Policy-based access management and the evolution of authorization
If you’ve read any of the more recent Axiomatics articles, we have highlighted the rapid evolution of the authorization market.
We see it daily – more organizations realize their current or traditional approach to authorization isn’t in line with the reality of modern access control considerations.
Nowhere is this growth illustrated more clearly than in the recently published KuppingerCole Market Compass for Policy-Based Access Management. The Axiomatics team is pleased to be featured as a vendor in this report.
The report, written by senior analyst Graham Williamson of KupppingerCole Analysts AG, talks not only about how the authorization space has evolved, but also the challenges that have arisen as a result. These challenges are acutely felt by established enterprises, facing a considerable task in keeping pace with the rise of more agile competitors while at the same time trying to modernize and protect legacy systems and applications.
The report rightly identifies that this reflects how and why established enterprises are looking to expedite their digital transformation initiatives and embrace a mix of infrastructure (including public or private cloud) to become more modern.
The Market Compass highlights that there’s no ‘one size fits all’ approach to PBAM. What authorization looks like to support one cloud application versus hundreds of apps living in a cloud-native environment that must adhere to strict regulations, will have different considerations.
As a result, there are three takeaways we want to emphasize in this report:
Home-grown authorization is no longer viable
What we hear from organizations today is that they’re on a journey of putting the right foundational elements in place to begin modernizing their authorization and policy-based access management approach. This can include implementing an identity-first reference architecture that supports a Zero Trust strategy.
With this strategy in place, there’s a realization that homegrown authorization solutions cannot keep pace with modern cybersecurity and compliance requirements.
There is no “easy button” for this journey
Enterprises must take the right steps forward to enable a modern approach to authorization that can be adopted at the pace of the business.
This means adopting a proven deployment methodology and process that leads to a unified authorization strategy. KuppingerCole provides an example of what this could be in page five of the Market Compass.
Enterprise authorization must support modern and traditional infrastructures
As mentioned in the report, Axiomatics is a respected pioneer in this market.
We’ve delivered authorization implementations for many of the world’s largest organizations, whose journeys started in what the Market Compass refers to as the “traditional” approach to PBAM.
As the market has adopted cloud-native infrastructures, Axiomatics has done the same and has delivered many cloud-native implementations. This report reaffirms that supporting PBAM for the modern enterprise must balance both traditional and modern infrastructures.
We believe Orchestrated Authorization is a successful approach to PBAM as it addresses many of the challenges outlined in the Market Compass – it takes authorization out of silos, works with an enterprise-wide approach, and is scalable.
In addition, it ensures alignment across internal stakeholders, including development teams, business analysts and executives, with identity leaders and/or CISOs having the centralized view of the strategy.
You can read the full KuppingerCole Market Compass for Policy-Based Access Management, courtesy of Axiomatics.
For more about Orchestrated Authorization, take a look at our 2022 State of Authorization Report.
If you’re in a hurry, we’ve summarized the key points in this executive brief.
The post Policy-based access management and the evolution of authorization appeared first on Axiomatics.
*** This is a Security Bloggers Network syndicated blog from Axiomatics authored by Mark Cassetta. Read the original post at: https://axiomatics.com/blog/policy-based-access-management-and-the-evolution-of-authorization
