Webinar Recording

The 3 Pillars of Access Control Optimization: IAM, GRC and User Monitoring

Posted on Dec 10, 2020 by Martin Kuppinger

Identity & Access Management (IAM) tools are used to automate processes of user lifecycle management and control user access permissions from a single point. We can improve these processes by using conditions and policies, and eventually implementing rule-based access controls (RBAC) and policy-based access controls (PBAC). However, allocating these authorizations might expose the organization to risk if compliance is not taken into account. It is imperative to combine IAM and governance, risk management, and compliance (GRC) in order to verify that access is granted correctly, without violating any policy.

Show description

Webinar presentation, KuppingerCole

Webinar presentation, Xpandion

Speakers

Principal Analyst
KuppingerCole

Martin Kuppinger

Martin Kuppinger is Founder and Principal Analyst at KuppingerCole, a leading analyst company for identity focused information security, both in classical and in cloud environments. Prior to KuppingerCole, Martin wrote more than 50 IT-related books and is known as a widely-read columnist...

View profile

CEO
Xpandion

Moshe Panzer

Moshe Panzer has over 20 years’ experience as a recognized SAP expert. Mr. Panzer has worked as a senior SAP consultant, project advisor and project leader for large private corporations worldwide and as development, conversions and interface manager for the Israel Ministry of Finance. Mr....

View profile

Lead Sponsor

Playlist

KuppingerCole Webinars

Webinar Recording

Protecting the Business From Software Supply Chain Threats

Recent events such as the SolarWinds and Kaseya compromises by malicious actors have demonstrated the need to focus significantly more on software supply chain security. According to a report from ENISA, supply chain attacks are increasing, with 66% of attacks focusing on source code and 62% exploiting customer trust in suppliers. This is a risk organizations can’t afford to ignore.

Watch

Webinar Recording

Security and Compliance Benefits of Endpoint Privilege Management

As IT applications and endpoints proliferate, and enterprises shift to hybrid IT and hybrid working models, managing end user privileges is becoming very challenging, resulting in breaches, fraud, and undetected risky behavior. Enterprises need a way of governing end users wherever they are working and protecting a growing number of endpoints.

Watch

Webinar Recording

The Changing Scope of the NIS 2 EU Directive

The NIS Directive aimed at achieving a common standard of network and information security across all EU Member States, with a focus on operators of essential services, is scheduled for an update. Suppliers of utilities, healthcare, transport, communications, and other services need to know what changes are coming and what they need to do to comply.

Watch

Webinar Recording

Protecting Web Applications Amid Severe Staff Shortages

Organizations are more dependent than ever on web applications for doing business with partners and customers, which means that protecting web applications has become business critical. But many companies are facing severe skills shortages exacerbated by the “Great Resignation”, and web application security is particularly hard hit. Automation is key to overcoming this challenge.

Watch

Webinar Recording

Making Passwordless Authentication a Reality: The Hitchhiker’s Guide

In this webinar, Bojan Simic, founder and CEO at HYPR, and Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, will share their insights and experience on what to consider when moving towards passwordless authentication, and making this a reality.

Watch

Webinar Recording

Effective IAM in the World of Modern Business IT

Digital Transformation promises lower costs, and increased speed and efficiency. But it also leads to a mix of on-prem and cloud-based IT infrastructure, and a proliferation of identities that need to be managed in a complex environment. Organizations adopting a Zero Trust approach to security must find a way to overcome these challenges.

Watch

Webinar Recording

Mehr Widerstandsfähigkeit Gegen Cyberangriffe: Das Automatisierte SOC

Cybersicherheit ist zu einer zentralen Herausforderung für jedes Unternehmen geworden. Die Widerstandsfähigkeit, also die Cyber Resilience, ist inzwischen elementar für die Überlebensfähigkeit von Unternehmen. Die automatisierte Analyse und Reaktion von sicherheitsrelevanten Informationen und Ereignissen wird dabei von sogenannten SOAR-Lösungen (Security Operations and Automated Response) unterstützt, die nicht nur Informationen vergleichen und analysieren, sondern direkt „operational“ machen und automatisierte Reaktionen und nachgelagerte Prozesse wie die Incident Response anstoßen können.

Watch

Webinar Recording

A DevSecOps Maturity Model for Secrets Management

Recent high-profile software supply chain attacks have highlighted the importance of security in the DevOps environment. But this can be challenging because DevOps teams are at the forefront of digital transformation and use agile techniques to deliver applications quickly, often not following traditional paths of identity management.

Watch

Webinar Recording

Why Architects Should Rethink Authorizations

In the digital era, organizations are increasingly interacting online with contractors, partners, and customers. Traditional role-based authorization frameworks are not designed to provide these external identities with the right access to resources, services, and apps. A new approach is required.

Watch

Webinar Recording

Making Zero Trust a Reality: Basing Decisions on Valid Identity Data

Cloud computing and mobile workforces have resulted in an expanding attack surface and a complex web of identify information. This means that traditional perimeter-based security models are no longer effective. A Zero Trust model of strict access control for every user and device enables businesses to be connected and secure, but an effective identity-focused approach is essential.

Watch