If you’ve implemented zero trust identity and access management, what tools have been most effective at enforcing strict access controls?

Identity & Access Management (IAM)Zero Trust

3.8k views1 Upvote3 Comments

Sort by:

Director of Operations2 months ago

We use OKTA, Cyberark and Azure PIM stacked to require multiple validations and confirmations before anyone can get into our cloud stack with elevated permissions.

Chief Information Security Officer in Finance (non-banking)8 months ago

We’ve implemented One Identity’s Privileged Access Management (PAM) and Identity and Access Management (IAM) solutions to support our Zero Trust strategy. These tools help us strictly manage and monitor privileged accounts, enforce just-in-time access, and consistently align user permissions with business roles.

By centralizing controls and routinely auditing privileged sessions, we’ve been able to significantly reduce the risk of unauthorized access. Additionally, the automation features have streamlined access reviews and policy enforcement, saving our team time while maintaining a strong security posture.

If you have any more questions or would like details on specific configurations, I’m happy to continue the discussion.

CISO in IT Services9 months ago

Microsoft Entra ID specifically with conditional access and privileged identity management (PIM).

Content you might like

How do you monitor and restrict the types of visitor behavior information and PII 3rd-parties can discern, record, or extract via scripts and applications on your website?

We don't use any 3rd-party scripts16%

We can't monitor or restrict 3rd-party script behavior on our website31%

We trust vendors based on initial reviews22%

We test scripts periodically18%

We use Web Privacy Management, WebAppSec, or PriSec Software8%

We outsource website privacy and app security monitoring services2%

Other (please describe)

View Results

How do you measure the effectiveness of your zero-trust model? What metrics/indicators have been most useful?

Have you implemented micro segmentation for your orgs networks?

Yes, all networks31%

Yes, but not all51%

No12%

Not yet, but we’re considering it4%

View Results

What are the toughest cultural or operational challenges that come with implementing a zero-trust policy, in your experience? How did you tackle those issues when they came up?