Securing privileged access through access management is vital because it ensures that an organisation’s people are only granted access to what they need to do their jobs, and only for the period for which they need it. Access management also allows…
Category: Digital Identity
![[INTERVIEW] IAM Maturity Assessment – Where do you stand and why is it crucial?](https://www.riskinsight-wavestone.com/wp-content/uploads/2023/01/Image1-800x450.jpg)
For over twenty years, Wavestone has been supporting clients develop and strengthen their Identity and Access Management programs. Within this area, Wavestone has observed that organizations do not always approach IAM in a comprehensive manner. While Security is an obvious…
The content of this article is taken from an interview conducted by Marc JACOB for Global Security Mag in March 2022, available here. The obviousness of IAM, and the difficulty of the transformations it implies Faced with the…
Using passwords introduces both a large attack surface (phishing, brute force, password spreading, rainbow table, etc.) and a poor user experience. As a result, passwords have been denounced in favour of passwordless technologies for several years. However, passwords remain commonly…
In this second article on Identity and Access Management (IAM) we look at why many organisation face difficulties transforming their IAM ecosystem, and how IAM programmes should be approached and structured. In our previous article – Identity and Access Management:…
Large organisations are facing unprecedented change, such as adapting to remote working and managing operational risk in a post-pandemic world. Identity & access management (IAM) – the provision and verification of identities and their access rights – is once again…
Nowadays, access management and security concept of APIs are inherent to federation protocols OAuth2 and OpenID Connect. Both protocols natively cover a great deal of use cases, but regularly evolve and come with complements to address more innovative subjects. In…
In a previous article, we discussed the main motivations behind the implementation of an authorization model and answered a first set of essential questions one should think about when setting up or redesigning a model. Let’s continue here with a…
Introduction DAC, RBAC, OrBAC, ABAC or GraphBAC? Flagship authorization models evolve regularly and each one brings its share of challenges, promises, and complexity. Over the last twenty years or so, during which the RBAC/OrBAC models seem to have prevailed, the…
Le travail à distance et les interactions numériques étant de plus en plus courants, il est essentiel que les entreprises offrent la meilleure expérience possible pour les activités numériques quotidiennes et la collaboration avec les fournisseurs et les partenaires. Une…