Category: Identity and Access Management
-
Authorization in GRC: IAM Series Part 3
So far, the IAM series has focused on authentication, which is the act of verifying someone is who they say they are. But once they are verified and have been granted access to a system, they shouldn’t be allowed to perform every action. For instance, an employee in an organization should not be allowed to…
-
Authentication in Microsoft Entra ID: IAM Series Part 2
In Part 1 of the IAM Series, we explored how authentication works, why it’s important from a security standpoint, and its various methods. Understanding these methods is important, but what is just as important is actually implementing them. Luckily, if the organization uses the cloud (which an increasing number of organizations are doing), they can…
-
Authentication in GRC: IAM Series Part 1
This is the first of several blog posts in the identity and access management (IAM) series, covering IAM from a governance, risk, and compliance (GRC) point of view. At its core, IAM ensures the right individuals access the right resources at the right times for the right reasons. Rather than configuring these technical tools, GRC…