In the famous words of David Byrne, there is no time for “dancing, or lovey dovey” when it comes to security. In a world where technology is constantly evolving, it is important to always stay on top of protecting confidential and sensitive information. The standard go-to for security within organisations is the account-based approach; however, this exposes the issue with specialised IT resources being so heavily involved in identity and account administration.
The way accounts are secured varies across sectors and companies; some believe securing the perimeter is vital, while others rely on encryption and data protection or zero trust access with controls. Ultimately, identity is the core of security – making sure that the right people have the right access to the right resources in the right ways at the right time. For this reason, organisations should be moving away from account-based administration of network resources to an approach that uses identities to strengthen cybersecurity and allow adherence to Zero Trust principles.
Authentication – This is all about ensuring the identity of the person or non-human (e.g. a bot) logging onto a system. Every application or system, whether it’s on-prem or cloud based, includes a type of authentication, the most common being a username and password. Most organisations will use Microsoft Active Directory (AD) and Azure Active Directory (AAD) for authentication, or they might augment a majority of the workload with technologies to unify the logins. While authentication is a vital step toward identity-based security – it is not adequate on its own.
Authorisation – Authorisation focuses on the parameters surrounding user permissions once they have been authenticated. This can be influenced by several variables including file and application permission and sharing and finely defined access rules based on role, location and circumstance. Unfortunately, this is often ..
Support the originator by clicking the read the rest link below.
