Last week, I gave a well-received talk to a group of CxO and high-level IT managers on a new way to think about security built around entitlements. The premise of the talk was that with the de-perimiterization of the enterprise, the modern enterprise has already become entitlement-based; we in the security industry just haven’t caught up with this yet. And unless our tools catch up with this change, we are going to keep burdening our customers with costly integration and compliance burdens. Entitlements is a common language that can help change the way identity is used as the foundation for defining holistic security policies and managing risk in the enterprise.
The deck I presented (with audio) is below. Check it out and leave me your comments.