A Problem Called Privilege
Something feels broken with Privileged Access Management, I don’t mean a product we need to fix or create but I think our fundamental approach to PAM is wrong. It certainly feels to me that we’re now trying to fit a square peg in a round hole and I’d like us to openly discuss this more so that we can create safer environments.
PAM 101
Privileged Access Management (PAM) simply means controlling who or what is allowed to access infrastructure, applications and workloads (in fact, anything), for how long and what level of access they or it has in order to reduce risk. There are 50 others ways of saying the same thing, but that’s really what it boils down to.
Exciting New Partnership With Keeper Security
We’re thrilled to announce a new partnership between dotnext Europe and Keeper Security! As two leaders in cybersecurity solutions, we’re joining forces to enhance digital security and empower innovation like never before.
The Fundamentals of IAM Automation
Automation is not often considered to be a fundamental part of an IAM solution, but by removing manual processes in the JML and Access Requests there are several important benefits.
Security is improved as it ensures greater accuracy and can alleviate human errors. User experience is improved as users are not waiting around for their access. Both have cost benefits by reducing the number of IT technicians and downtime for a user.
The Fundamentals of IAM Authorisation
Authorisation should be considered a separate and distinct set of functionalities compared to authentication. Modern platforms blur the two together, but just because a user is authentic it doesn’t mean they should have access to everything.
Fundamentals of IAM Auditing
Auditing should not be viewed as a necessary evil to satisfy compliance or invoke memories of nervous discomfort waiting for the teacher’s mark. People with higher privileges may feel unduly scrutinised by having their sessions captured, these sessions can help in training and diagnostics work.
The fundamentals of an IAM Architecture
Architecture may not be considered a fundamental part of an IAM solution. Functionally wise that may be true, however a good architecture will ensure an effective solution. Over and above the typical architecture considerations of resilience, security, performance, and maintainability additional thoughts have to be made for IAM specific functionality.
The fundamentals of IAM Authentication
Given the first word in IAM is Identity, the process of proving that the identity is real is probably the most importing and fundamental of all of the five pillars of IAM. Without this accurate verification all of the other pillars are on very shaky foundations.
IAM Pillars
Identity and Access Management has been around since the dawn of computers. In the early days it was about creating credentials physically on computers. Unfortunately, we are no longer in the good old days when beef burgers tasted like beef and pop music was better.
Times have changed but what are the fundamentals now of a good IAM solution, what functionality is required.
Welcome to the new Blog
Welcome to the new dotnext blog. We have no idea where this will go, but we do know what we believe in which is outlined here.
