While studying for the SC-100 exam, a concept really resonated with me: the definition of identity and its purpose in security.
I think for some folks (myself included), it's been all too easy to think of "identity" as a singular credential; a unique data element. Like an ID card. While understandable, I think that mindset overlooks some of the broader (and relevant) applications.
Microsoft's study material covers some great examples of data elements and attributes that can be used to identify a subject:
- Operating system platform and version
- Network attributes (e.g. location, ip address, and ports)
- Source infrastructure (e.g. SaaS application, cloud environment, etc)
Makes sense, right? It's a simple (but powerful) idea because once we start to broaden the definition, the role of identity takes on more significance. Which leads me to one of the great points expressed in the study book:
Using identity as the primary security perimeter provides seamless user experiences, unified management, simplified identity governance, lowers the exposure of privileged accounts, and provides better correlation of information across all the infrastructure.
(Source: Microsoft Cybersecurity Architect Exam Ref SC-100)
Hmm. Food for thought. :-)