In this new world of hybrid work where users, data, and applications are everywhere, there has been an increased reliance on web-based applications and for good reason. Web apps allow greater accessibility, flexibility, and scalability of resources for users requiring access from anywhere. While web applications are great, IT teams oftentimes encounter onboarding issues, specifically around discovering unidentified domains, and easily defining new policies for those discovered resources.

“Why is Exchange so slow? I’ve checked everything in the O365 administration portal. The MTAs, the DB and the service are green. It must be networking! Can you check the network? I am sending the ticket to you!” The company I worked at previously was an early customer of the Exchange O365. And the company ran on email. Every message, file, PowerPoint and design document was sent via email. If email was not working, the company ground to a halt.

Multi-factor authentication (MFA) is an authentication method that requires at least two forms of verification of the user’s identity to gain access to an account, application, or data set. Instead of needing just a username and password to log in, MFA adds additional layers of security by requiring users to verify their identity. Each additional verification method can prevent unauthorized access from cybercriminals or hackers from executing a successful cyber attack.

If your organization is having trouble creating policies, I hope that this blog post will help you set a clear path. We’ll discuss setting up your organization up for success by ensuring that you do not treat your policies as a “do once and forget” project. Many organizations I have worked with have done that, but later realized good policy lifecycle is required, and a pillar of good governance.

Policies have a vital role in every organization, but can mean a lot of different things depending on the context. For our purposes, a policy refers to the principles or ideas that an organization uses to make decisions. In this post, we’ll discuss Open Policy Agent (OPA) and its rule language, Rego, highlighting how we can use them to write a simple policy for a payroll microservice.

You’re reading the handwriting on the wall. Your company expanded its cloud infrastructure over the last few years, adding more and more Software-as-a-Service (SaaS) applications to its stack in response to remote work. Like 86% of other companies, you expect that this will continue at the same or an accelerated pace. In response to these IT changes, new laws and industry standards expect you to move toward a zero trust architecture.