In an ideal world, when provisioning access to apps through your identity provider (IdP), users would always access apps via group membership, rather than having apps assigned to them directly.
Circumventing groups can make your access governance more complex, lead to wasted spending on unneeded SaaS licenses and, most importantly, increase the risk of damage in the event of a hacked or compromised employee.
But actually following this best practice in a high-pressure workplace is easier said than done. In this demo, we'll show you a simple query in Veza that can isolate every direct app assignment in your IdP.
To see more of Veza in action, schedule a demo today.
The Veza Voice - February issue
This month’s newsletter includes: Enhanced Insights experience Path Summaries for Google Cloud Tips…
Security’s Next Frontier - Modernizing Data Security through Authorization for a Cloud-First Future
But traditional infrastructure-centric security solutions do not adequately secure multi-cloud…