Identity Management Is A People Problem (But It Shouldn’t Be!)

Another Cloud Identity Summit has come and gone, and even though it only happens once a year, the effect of being at “the top event on the identity calendar” (as Stephen Wilson puts it) always lingers. You leave trying to process all the great content and ideas you got exposed to, thinking about the wonderful conversations you had, and re-energized from hanging out with so many smart and talented individuals. And Brian.

The workshops and sessions always serve as a good indicator of where the community will be focused in the coming year. And based on this years CIS:

  • The move from Authentication to Recognition is well on its way, with significant work being done on Continuous Authentication (the term that seems to have been coined for risk-based, multi-factor authentication based on implicit environmental or contextual factors throughout the life of a user session as opposed to explicit user challenges done during just the establishment of the session)
  • There is strong momentum behind the efforts of the FIDO Alliance (there were so many sessions related to FIDO, I wouldn’t have been surprised to hear someone refer to CIS as the FIDO Summit) in solving the authentication problem, and helping eliminate passwords
  • I look forward to an exciting season of “NSTIC meets World”, when the work being done in the various pilot NSTIC programs that were exhibited at the conference prepare to spread their wings. It will definitely be interesting times

Amid the sea of topics dominated by the authentication side of the house, and the lineup of one amazing speaker after the next (Ian Glazer‘s and Josh Alexander‘s talks were notable not just for their content, but also their bet on who had the most slides), I tried to hold my own while talking about good old identity management. I wanted to present a new way of thinking about the problem of managing identities in the enterprise, one that is built on bringing together some organic changes that are happening in the way people are working, collaborating and using technology. And I did my best to take a somewhat boring topic and spice it up. You can check out the talk below (posted from the Talking Identity channel on Vimeo).

In the past, I’ve sometimes recorded a clearer, more articulate voiceover for the web, and one was certainly warranted for this talk. But it just wouldn’t have been the same without the audience reaction, so I’ve kept the original audio. And I’ve added the twitter reaction to my talk below for your entertainment. Since the talk has a somewhat iconoclastic bent to it, I do hope to see it generate some discussion, so please chime in with your thoughts and feedback, either on Twitter or in the comments here. And I’ll use some future posts to flesh out some of the ideas from my talk in more detail. Just remember to avoid using the term “wearables” (for Paul‘s sake).

The Twitterverse Response to my CISmcc Talk