When you think about access control in security, you face two main questions. First, who are you? Second, what are you allowed to do? Many organizations focus on verifying identity, but controlling what users can access often proves more challenging. Recent surveys show that more than 80% of organizations have users with excessive permissions, which inc…