Tag - IAM

Zero Trust & Identity and Access Management (IAM)

Written by the CSA Identity and Access Management Working Group. In today’s digitally interconnected landscape, understanding the intricacies of Identity and Access Management (IAM) is imperative for safeguarding organizational assets. A looming threat to IAM is Shadow Access. This insidious menace, often exacerbated by the rapid adoption of cloud services and...

Avoid IAM Drifts Using Explicit-Deny

Written by Israel Chorzevsk. Background Over the last decade, cloud providers advanced their authorization mechanism, and added more and more ways to grant access to resources. Having multiple ways to grant access may lead to authorization drifts. This post describes several authorization features that may lead to such drift and proposes to use explicit-deny over...