Doug Merritt, the CEO of Splunk, addressed a group of Silicon Valley entrepreneurs late last year and proclaimed that “security perimeters are completely destroyed and they’re not coming back.” That was not a call to arms to start dismantling years of investment in firewall, IDS/IDP, CASB, DLP, SIEM/SOAR, and EDR/XDR technologies but, rather, a sobering recognition that people are now the security perimeter of every modern enterprise. Today, the security of commercial firms rests squarely on the management of end-user credentials and end-user behaviors.

Authentication and authorization procedures are the principal defenses in a guerilla cyberwar in which every end user is a potential path of compromise. Unfortunately, vendors offering solutions in this space frequently employ language that can be confusing and misleading. They fail to discriminate between access permissions, action privileges, and entity entitlements. For example, an HR business partner may have access to a Workday compensation module; she may be able to modify salary tables (an action privilege); but she may not be able to view or modify executive compensation records (an entity entitlement).

Read more at – Future of Identity-Based Security: All-in-One Platforms or Do-It-Yourself Solutions