Analyst Chat #263: Third-Party Access - Securing the Weakest Link in Your Identity Strategy
Analyst Chat
KuppingerCole Analysts · Warwick Ashford, Matthias Reinwarth
Audio is streamed directly from the publisher (media.kuppingercole.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
In this episode of the KuppingerCole Analyst Chat, Warwick Ashford joins Matthias Reinwarth to explore a hidden but growing risk: third-party access to your systems.
Third-party contractors, suppliers, and partners often have access to internal systems — but lack the same governance, oversight, and security controls as employees. This episode explores why Third-Party Access Governance (TPAG) is now a strategic security priority, not just a technical integration.
What we cover:
✅Why third-party identities now outnumber employees in many orgs
✅The governance gap: no HR triggers, lifecycle oversight, or certifications
✅How traditional IAM systems fail to manage external access
✅The role of the Identity & Security Fabric in enabling TPAG
✅Regulatory drivers (DORA, NIS2, CMMC) making this a board-level issue
✅Core capabilities of modern TPAG solutions
✅Practical first steps for building a third-party access governance strategy