Let the community know what you think. Share your opinions now!
The SINGULAR issue about access management is that AM never took into consideration to prove the identity of the user. All they were able to prove was the initial assertion of the user attempting to access. So AM is actually of no use, even dangerous unless the identity of the end-user is correctly proven, then thereafter manage the user once in the network
Another aspect to look for is proof of user identity.
The most important point is that identification and authentication must be checked in the real endpoint system, not in the gateway. because there are too many ways to access endpoint system like "server to server access" after gateway access control system.
I'd point you back to your use cases. There is no point in looking at Functional/Non Functional requirements as differentiating elements in selecting tools or services if you don't know what use cases/user journeys, in particular, you're putting AM in to manage.
Insider data breaches can be a real problem in businesses. One way to address this issue is by implementing an identity and access management solution.
What tips do you have for ensuring that one's identity and access management solution is effective?