Selecting and implementing authentication and authorization mechanisms
Thankfully, we have actually covered some of the aspects of this topic previously. Just as a refresher, I think we should touch on authentication versus authorization before moving on to how we might select and implement the various IAM solutions to ensure we keep unauthorized users from gaining access to resources they shouldn't, and ensuring that the authorized users are able to access what they need to get on with their miserable lives.
Authentication versus authorization
Authorization is focused on what that user is allowed to do (or authorized to do) when they are authenticated.
A user can be authenticated, and due to their role as a data analyst have authorization to access the records they...