Audit What’s Not There - Shifting Mindset and Compliance in a Dynamic / Policy Driven Environment - 14 de noviembre de 2024 - TecnoWebinars.com

Join Mickey Martin, VP of Sales Engineering, and Nick Hunt, Founder, Chief Identity Officer, HATSec, as they discuss what it means to adopt Policy Based Access Control, and how this changes how identity teams attest compliance to audit. In the world of Identity Audits, we are used to looking at reports of which users are granted membership into roles, groups, and entitlements and making assumptions about access based on company knowledge. Centralized Management of authorization policies takes out the guesswork of how authorization is decided based on identities controlled in IGA and context of access being requested. Talking Points & Key Takeaways: - What does it mean to Centralize Authorization in your ecosystem? - How does Dynamic Authorization reduce risk and minimize exposure due to standing privilege? - How does this affect periodic attestations and compliance to support identity audits? - Discuss the importance of looking at both sides of the Identity-Centric Security Coin - Identity attributes, roles, groups, entitlements and how Authorizations allows or denies user actions based on these identities. - How do we design an Identity program that tightens security vs checks the boxes? We tend to build systems that answer to the audit vs. answer to attack.