{"id":32174,"date":"2024-06-26T11:34:49","date_gmt":"2024-06-26T10:34:49","guid":{"rendered":"https:\/\/ductus.global\/?p=32174"},"modified":"2025-03-17T09:55:44","modified_gmt":"2025-03-17T08:55:44","slug":"one-secure-organization-centralized-iam-as-the-foundation-for-physical-and-digital-security","status":"publish","type":"post","link":"https:\/\/ductus.global\/sv\/one-secure-organization-centralized-iam-as-the-foundation-for-physical-and-digital-security\/","title":{"rendered":"One Secure Organization \u2013 Centralized IAM as the Foundation for Physical and Digital Security"},"content":{"rendered":"\n<div class=\"wp-block-cover alignfull\" style=\"min-height:300px;aspect-ratio:unset;\"><span aria-hidden=\"true\" class=\"wp-block-cover__background has-d-plum-dark-background-color has-background-dim-0 has-background-dim\"><\/span><img decoding=\"async\" width=\"1200\" height=\"633\" src=\"https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/network-concept-purple.jpg\" class=\"wp-block-cover__image-background wp-post-image\" alt=\"\" data-object-fit=\"cover\" data-object-position=\"50% 50%\" style=\"object-position:50% 50%;\" srcset=\"https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/network-concept-purple.jpg 1200w, https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/network-concept-purple-300x158.jpg 300w, https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/network-concept-purple-1024x540.jpg 1024w, https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/network-concept-purple-768x405.jpg 768w, https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/network-concept-purple-95x50.jpg 95w, https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/network-concept-purple-836x441.jpg 836w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" \/><div class=\"wp-block-cover__inner-container is-layout-constrained wp-block-cover-is-layout-constrained\">\n<p class=\"has-text-align-center\" style=\"font-size:20px\">INSIGHT<\/p>\n\n\n\n<h1 class=\"wp-block-heading has-text-align-center has-ductus-white-color has-text-color has-link-color wp-elements-ce824b2cedbf9e241b85e9d884a5ae65\" id=\"h-one-secure-organization-centralized-iam-as-the-foundation-for-physical-and-digital-security\" style=\"font-size:42px;font-style:normal;font-weight:600\">One Secure Organization \u2013 Centralized IAM as the Foundation for Physical and Digital Security<\/h1>\n<\/div><\/div>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer is-style-responsive-small\"><\/div>\n\n\n\n<p class=\"has-preamble-font-size\">For many organizations, the realms of physical and virtual IT security are merging as companies look to digitalize more processes and create one secure organization. How, then, do you ensure the same protocols and high levels of security are applied to onsite visits, for instance, as to servers and virtual networks?<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-common-and-complex-problem\">Common and complex problem<\/h3>\n\n\n\n<p>Whether it\u2019s a mega factory, construction site, mine, or research laboratory, diverse external visitors come to sites regularly. Goods are delivered, printers, servers, and specialist equipment are serviced, drains are unblocked, consultants are on assignments, and client meetings take place. Large organizations can have hundreds of external people onsite at any given time.<\/p>\n\n\n\n<p>We see this regularly and have developed a modern approach to identity and access management (IAM) to help solve the problem. It&#8217;s based on our experiences from supporting mining companies, banks and developing IAM software for use at test tracks for prototype vehicle testing.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-agile-way-of-working\">Agile way of working<\/h3>\n\n\n\n<p>As all organizations are different, with very diverse ecosystems, policies, and regulatory frameworks, there isn\u2019t a one-fits-all solution. Therefore, we apply a proven, stepwise approach to any deployment. By starting with a pilot project, we can implement and test a solution and apply lessons learned from the deployment as we move forward with onboarding applications and new use cases to the new secure architecture. This agile way of working is far more effective than spending many months developing a company-wide solution that may need considerable adjustments following deployment.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-three-tiered-approach-to-iam\">Three-tiered approach to IAM<\/h3>\n\n\n\n<p>But what is it? To best serve organizations with complex security requirements, a three-tiered approach is required. A <strong>technical platform<\/strong>, where the mechanics of the solution are managed; a <strong>framework<\/strong>, which governs how the system works and is managed; and <strong>DevOps<\/strong>, which ensures smooth and continuous operations and updates.<\/p>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer is-style-responsive-smaller\"><\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<div class=\"wp-block-group has-d-plum-light-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<p class=\"has-text-align-center has-small-font-size\"><strong>IAM Platform<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list has-small-font-size\">\n<li class=\"has-smaller-font-size\">Identity Provisioning<\/li>\n\n\n\n<li class=\"has-smaller-font-size\">Identity to Account Linking<\/li>\n\n\n\n<li class=\"has-smaller-font-size\">Access Token Provisioning<\/li>\n\n\n\n<li class=\"has-smaller-font-size\">Policy Based Access Control<\/li>\n<\/ul>\n<\/div><\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<div class=\"wp-block-group has-ductus-lightgray-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<p class=\"has-text-align-center has-small-font-size\"><strong>IAM Framework<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list has-small-font-size\">\n<li class=\"has-smaller-font-size\">Governance<\/li>\n\n\n\n<li class=\"has-smaller-font-size\">Reference Architecture<\/li>\n\n\n\n<li class=\"has-smaller-font-size\">Taxonomy<\/li>\n\n\n\n<li class=\"has-smaller-font-size\">Guiding Principles<\/li>\n<\/ul>\n<\/div><\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<div class=\"wp-block-group has-d-green-light-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<p class=\"has-text-align-center has-small-font-size\"><strong>IAM DevOps<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list has-small-font-size\">\n<li class=\"has-smaller-font-size\">Team<\/li>\n\n\n\n<li class=\"has-smaller-font-size\">Processes<\/li>\n\n\n\n<li class=\"has-smaller-font-size\">Tooling<\/li>\n<\/ul>\n<\/div><\/div>\n<\/div>\n<\/div>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-zero-trust-identity-management\">Zero Trust identity management<\/h3>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"alignright size-full is-resized\"><img decoding=\"async\" width=\"920\" height=\"836\" src=\"https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/IAM-diagram.png\" alt=\"\" class=\"wp-image-32175\" style=\"width:300px\" srcset=\"https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/IAM-diagram.png 920w, https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/IAM-diagram-300x273.png 300w, https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/IAM-diagram-768x698.png 768w, https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/IAM-diagram-55x50.png 55w, https:\/\/ductus.global\/wp-content\/uploads\/2024\/06\/IAM-diagram-485x441.png 485w\" sizes=\"(max-width: 920px) 100vw, 920px\" \/><\/figure>\n<\/div>\n\n\n<p>Based on a zero-trust philosophy, the IAM solution uses a token-based system to securely handle authentication and policy-based access control to manage authorization effectively. This ensures, for instance, that an application cannot directly access a protected resource on a user\u2019s behalf. Instead, a central identity provider issues secure tokens to access resources when an application needs to identify a user.<\/p>\n\n\n\n<p>Policy Based Access Control (also known as Attribute Based) is highly suitable for combining physical and virtual security as it offers fine-grained authorization that isn\u2019t available in a role-based solution. This enables access to resources or property to be governed by location, time, date, assignment, company, nationality, and much more, in alignment with an organization\u2019s policies.<\/p>\n\n\n\n<p>Read part 2 in this series: <a href=\"https:\/\/ductus.global\/one-secure-organization-policy-based-access-control-pbac-for-enhanced-security\/\">One Secure Organization \u2013 Policy-Based Access Control (PBAC) for Enhanced Security<\/a>.<\/p>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer is-style-responsive-smaller\"><\/div>\n\n\n\n<div class=\"wp-block-group has-d-mocha-light-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<h3 class=\"wp-block-heading\" id=\"h-get-started\">Get started<\/h3>\n\n\n\n<p>If you recognize these issues or want to develop a single security solution for physical and digital security but don\u2019t know where to start, our consultants can support you. We recommend you start with a particular pain point. Our team will define an IAM framework, with a reference architecture and guiding principles, and then we can begin to resolve the issues in a pilot project. <\/p>\n\n\n\n<p>Don\u2019t wait until it\u2019s too late. Get in touch and let\u2019s get started.<\/p>\n<\/div><\/div>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer is-style-responsive-small\"><\/div>\n\n\n\n<div class=\"wp-block-group alignfull\" id=\"contact-us\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<div style=\"height:50px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-center is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\"><div class=\"wp-block-image is-style-rounded\">\n<figure class=\"alignright size-full is-resized\"><img decoding=\"async\" width=\"340\" height=\"340\" src=\"https:\/\/stage.ductus.global\/wp-content\/uploads\/2023\/08\/Anders-Essner.jpg\" alt=\"\" class=\"wp-image-28264\" style=\"width:170px;height:170px\" srcset=\"https:\/\/ductus.global\/wp-content\/uploads\/2023\/08\/Anders-Essner.jpg 340w, https:\/\/ductus.global\/wp-content\/uploads\/2023\/08\/Anders-Essner-300x300.jpg 300w, https:\/\/ductus.global\/wp-content\/uploads\/2023\/08\/Anders-Essner-150x150.jpg 150w, https:\/\/ductus.global\/wp-content\/uploads\/2023\/08\/Anders-Essner-50x50.jpg 50w\" sizes=\"(max-width: 340px) 100vw, 340px\" \/><\/figure>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-center is-layout-flow wp-block-column-is-layout-flow\">\n<h3 class=\"wp-block-heading\" id=\"h-anders-essner\">Anders Essner<\/h3>\n\n\n\n<p>Phone: +46 (70) 513 56 19<br>anders.essner(at)ductus.se<\/p>\n<\/div>\n<\/div>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>For many organizations, the realms of physical and virtual IT security are merging as companies look to digitalize more processes and create one secure organization. How, then, do you ensure the same protocols and high levels of security are applied to onsite visits, for instance, as to servers and virtual networks? Common and complex problem [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":32185,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[41,42],"tags":[4248],"class_list":["post-32174","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-insight","category-insights-it-consulting","tag-infrastructure-security"],"acf":[],"_links":{"self":[{"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/posts\/32174","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/comments?post=32174"}],"version-history":[{"count":9,"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/posts\/32174\/revisions"}],"predecessor-version":[{"id":33095,"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/posts\/32174\/revisions\/33095"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/media\/32185"}],"wp:attachment":[{"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/media?parent=32174"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/categories?post=32174"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ductus.global\/sv\/wp-json\/wp\/v2\/tags?post=32174"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}