Why companies should approach identities differently. The definition of "identity" and how it fits into an organization's operating model. In this video interview with Information Security Media Group, Abel and Cunningham discuss: They've got a cost to operate them with your service desk staff, and your incidents all carry risk, so that risk can be mitigated by that least-privilege approach," he says. "They have a cost to acquire them or create them. And your operating plan should include a risk rating for each identity. Like other assets, identities should be defined and recorded along with the rights assigned to them. Components of the zero trust model (Source: Andrew Abel)Ībel says identities should be treated as digital business assets, such as inventory or equipment. "Sometimes, it's the hardest to define for people who are not familiar with the concept," Abel says. Zero trust is a least-privilege approach to security that ensures that users, devices, applications and transactions are continually verified, but identity management can be one of the most challenging areas of zero trust. Identities now extend to machines, containers and applications. 
Managing identities within large enterprises is no longer a straightforward task of granting access to employees. See Also: OnDemand | API Protection – The Strategy of Protecting Your APIs In Part 1 of a three-part video series, Andrew Abel, a cybersecurity and zero trust consultant and CyberEdBoard member, and Chase Cunningham, CSO at Ericom Software, share tips on how to create an identity strategy within the broader context of zero trust.
Chase Cunningham, CSO, Ericom Software, and Andrew Abel, a cybersecurity and zero trust consultant and CyberEdBoard member
0 kommentar(er)
