Learn about identity and access tools.
- [Instructor] So, what's important about identity management and identity management tools is that we focus on who's who and what they do within the organization. This is about managing entities that are leveraging our cloud based systems. This could be devices. This could be a network. This could be systems. This could be a person and typically is going to be a person. So, the ability to leverage a directory system that's able to keep track of all these various moving parts and figure out what their access rights should be to each and every one of the systems that they're communicating with, governing those systems, this absolutely has to be a part of any kind of governance environment.
So, identity and access management is really a directory service that can be programmed to limit access. So, I'm able to look at the identities of people who are accessing the various resources and the various services, and based on the roles that they have, I'm able to limit access based on governance policies I'm able to write. And if I don't know who they are, if I'm unable to identify those folks and give everybody equal access or equal limitations to the various resources they're accessing, then I'm not going to be able to govern the system properly.
So, back to our familiar stack. We have identity and access tools, and of course, they deal with abstraction. They have the ability to abstract us away from the complexity of the various cloud systems that we're looking to leverage. And core to this is a directory system. It can be active directory. It can be some sort of a standards based system that exists within enterprises, things that are viable to allows us to track various folks that exist within the company, the organization, group, either a logical group or a physical group, any way we want to track those individuals as devices, those entities.
And within these identities, we're able to separate them into different kinds of patterns. And the patterns that I most see are devices. In other words, my iPhone is an entity and it's on a network and guess what, it has an identity. I'm the primary user, but I can have subsequent users. And based on my identity and my role and responsibility, I can access certain things via my device within the enterprise, and other things I shouldn't be allowed to access, services such as web APIs, which is much more fine grain, the ability to allow or disallow access to services or allow to services in certain conditions in certain ways, under certain policies, and then people, which is probably the most important because they change their behavior.
They're not programmed. Ultimately, where they have responsibility, where they have access rights, what resources they should be able to get to, and what services they should be able to get to. And it's limitless. We have identity and access management systems that track drones and fly around farms. We have identity and access management systems that track trucks that drive all over the country. And with this kind of technology, we're able to keep track of and govern not only the services and the resources that we're trying to protect with our governance tools but we're able to, in essence, configure this to meet the exact needs of the governance requirements.
- Cloud governance basics
- Cloud resource governance
- How cloud security and governance are linked
- Defining governance policies
- Cloud management platform basics
- Reviewing service governance tools
- Cloud governance costs
- Understanding your requirements
- Finding the right tools
- Testing cloud governance
- How operations deals with governance