cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Application access / permissions trends and best practices

ShimKwan
Brass Contributor

‎Apr 21 2021 12:45 AM - last edited on ‎May 24 2021 03:05 PM by

‎Apr 21 2021 12:45 AM - last edited on ‎May 24 2021 03:05 PM by

Application access / permissions trends and best practices

Hi,

Have a question around trends/best practices and application access.

Back in the "old" days application access was controlled from within the app, whereby roles may have been defined within the application, individual accounts were created within the app, and people could use the app accordingly.

Then came Directory Services, and if the application was, for example, AD integrated, then that is how access to the app was controlled - use AD accounts /  AD Groups.

Now we have the Cloud.

So is the new trend to use, for example, Azure Groups to control access to "modern" apps - with all the benefits of Azure Groups (e.g. dynamic membership, centralized admin, easier auditing, etc etc etc).

While writing this question out, I think I have answered myself (somewhat) - but keen to hear people views on the matter.

Thank you,

SK

858 Views
0 Likes
2 Replies
Reply
2 Replies
eneshfernando

‎Apr 21 2021 08:53 AM

‎Apr 21 2021 08:53 AM

Re: Application access / permissions trends and best practices

Old era connectivity through the internet is limited. Networking among People, Process and Technology is very much limited within a contained area. Considering the threat vectors for identities are very much narrowed in scope. With the advancement of internet era, all the AAA services including Authentication, Authorization and Accounting flip to a different level. As an example Kerberos cannot meet the requirements on the authentication anymore. Password considered as no longer safe and moved to multi-factor authentication mechanisms such as human bio metrics, RFID and PINs.
Considering the hot topic on Zero Trust Architecture all elements should be treated as un trusted.
0 Likes
Reply
ShimKwan

‎May 06 2021 07:52 PM

‎May 06 2021 07:52 PM

Re: Application access / permissions trends and best practices

Thanks for the reply, doesn't really answer the question though.
0 Likes
Reply