Blog

Simplifying Authorization in a SaaS and Hybrid World

Lani Leuthvilay
August 21, 2022

As the number of digital Identities and assets have exploded in recent years, enterprises face a greater burden to balance security and friction without impacting workforce productivity. Regardless of what industry they’re in, IAM and security teams are always on the lookout for ways to better manage and secure the connections between who has access to what and when

PlainID makes it easy to secure the connections between identities and resources at scale. And, with the latest release, The Authorization Platform offers:

  1. Flexible deployment options: SaaS, Hybrid, and On-premises
  2. Visual policy mapping for ease of use policy design and management
  3. Further extensibility of authorization to industry-leading data platforms: Snowflake, Denodo and Google BigQuery

In this blog you’ll learn about some of the platform’s latest features that improve authorization management, performance and ease of use.

Same Centralized Management, Flexible Deployment Models

Choose the deployment that best fits your environment while maintaining the same foundation of the PlainID Authorization Platform and the policy-based access control (PBAC). This means you can benefit from the entire platform as a full SaaS, where the centralized management and runtime layers are managed by PlainID. Whereas, the Hybrid approach gives you the flexibility to host the PDP and PIP components of the runtime layer in your own cloud instance, or on-premises if you prefer to not spend resources on managing the administrative infrastructure.

 

 

The hybrid model is the most popular choice for industries such as financial services that face stricter privacy compliance, data security and performance requirements. The platform’s hybrid model enables a more secure environment since it reduces the amount of traffic outside of the organization’s data centers. With the PDP running closer to where the applications, APIs, and microservices are, it provides greater control and reduces response times for users and systems that depend on policy decisions for access.

A full SaaS model is a useful option for enterprises where technical expertise and resources are constrained. By having all layers as a SaaS, the IT and Security team can leave the maintenance and updates of the entire platform to the PlainID team.            

Visual Policy Mapping for Ease of Policy Design & Management 

 

 

Before PlainID, individuals responsible for building and approving policies worked with multiple lists of names, groups, applications and many other attributes. This is a cumbersome experience when the goal is to accurately create policies that map the relationships between identities and resources as intended.

The Visual Policy Map feature provides a graphical representation of policy connections so you can better understand how your policies relate to identities and the specified conditions, permissions, asset types, applications, and more. This ultimately improves accuracy and efficacy of policy design by enabling policy builders to visually map and fine-tune policies before going live.

Distributing Enforcement with Data Authorizers for Snowflake, Denodo and Google BigQuery

PlainID Authorizers extend the platform’s dynamic and fine-grained authorization capabilities across the technology stack. This release brings Authorizers designed to bring enforcement to the data layer for stronger data security, specifically for Snowflake and Denodo.

Data Authorizers enable you to improve security by limiting the exposure of sensitive data down to the cell-level of data in your data platforms whether it’s managed by data lake or data virtualization tools. Data Authorizers also increase performance of applications by retrieving only the subset of data the user is authorized to see. 

If you’re working with a different data platform, our new Data SDK helps enterprises quickly tailor an Authorizer for data enforcement specific to your needs. 

The Takeaway

This is just the beginning. Stay tuned as we will release more Authorizers for leading data, microservices, and API gateway solutions. Our mission is to make it simple for enterprises to have the centralized management they need to maintain full control and visibility of who and how assets and resources are accessed. Our ever-growing ecosystem of PlainID Authorizers will make it easier for you to distribute enforcement according to your technology stack. 

Want to see the platform in action?

Contact Us

for a demo

 

Most popular posts