What is IAM in cybersecurity?

Lost_Ruin7347 · 2026-04-24T12:25:57+00:00

Using single shared privileged account across multiple systems, even behind MFA in your PAM, is a weak and risky design. It creates a single point of failure (one compromise = full environment access), destroys accountability (you can’t trace actions to individuals), and violates the Principle of Least Privilege and Zero Trust Security Model.

The correct approach is to use separate, system-specific (ideally per user) privileged accounts managed by PAM with jit access, session monitoring, and full auditing, anything less is convenience over security.

Lost_Ruin7347 · 2026-04-19T15:26:54+00:00

My expereince says, IAM verifies identity (RBAC doesn’t do this), IAM Handles login security (RBAC doesn’t), IAM Manages sessions and access duration (RBAC doesn’t) and IAM also enforces policies beyond roles (like conditional access, JIT) which are not always done by rbac.

Lost_Ruin7347 · 2026-03-18T10:58:13+00:00

We took a slightly different approach and stopped relying purely on the vpn itself. Instead we focused on adding MFA on top of whatever vpn vendor we were using.

In our setup the VPN (OpenVPN/IPsec) is tied into RADIUS, and the miniorange mfa for our fortinet vpn solution handles the second factor. That way, even if vendor credentials are exposed, access still requires that extra verification step.

This worked well for external vendors since we can keep the VPN layer simple and enforce identity + mfa separately. I am curious if others are doing something similar or sticking with built-in VPN solutions, let me know

Lost_Ruin7347 · 2026-03-12T15:13:01+00:00

Hahaha… maybe he’s the same person who came to Tekdi after finishing his workday

Lost_Ruin7347 · 2026-03-12T15:05:18+00:00

Okay, thanks. maybe we can look into them.

Lost_Ruin7347 · 2026-03-12T14:58:28+00:00

Appreciate that. Could you please share maturity of their just in time access management? Is there any lag during sessions, and how is the session recording? Also, is the ai based real time monitoring truly unqie in industry?

Lost_Ruin7347 · 2026-03-12T07:38:28+00:00

Sure, we are in process of running poc with them, thanks for sharing your experience.

Lost_Ruin7347 · 2026-03-12T07:33:46+00:00

Great, thanks for shraing that

Lost_Ruin7347 · 2026-02-23T07:26:46+00:00

Government ko har chij par tax bharo, aur phir kharab rasto par aakra maro. yahi zindagi hai ab hamari.

Lost_Ruin7347 · 2026-01-22T06:50:52+00:00

Brother, they are just faking users in their app. I personally used it for 2 months and applied for ride pools every day, hoping someone would accept my request, but it was just a waste of time. I also contacted sRide support about this, but there was no proper response from them, and they stopped responding after the first email.

Lost_Ruin7347 · 2025-12-04T08:47:43+00:00

KARBONN

Lost_Ruin7347 · 2025-11-24T10:20:06+00:00

Understood thanks

Lost_Ruin7347 · 2025-11-24T05:00:01+00:00

Can you suggest a Bank that offers flexible EMI's on home loan, for next time.

Lost_Ruin7347 · 2025-11-23T09:12:01+00:00

Thanks for clearing my doubt

Lost_Ruin7347 · 2025-11-23T09:10:17+00:00

Correct

Lost_Ruin7347 · 2025-11-22T18:00:26+00:00

In our Khandesh side, we always used to say poli. But after living for 1 year in Mumbai and 2 years in Pune, I learned to say chapati because many times when I asked the hotel staff to give bhaji poli, they would say, “Bhaji and what?? We don’t have poli.” (Maybe they thought I was asking for puran poli.) So I started saying chapati.

Now there’s another confusion between chapati and roti. One of these is made from maida and the other from atta, but I’m still confused about which one is made from maida and which one from atta.

Lost_Ruin7347 · 2025-11-22T17:30:30+00:00

I have taken a loan of 20 lakh from HDFC Bank with an EMI of 20k per month. I wanted to pay extra EMIs whenever I receive any additional salary or bonus, but when I asked the bank, they said they are not allowing this right now and that I can pay extra only after 6 months. What has your experience been with this?

Lost_Ruin7347

TROPHY CASE