Episode 079: 01‐16‐2025 Authorization for the Modern Enterprise - GluuFederation/identerati-office-hours GitHub Wiki
Title: Authorization for the Modern Enterprise
- Host: Mike Schwartz, Founder/CEO Gluu
- Guest: Gal Helemski, Co-Founder & CTO/CPO at PlainID
Replay:
Description
PlainID’s strengths lie in its ability to centralize and simplify policy management--enforcement, visibility, discovery, authoring, lifecycle management, consistency validation, and governance. This unified approach enables granular control of how identities access data and resources. Join us for a conversation with Gal Helemsky, co-founder and CTO of PlainID, as we explore the future of authorization in today’s complex enterprise environments.
Homework
Takeaways
⚡ From an enterprise IT architecture standpoint, "Policy" extends to RBAC, ABAC, ReBAC and other access control mechanisms. Using "policy" as the common denominator enables an organization to have a more wholistic look at security in their organization.
⚡ As the authz market has evolved in the last ten years, authz startups are increasingly focusing on specific market segments. There are specialized startups for access control, policy authoring, orchestration, governance, audit, lifecycle management, etc.
⚡ Data is next frontier of access management. Platforms like Snowflake and Google BigQuery are creating an opportunity to call an external PDP to grant access to data. This is essential for an end-to-end zero trust architecture.
⚡ Authz in the enteprise is frequently lead by the software architecture group. However, they need to evangelize the technology among internal developers to get adoption.
⚡ "Who has access to what?" It sounds like a simple, obvious question. And yet, it is so challenging to answer for enterprises who have so many policies.