

Cloud IAM (Identity and Access Management) is on the rise, and it is more than just Single Sign-On. Managing user journeys, directory functionality, access control, and governance is mandatory. Identity and access governance is a key topic in most organizations and, just as with identity provisioning, it does not become obsolete when making the shift to Cloud IAM.