{"id":49978,"date":"2026-05-19T12:54:51","date_gmt":"2026-05-19T11:54:51","guid":{"rendered":"https:\/\/www.firstware.com\/?p=49978"},"modified":"2026-05-21T09:05:52","modified_gmt":"2026-05-21T08:05:52","slug":"traditional-permission-limits","status":"publish","type":"post","link":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/","title":{"rendered":"Why traditional permission models are reaching their governance limits"},"content":{"rendered":"<p>Traditional permission models were developed for manageable, static IT environments. However, in Microsoft 365, Entra ID, and hybrid Active Directory environments, traditional user and access management is no longer sufficient to keep access consistently controllable over time.<\/p>\n<p>The growing distribution of identities, groups, and applications across cloud and on-premises systems causes governance models to reach their limits. <a href=\"https:\/\/www.firstware.com\/en\/authorization\/access-management\/\">Permissions<\/a> are created simultaneously in multiple locations, maintained differently, and lose consistency throughout their lifecycle.<\/p>\n<p>This article outlines the key structural challenges of traditional permission models and explains why consolidated approaches are becoming increasingly important in hybrid environments.<\/p>\n<p><a href=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1.png\" data-rel=\"lightbox-image-0\" data-rl_title=\"\" data-rl_caption=\"\"><img decoding=\"async\" class=\"aligncenter wp-image-49995\" title=\"\" src=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1.png\" alt=\"Why traditional permission models are reaching their governance limits\" width=\"806\" height=\"443\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1.png 3300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1-300x165.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1-1024x563.png 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1-768x422.png 768w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1-1536x844.png 1536w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1-2048x1125.png 2048w\" sizes=\"(max-width: 806px) 100vw, 806px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Index<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#Governance-Gaps-Between-Cloud-Hybrid-and-Legacy-Systems\" >Governance Gaps Between Cloud, Hybrid, and Legacy Systems<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#Risk-1-External-Identities-as-a-Governance-Risk\" >Risk 1: External Identities as a Governance Risk<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#Risk-2-Historically-Grown-Groups-and-Lack-of-Transparency\" >Risk 2: Historically Grown Groups and Lack of Transparency<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#Risk-3-Temporary-Permissions-Without-Lifecycle-Control\" >Risk 3: Temporary Permissions Without Lifecycle Control<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#Risk-4-The-Disconnect-Between-HR-and-IT-in-the-Identity-Lifecycle\" >Risk 4: The Disconnect Between HR and IT in the Identity Lifecycle<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#Risk-5-Lack-of-Audit-Proof-Traceability\" >Risk 5: Lack of Audit-Proof Traceability<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#Consolidated-Governance-with-IDM-Portal\" >Consolidated Governance with IDM-Portal<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#Conclusion\" >Conclusion<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#Learn-More-About-FirstWare-IDM-Portal\" >Learn More About FirstWare IDM-Portal<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Governance-Gaps-Between-Cloud-Hybrid-and-Legacy-Systems\"><\/span>Governance Gaps Between Cloud, Hybrid, and Legacy Systems<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Access control describes the management, monitoring, and traceability of identities, groups, roles, and permissions throughout their entire lifecycle. In modern environments, however, this control is distributed across multiple systems.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/\">Microsoft 365<\/a> uses Entra ID for authentication and authorization, while Azure RBAC manages access to resources. At the same time, Active Directory remains the foundation for local applications, file shares, and legacy systems.<\/p>\n<p>This parallel structure means governance no longer takes place at a single central point but must instead be implemented across multiple platforms. As a result, inconsistencies emerge that are difficult to control in day-to-day operations.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Risk-1-External-Identities-as-a-Governance-Risk\"><\/span>Risk 1: External Identities as a Governance Risk<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>A central aspect of modern governance in traditional permission models is the handling of external users. In Microsoft Teams, SharePoint, and Microsoft 365, guests are quickly integrated into projects and granted access to communication and data.<\/p>\n<p>The management of these external identities is handled through Microsoft Entra External ID and defined collaboration policies. These policies determine which partners are allowed and what access rights they receive.<\/p>\n<p>In practice, however, external accounts often remain active longer than intended. Group memberships are rarely reviewed, and access frequently remains after a project has ended.<\/p>\n<p>Effective governance and lifecycle control therefore require regular access reviews and clearly defined ownership responsibilities for external identities. Only then can organizations ensure that access remains time-limited and controlled.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Risk-2-Historically-Grown-Groups-and-Lack-of-Transparency\"><\/span>Risk 2: Historically Grown Groups and Lack of Transparency<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Groups are the central foundation of access control in Microsoft 365 and Active Directory. <strong>In hybrid environments, however, parallel group structures often emerge<\/strong>: local AD groups for traditional systems and Microsoft 365 groups for cloud collaboration.<\/p>\n<p>Without <strong>centralized governance<\/strong>, these structures evolve independently from one another. This leads to multiple groups controlling the same access to resources or additional direct permissions being assigned.<\/p>\n<p>Governance of traditional permission models therefore depends on transparency and clearly defined structures. Every group should have a defined purpose, an assigned owner, and be reviewed regularly. Access reviews and audit logs support this control but cannot replace a consistent group strategy.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Risk-3-Temporary-Permissions-Without-Lifecycle-Control\"><\/span>Risk 3: Temporary Permissions Without Lifecycle Control<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Project work, migrations, or incident response scenarios often require temporary access rights. In Azure or AWS, roles and permissions can technically be assigned with time limitations.<\/p>\n<p>In reality, however, these mechanisms are not always consistently used. As a result, <strong>permissions remain active beyond their original purpose. Governance of traditional permission models therefore requires a clearly defined lifecycle<\/strong> for every permission. Every role or group membership should have a start date, an end date, and an assigned owner. In addition, regular access reviews provide further control over exceptions.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Risk-4-The-Disconnect-Between-HR-and-IT-in-the-Identity-Lifecycle\"><\/span>Risk 4: The Disconnect Between HR and IT in the Identity Lifecycle<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><strong>Another major challenge in modern identity and access governance is the missing integration between HR systems and IT infrastructure<\/strong>. HR defines employee data such as organizational unit, role, and cost center, while IT systems use this information to manage permissions.<\/p>\n<p>Without automated synchronization, inconsistent data states arise between HR, Active Directory, and Entra ID. Changes such as department transfers or employee departures are not fully reflected in the permission structure.<\/p>\n<p>This leads to users retaining access to resources they no longer require from an organizational perspective. A consistent identity lifecycle therefore requires a seamless connection between HR and IT, where changes are automatically propagated to all relevant systems.<\/p>\n<p>\ud83d\udccdLearn from a real-world public sector example how to seamlessly connect HR and IT processes to significantly improve onboarding, data quality, and access governance: <a href=\"https:\/\/www.firstware.com\/en\/blog\/connect-hr-system-and-iam-public-sector\/\"><strong><em>Connecting HR Systems and IAM: Public Sector Use Case<\/em><\/strong><\/a><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Risk-5-Lack-of-Audit-Proof-Traceability\"><\/span>Risk 5: Lack of Audit-Proof Traceability<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Governance of traditional permission models does not end with assigning permissions but also includes their <strong>complete traceability<\/strong>. Every change must be documented, attributable, and auditable.<\/p>\n<p>Microsoft Entra Audit Logs and Microsoft Purview provide a technical foundation for this. Nevertheless, <strong>gaps often arise in practice when logging is incomplete or processes are not consistently integrated<\/strong>. In the event of a security incident or audit, it then becomes difficult to determine who made a change and on what basis it was approved.<\/p>\n<p style=\"text-align: left;\"><strong>Audit-proof governance<\/strong> therefore requires three key elements:<\/p>\n<ul>\n<li style=\"text-align: left;\"><strong>consistent logging,<\/strong><\/li>\n<li style=\"text-align: left;\"><strong>clear process integration<\/strong>, and<\/li>\n<li style=\"text-align: left;\">a <strong>centralized view of all identity and permission changes<\/strong>.<\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"Consolidated-Governance-with-IDM-Portal\"><\/span>Consolidated Governance with IDM-Portal<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The IDM-Portal consolidates identity and group data from directories, HR systems, and cloud applications into a centralized governance layer. This creates a unified view of all identities and permissions across system boundaries.<\/p>\n<p><img decoding=\"async\" class=\"img-shadow alignnone wp-image-49998 size-full\" title=\"Complete Identity Overview with IDM-Portal\" src=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Complete-Identity-Overview-with-IDM-Portal.png\" alt=\"Complete Identity Overview with IDM-Portal\" width=\"1920\" height=\"989\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Complete-Identity-Overview-with-IDM-Portal.png 1920w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Complete-Identity-Overview-with-IDM-Portal-300x155.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Complete-Identity-Overview-with-IDM-Portal-1024x527.png 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Complete-Identity-Overview-with-IDM-Portal-768x396.png 768w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Complete-Identity-Overview-with-IDM-Portal-1536x791.png 1536w\" sizes=\"(max-width: 1920px) 100vw, 1920px\" \/><\/p>\n<p><a href=\"https:\/\/www.firstware.com\/en\/compliance\/\">Identity Governance<\/a> is therefore no longer implemented separately across individual tools but orchestrated centrally. Lifecycle processes such as onboarding, offboarding, and changes are automated and synchronized back to connected systems.<\/p>\n<p>Access reviews and approval workflows follow a unified access governance model. Every identity and every group has a clearly defined owner and lifecycle policy. <img decoding=\"async\" class=\"img-shadow alignnone wp-image-50000 size-full\" title=\"Time-Controlled and Approved Permissions\" src=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Time-Controlled-and-Approved-Permissions.png\" alt=\"Time-Controlled and Approved Permissions\" width=\"1920\" height=\"989\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Time-Controlled-and-Approved-Permissions.png 1920w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Time-Controlled-and-Approved-Permissions-300x155.png 300w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Time-Controlled-and-Approved-Permissions-1024x527.png 1024w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Time-Controlled-and-Approved-Permissions-768x396.png 768w, https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Time-Controlled-and-Approved-Permissions-1536x791.png 1536w\" sizes=\"(max-width: 1920px) 100vw, 1920px\" \/><\/p>\n<p>The result is end-to-end access governance across all systems: less manual administration, fewer shadow structures, and significantly greater control over the entire identity lifecycle.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span>Conclusion<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Governance of traditional permission models in hybrid IT environments is not purely a technical issue but a combination of processes, data quality, and system integration. The greatest challenges arise where identities, groups, and permissions are distributed across multiple systems without centralized governance.<\/p>\n<p>A consolidated approach reduces this complexity and enables governance throughout the entire lifecycle. This makes access traceable, consistent, and controllable \u2014 regardless of cloud, directory, or application environments.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Learn-More-About-FirstWare-IDM-Portal\"><\/span>Learn More About FirstWare IDM-Portal<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><img decoding=\"async\" class=\"alignleft wp-image-36704\" title=\"IDM-Portal Hybrid IAM Solution\" src=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2021\/08\/IDM-Portal-Hybrid-IAM-Loesung-1.png\" alt=\"IDM-Portal Hybrid IAM Solution\" width=\"238\" height=\"199\" srcset=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2021\/08\/IDM-Portal-Hybrid-IAM-Loesung-1.png 453w, https:\/\/www.firstware.com\/wp-content\/uploads\/2021\/08\/IDM-Portal-Hybrid-IAM-Loesung-1-300x250.png 300w\" sizes=\"(max-width: 238px) 100vw, 238px\" \/>The<a href=\"https:\/\/firstware.com\/\"> FirstWare IDM-Portal<\/a> by FirstAttribute is an integrated Identity and Access Management (IAM) solution that enables the automated management of users and permissions, whether on-premises or in the cloud.<\/p>\n<p>This portal integrates all aspects of Identity and Access Management and provides centralized access to identity and directory services.<\/p>\n<p><a href=\"https:\/\/www.firstware.com\/en\/contact\/\" target=\"_blank\" rel=\"noopener\"><button class=\"ButtonBeratung2 aligncenter\">Contact Us<\/button><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Traditional permission models were developed for manageable, static IT environments. However, in Microsoft 365, Entra ID, and hybrid Active Directory [&hellip;]<\/p>\n","protected":false},"author":18,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1835],"tags":[2061],"class_list":["post-49978","post","type-post","status-publish","format-standard","hentry","category-authorization-management-en","tag-identity-governance"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Why traditional permission models are reaching their governance limits<\/title>\n<meta name=\"description\" content=\"Traditional authorisation models lack governance, transparency and control in hybrid IT environments.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why traditional permission models are reaching their governance limits\" \/>\n<meta property=\"og:description\" content=\"Traditional authorisation models lack governance, transparency and control in hybrid IT environments.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/\" \/>\n<meta property=\"og:site_name\" content=\"FirstWare IDM-Portal\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"3300\" \/>\n\t<meta property=\"og:image:height\" content=\"1813\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Elysabeth Yven\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Elysabeth Yven\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/\"},\"author\":{\"name\":\"Elysabeth Yven\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/person\\\/1218d4546997de615b845bce65db7493\"},\"headline\":\"Why traditional permission models are reaching their governance limits\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/\"},\"wordCount\":1036,\"publisher\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/Governance-1.png\",\"keywords\":[\"Identity Governance\"],\"articleSection\":[\"Authorization Management\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/\",\"name\":\"Why traditional permission models are reaching their governance limits\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/Governance-1.png\",\"description\":\"Traditional authorisation models lack governance, transparency and control in hybrid IT environments.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/Governance-1.png\",\"contentUrl\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/Governance-1.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/traditional-permission-limits\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why traditional permission models are reaching their governance limits\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\",\"name\":\"FirstWare IDM-Portal\",\"description\":\"Identity and Autorization Management in M365 and Active Directory\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#organization\",\"name\":\"FirstWare IDM-Portal\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/IDM-Portal.ico\",\"contentUrl\":\"https:\\\/\\\/www.firstware.com\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/IDM-Portal.ico\",\"width\":1,\"height\":1,\"caption\":\"FirstWare IDM-Portal\"},\"image\":{\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/#\\\/schema\\\/person\\\/1218d4546997de615b845bce65db7493\",\"name\":\"Elysabeth Yven\",\"url\":\"https:\\\/\\\/www.firstware.com\\\/en\\\/blog\\\/author\\\/elysabeth-yven\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why traditional permission models are reaching their governance limits","description":"Traditional authorisation models lack governance, transparency and control in hybrid IT environments.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/","og_locale":"en_US","og_type":"article","og_title":"Why traditional permission models are reaching their governance limits","og_description":"Traditional authorisation models lack governance, transparency and control in hybrid IT environments.","og_url":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/","og_site_name":"FirstWare IDM-Portal","og_image":[{"width":3300,"height":1813,"url":"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1.png","type":"image\/png"}],"author":"Elysabeth Yven","twitter_misc":{"Written by":"Elysabeth Yven","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#article","isPartOf":{"@id":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/"},"author":{"name":"Elysabeth Yven","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/person\/1218d4546997de615b845bce65db7493"},"headline":"Why traditional permission models are reaching their governance limits","mainEntityOfPage":{"@id":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/"},"wordCount":1036,"publisher":{"@id":"https:\/\/www.firstware.com\/en\/#organization"},"image":{"@id":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#primaryimage"},"thumbnailUrl":"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1.png","keywords":["Identity Governance"],"articleSection":["Authorization Management"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/","url":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/","name":"Why traditional permission models are reaching their governance limits","isPartOf":{"@id":"https:\/\/www.firstware.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#primaryimage"},"image":{"@id":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#primaryimage"},"thumbnailUrl":"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1.png","description":"Traditional authorisation models lack governance, transparency and control in hybrid IT environments.","breadcrumb":{"@id":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#primaryimage","url":"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1.png","contentUrl":"https:\/\/www.firstware.com\/wp-content\/uploads\/2026\/05\/Governance-1.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.firstware.com\/en\/blog\/traditional-permission-limits\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.firstware.com\/en\/"},{"@type":"ListItem","position":2,"name":"Why traditional permission models are reaching their governance limits"}]},{"@type":"WebSite","@id":"https:\/\/www.firstware.com\/en\/#website","url":"https:\/\/www.firstware.com\/en\/","name":"FirstWare IDM-Portal","description":"Identity and Autorization Management in M365 and Active Directory","publisher":{"@id":"https:\/\/www.firstware.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.firstware.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.firstware.com\/en\/#organization","name":"FirstWare IDM-Portal","url":"https:\/\/www.firstware.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.firstware.com\/wp-content\/uploads\/2019\/06\/IDM-Portal.ico","contentUrl":"https:\/\/www.firstware.com\/wp-content\/uploads\/2019\/06\/IDM-Portal.ico","width":1,"height":1,"caption":"FirstWare IDM-Portal"},"image":{"@id":"https:\/\/www.firstware.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.firstware.com\/en\/#\/schema\/person\/1218d4546997de615b845bce65db7493","name":"Elysabeth Yven","url":"https:\/\/www.firstware.com\/en\/blog\/author\/elysabeth-yven\/"}]}},"_links":{"self":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts\/49978","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/users\/18"}],"replies":[{"embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/comments?post=49978"}],"version-history":[{"count":3,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts\/49978\/revisions"}],"predecessor-version":[{"id":50002,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/posts\/49978\/revisions\/50002"}],"wp:attachment":[{"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/media?parent=49978"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/categories?post=49978"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.firstware.com\/en\/wp-json\/wp\/v2\/tags?post=49978"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}