Name: Authorization Policy Enforcement in Service Mesh - Part 2
Start: 2021-01-13T17:00:00Z
End: 2021-01-13T17:00:34.000Z
Location: BrightTALK
Rating: 5

PlainID, the Authorization Company, simplifies the complexity businesses face when securely connecting identities to digital assets.  Powered by PBAC, PlainID provides a SaaS-based, centralized policy management platform with decentralized enforcement to manage who can access what across the enterprise technology stack; including applications, data, API, microservices and more.

Redefining Identity and Data Security

In today's digital landscape, data security, and privacy have become paramount concerns for organizations across industries. Effective management of data access is essential to safeguard sensitive information and maintain compliance with regulations. Join Wissam Ali-Ahmad, Technical Architect, BigID & Mickey Martin, Director of Product Outreach, PlainID, and understand how PlainID and BigID together strengthen data protection, and redefine identity and data security.

Key Highlights:
- Understanding Identity Security Posture Management: We will demystify the concept of authorization, shedding light on its distinction from authentication and its multifaceted implications for identity-aware security.
- The importance of Data Security Posture Management: How having knowledge and control of your data comprehensively addresses data security, compliance, privacy & governance.
- How ISPM + DSPM drives value: Understand how an ISPM + DSPM framework contributes to regulatory compliance, including GDPR, HIPAA, and more, and how non-compliance can result in severe penalties and negative business consequences.
- Real-world Applications: Explore real-world case studies that highlight the significance of effective ISPM & DSPM in preventing data breaches, insider threats, and unauthorized access incidents.
- Future Trends: Get a glimpse into the future of identity and data-centric security, its impact on holistic security posture management, and how it can impact security and business outcomes.

Join us to explore how PlainID + BigID can help your organization prevent identity-related security events and ensure appropriate data access and compliance.

PlainID and BigID Integrate for a Modern, Resilient Data Protection Framework

In an era where cyber threats are continually evolving and data privacy regulations are becoming more stringent, understanding the dynamics of modern authorization (AuthZ) is pivotal for organizations striving to fortify their security measures and achieve data compliance.

Key Highlights:
- Reinforce Risk Management Strategy: Discover how to proactively manage security and access with risk-based authorization. Be ready for Zero Trust initiatives by embracing the “never trust, always verify” Zero Trust Paradigm.
- Navigating Data Compliance Regulations through Modern AuthZ: Amidst the tightening grip of data privacy regulations, explore how strong authorization plays a crucial role in safeguarding sensitive data - and ensures compliance with ever-changing mandates, improving shared responsibility and accountability.
- Leveraging the Benefits of Centralized AuthZ Policy Management: Understand the value of externalizing and centralizing policy management and how it provides visibility, manageability, and control to support risk mitigation and protect against identity-related breaches. 

Join Dr. Edward Amoroso, CEO, of TAG Cyber with Gal Helemski, CPO and Co-Founder, of PlainID to delve into the multifaceted landscape of modern authorization and its profound impact on cyber security and data compliance.

What is Modern Authorization and Its Role in Cyber Security & Data Compliance

Join Martin Glowik, Security Managing Director, Accenture & Mickey Martin, Director of Global Outreach, PlainID, and explore how authorization is a core component in solving zero trust. They will discuss how a modern authorization architecture furthers success in zero trust strategies. 

Topics to Discuss:

- Core Principles of Zero Trust & Trends 
   * Zero Trust is a philosophy & a technical framework is required to mitigate risk
  * Never Trust / Always Verify
- Importance of Authorization in a Zero Trust Framework
  * Where and why does authorization fit?
  * Increase Security resiliency post AuthN & Network Access Control
- Zero Trust and compliance with Data Regulations 
  * The role of Authorization & a Zero Trust framework in supporting data privacy 
 efforts   
- Importance of Visibility, Manageability & Enforcement of Access Control
  * Visibility and analytics are vital to a Zero Trust framework

Why Authorization is Key in Achieving Your Zero Trust Journey

For years organizations either relied on course-grained access controls or attempted to implement complex and unmanageable controls for access to specific data. When organizations attempt to control data level access using roles, the result is role explosion.  Attribute-based access helped control access to specific data values but even then access was siloed and segregated into its respective data stores.

Using modern, policy-based authorization, organizations now can more easily control access to specific data and infrastructure components and put security controls in place that prevent detrimental actions (intentionally or unintentionally).  
Learn how leading-edge organizations have deployed identity-centric access throughout the infrastructure stack using fine-grained authorization.  This includes access to microservices, APIs, and other infrastructure that typically relies on generic system accounts.  Apply policies to enable control over this access based on the individual or process that initiated the transaction (i.e., last-mile security).

By attending the webinar you will:
- Have a better understanding of Policy-based Access Control (PBAC) and identity-centric access
-  Learn how to apply PBAC to control access to specific data and infrastructure components
-  See how leading-edge organizations have taken advantage of PBAC
-  See a demo of an exciting sensitive data use case
- Understand how to move your organization to the next level of access control

Finally, a Solution to Control Access!

In the era of the digital economy, organizations grapple with complex cross-border data regulations. Efficient access control, powered by modern authorization, has emerged as a critical component in ensuring data compliance, privacy, and risk management.

Join us and explore the role of authorization in navigating enterprise access control and cross-border regulatory challenges. Learn how centralized management of policies and distributed enforcement simplifies managing identities' access within regional norms, offering a targeted response to evolving data laws and advanced cyber threats.

We will discuss how a modern authorization platform helps promote efficient management of access control, improve business agility, and bolster enterprise security through granular, policy-based controls.

Key takeaways include:
- Understanding the complexity of cross-border data regulations and the drivers behind it
- Deep dive into how authorization is foundational in any security strategy for compliance and risk mitigation
- Learning how modern authorization platforms simplify, and centralize management of access policies 
- The business case for policy-based, granular approach to data access and control

How Authorization Enables Data Compliance, Privacy, & Cross-Border Access

Join PlainID’s Lani Leuthvilay, Head of Product Marketing, and Mickey Martin, Director of Product Outreach in Episode 4, Talking AuthZ with PlainID about Policy-Based Access Control.  Together they will explain the fundamentals of Policy-based Access Control (PBAC) and its significance in modern security frameworks.  

During this session, dive into the core principles of PBAC, including:
- What is Policy-Based Access Control
- Why is Policy-Based Access Control Crucial to the Modern Business
- How PBAC overcomes the management and scalability challenges of RBAC and ABAC 

By attending this webinar, you will gain a clear understanding of how PBAC differs from traditional access control models and learn how to use effective policies to protect sensitive data and ensure regulatory compliance. Whether you are an IT professional, an IAM expert, a security architect, or a decision-maker responsible for safeguarding critical information assets, this webinar will provide you with practical insights and best practices to enhance your organization's access control strategy.

Policy-Based Access Control | What it is and why you can’t modernize without it

Struggling to effectively demonstrate the impact of authorization policy changes to your customers or showcase the value of Policy Based Access Control? Without the ability to effectively communicate the impact of these changes, you may face difficulties in engaging your customers and convincing them of the value and necessity of implementing new authorization policies. But worry no more!

Unlock the potential of the PlainID Policy Simulator in enhancing your customer interactions! Join PlainID's Paul Volosen, PlainID Sales Engineering, to learn how the PlainID Policy Simulator can enhance your customer interactions and help you better illustrate customer’s use cases.

During the session, we will dive into the key best practices to maximize the value of the PlainID Policy Simulator in your next customer engagements. The topics we will cover include:

- Basic demo flow using the simulator: Gain insights into how to seamlessly navigate and utilize the PlainID Policy Simulator. Discover its intuitive features and uncover the potential it holds for showcasing the relevance of your solutions.

- How to use the simulator to create an “Aha!” moment with your customers: Learn powerful techniques to captivate and impress your customers. Explore strategies that will leave them astounded by the effectiveness and practicality of your offerings.

Don't miss out on this opportunity to transform your customer interactions and demonstrate the true value of authorization policy changes.

Enhancing Customer Engagement: PlainID Policy Simulator Best Practices

In today's digital world, it’s plain to see that EVERYTHING is data. What is not plain — is how we protect that data. How you tell a data layer to protect data is different from how to tell microservices and API gateways how to protect data, which is different from how we protect data in the applications, but at the end of the day, it's all about who can do what, with what.

Join PlainID’s Mickey Martin, Director of Product Outreach, and Hub City Media’s Steve Giovannetti to talk about PlainID and the company’s ability to:

- Centralize authorization policies across the ecosystem
- Standardize our access control approaches
- Visualize your authorization map 

So it will finally become plain how we protect customer data and assets in every digital interaction. It’s all data, let PlainID worry about the enforcement.

Talking AuthZ with PlainID Episode 3: Centralize, Standardize, Visualize

Join PlainID’s Mickey Martin and IDMWORKS’ Nick Hunt to talk about how to better leverage risk tools throughout the ecosystem using PlainID, a Centralized Authorization Platform. Evaluating risk at time of authentication isn’t sufficient for good security posture, ecosystems and tech stacks must evolve to re-establish trust at every digital interaction. 

Learn how PlainID can help:
- Dynamically control and right size access based on identity and risk
- Consistently apply how risk is leveraged in every digital interaction
- Shrink or minimize exposure during breaches

Talking AuthZ with PlainID Episode 2: Leveraging Risk Tools in Authorization

Join us for our first AuthZ Product Webinar Series, Developers Design: Authorization in the Modern Architecture. 

Date: Thursday, April 6, 2023
Time: 12:00 pm - 1:00 pm ET (Eastern Time)
Online Event

Mickey Martin, Director of Product Outreach, and Vladi Berger, VP of Solutions Architecture will deep dive into designing architecture with authorization in mind. They will cover topics from the application to the database, and when and where to add in which types of authorization to best allow the types of access for users and non-user entities.

You will learn:
-  How authorization architecture furthers success in zero trust strategies
- Why centralized management means centralized viewing, auditing
-  How to utilize signals to de-authorize a user or session immediately stopping malicious activity

Developers Design: Authorization in the Modern Architecture

Join us for an open discussion between Chief Revenue Officer, Tom Ammirati, and Director of Product Outreach, Mickey Martin both from PlainID, where they will dive into the Project and Business Drivers they see that require Centralized Authorization.

Date: Thursday, March 2, 2023
Time: 12:00 pm - 1:00 pm ET (Eastern Time)
Online Event

Identity and Access Management has been a pillar in security for decades now; it has emerged, changed, and evolved many times over as the problems it solved grew larger and more complex. Identity Governance, Identity Providers, and Authorization Platforms are all required to deliver a secure identity practice. Authorization, like every piece of identity, enables the modern business, reduces risk, tightens security, and protects access to your digital assets.

Talking AuthZ with PlainID: Why Authorization? Why Now?

In this webinar, we’ll have an open discussion with Director of IAM Delivery from IDMWORKS, Nick Hunt, and Director of Product Outreach from PlainID, Mickey Martin, on the changing needs of authorization, market shifts, and how you can get a handle on this evolving space.

Date: Wednesday, February 1, 2023
Time: 12:00 pm - 1:00 pm ET (Eastern Time)
Online Event

With a changing application space, focusing on Identity and Zero Trust, and movement to cloud-hosted services, the traditional methods for authorizing users within applications are evolving.  Traditional methods of maintaining authorization lists are not scaling to support changing application and security needs.  This gives rise to the need for centralized, context-aware, authorization services, decoupling the authorization decisions from local applications into central business policy decisions and services. 

Agenda:
12:00 pm - 12:10 pm - Welcome - Overview
12:10 pm - 12:45 pm - A Fireside Chat on Dynamic Authorization
12:45 pm - 1:00 pm - Q&A, Wrap up

The Changing Authorization Space – A Fireside Chat on Dynamic Authorization

Join PlainID’s Director of Product Outreach Mickey Martin, along with The Cyber Hut's CEO and Research Analyst, Simon Moffatt, on December 6, for a webinar on Externalization of Authorization Policies - Build vs. Buy.

As the modern enterprise architecture demands a more decoupled and agile approach to authorization – existing access control deployments that are often tightly coupled and embedded within enterprise applications can no longer provide the needed level of agility, correct feature set and coverage for businesses.

Dynamic Authorization has become a critical component of the modern enterprise - delivering business agility via the flexible security of critical data and information assets.  Homegrown access control solutions are common across enterprises - either embedded within complex systems due to bespoke requirements or due to limitations of  CoTS providers. A modern approach is needed to gain better visibility and control of who has access to what resources. 

Join PlainID and The Cyber Hut to gain insights on how homegrown approaches compare to a platform approach. In the webinar, discussion topics will cover:

- Business Challenges of Authorization
- Externalizing Authorization with Policy-based Access Control
- Centralized Management and Distributed Enforcement 
- The Limitations of Homegrown Solutions 
- The Cost of Doing Nothing 

Agenda:
12:00pm - 12:10pm - Welcome - Mickey Martin, PlainID
12:10pm - 12:30pm - Externalization of Authorization Policies - Build vs. Buy Challenges and Solutions - Simon Moffatt, The Cyber Hut
12:30pm - 12:50pm - PlainID Next Generation Authorization Overview, Mickey Martin, PlainID
12:50pm - 1:00pm - Q&A, Wrap up

Externalization of Authorization Policies - Build vs. Buy

Join PlainID’s VP of Product Strategy Nadav Well, along with Hub City Media’s Founder and CTO, Steve Giovannetti, on August 2, for a webinar on Smart Best Practices for Implementing Delegated Authorization Management.

Date: Tuesday, August 2, 2022
Time: 12:00 pm - 1:00 pm ET (Eastern Time)
Online Event

In today’s digital-first world, businesses must decipher better ways to allow access to digital assets. Not only must organizations allow access to employees and customers, but also to third parties. And, extending access to internal assets and applications for B2B collaboration is complicated, costly, and can impact the speed of transacting business.

Join PlainID and Hub City Media to learn best practices for B2B Access Management including:

- How to accelerate Time to Market
- Simplifying Identity Lifecycle Management
- Improving Visibility and Control
- Solving challenges around managing identities you don’t control
- Improving 3rd party user experience 
- Gaining insight into 3rd party activities

Agenda:
12:00pm ET - Welcome
12:05pm ET- Best Practices for Implementing Delegated Authorization Management with Nadav Well and Steve Giovannetti
12:40pm ET - Open Q & A
12:55pm ET - Closing Remarks

Smart Best Practices for Implementing Delegated Authorization Management

Webinar | Next Generation Authorization

PlainID & Hub City Media Present NextGen Authorization Forum - Impact on User Journeys, Risk Mitigation & Data Governance

Date: Tuesday, May 17, 2022
Time: 12:00 pm - 1:00 pm ET (Eastern Time)
Online Event

Join PlainID’s Co-Founder and Chief Product Officer Gal Helemski, along with Hub City Media’s Founder and CTO, Steve Giovannetti, on May 17, for a fireside chat around NextGen Authorization - modernized security and the impact on user experience, risk mitigation, and access control.

With PlainID’s CRO Tom Ammirati moderating, Gal and Steve will deep dive into a technical discussion, reviewing the importance of:

- Traditional vs. Modern Authorization
- Centralized Policy Management across Enterprise stack - Powered by PBAC
- Integration with Existing IAM Infrastructure
- Data Governance
- How to achieve Zero Trust Architecture with Dynamic Authorization

Agenda:
12:00pm ET - Welcome
12:05pm ET- Moderated fireside chat of NextGen AuthZ with Gal Helemski and Steve Giovannetti
12:40pm ET - Open Q & A
12:55pm ET - Closing Remarks

PlainID & Hub City Media NextGen Authorization Forum

Joint webinar for KuppingerCole and PlainID
Now is the time to implement the Zero Trust security model because the traditional model of enforcing security at the network perimeter is no longer effective with users, devices and workloads moving outside the corporate network, but success depends on understanding the essential components of a Zero Trust Architecture.

Policy-Based Access Control (PBAC) is crucial because the ability to decide whether to grant, deny, or revoke access is at the heart of Zero Trust, according to Martin Kuppinger, Principal Analyst at KuppingerCole and Gal Helemski, CIPO at PlainID. Join these experts for a discussion about the most important components of a successful implementation of Zero Trust security.

Zero Trust - Now is the Time, and PBAC is Key

Many companies invest heavily in digital transformation and modernizing their business interfaces, creating portals, applications and digital assets where business users can go and collaborate in a self-service manner. But this positive transformation movement will not be completed without implementing the required identity and access management processes. Eventually, it doesn’t matter how great your portal or application is, if the end users cannot actually access it because the end-to-end management process is slow, manual and prone to errors.    Join this webinar to learn about the challenges associated with the management of B2B access management, why there’s a need for a solution that is designed specifically to address these challenges and why the delegation model is most appropriate for these use cases.

Delegated Model for Access Management: Use cases, requirements & implementation

Over the last few years, companies have been looking for a secure approach to control access to sensitive data assets using standardized approaches such as Zero Trust and CARTA. However, to move to a fully secure model, organizations need a solution that provides a fine grained approach to authorization which is dynamic and real-time.
 
This is especially challenging when dealing with data, since the built-in security measures of data repositories are just not enough.
  
Join this joint PlainID and Data Virtuality webinar to learn:
● The business challenges faced by organizations using coarse grained approaches to access control
● Why the traditional RBAC approach isn't enough in a Zero Trust era
● How access to data can be enforced.
● How PlainID’s Policy-Based Access Control (PBAC) together with Data Virtuality, supports dynamic fine-grained authorization to data.
● and much more!

Dynamic Authorization for Data - Enforcing fine grained control to data access

If you're involved in deploying enterprise applications through micro-services, and managing authorization is a priority - then this talk is for you.

In it, the second in our series covering authorization in micro-services, we’ll briefly recap our previous talk about the basis of authorization in service mesh. Then, we will dig into the "main course": entitlements injection to the micro-service.

The talk will cover the reasons for injecting entitlements. We will share several use cases where this method is needed, followed by a live demonstration of these use cases.

This talk is part of our webcast series on the topic, hosted by PlainID's co-founder Gal Helemski, and Senior Solution Architect Vladi Berger.

You are more than welcome to revisit the first talk in the series by visiting https://www.brighttalk.com/webcast/18611/452538

Our next talk will focus on data filter for micro-service. Stay tuned!

Authorization Policy Enforcement in Service Mesh - Part 2

Authorization Management

Identity Management

Microservices

Access Management

Enterprise Applications

Authorization

Access Control

ABAC

Policy Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Authorization Policy Enforcement in Service Mesh - Part 2

Presented by

About this talk

More from this channel