As I posted on Friday, I decided it was time to close the chapter on my career at Thoracle (by the way, the positive wishes in response from all of you has been quite gratifying). But it wasn’t without knowing what the next chapter was going to bring. It’s going to be a busy July
Today is my last day at Oracle, ending an era of my life that began over 10 years ago at Thor Technologies. Back then, I had no idea about the scope of the journey I was embarking on. I had no idea I was entering a space that was going to become so hot and
Mike Neuenschwander has dubbed July as Identity Conference Month. And he should know, given that so many of his signature moments were on stage at the Catalyst conference that will be returning at the end of this month (July 26-29 in San Diego). Catalyst is always the most thought-provoking identity event of the year, but
In my last post, I mentioned that the FFIEC was preparing an update to their 2005 guidance on internet banking authentication. Well, that update is out, and Anil John couldn’t wait to let me know about it (:)). The update, entitled ‘Supplement to Authentication in an Internet Banking Environment‘ recognizes both the growth in online
A couple of weeks ago, I tweeted about what I called a must-read article by Brian Krebs. Fellow identirati Anil John lamented yesterday that we hadn’t discussed this more in the community, and on second glance I can see why. The article covers a court case where the magistrate was basically asked to decide what
Insider threats are back in the news in a big way. Bank of America revealed that an employee allegedly leaked a lot of accountholder information to a ring of criminals, which led to account hijacking and check fraud. And the goal of the RSA breach seemed to be emerging rather scarily with news of what
As I pointed out in my answer to Ema’s question about the recent Gartner IAM Summit in London, the overwhelming theme of the conference was Identity & Access Intelligence. The main driver for this shift in focus being discussed at the conference was around the core idea of driving down costs in identity management projects,
May is going to be a busy month. I already mentioned I’ll be at the Internet Identity Workshop next week (if only for the first day and a half), where I fully expect to dive into discussions regarding SCIM and OAuth in the Enterprise (picking up from where we left off at the last IIW).
This should be interesting! By all accounts, one of the main reasons that SPML never achieved traction was that application vendors were not involved in developing or deploying the standard. The effort to standardize provisioning of accounts was driven largely by the provisioning engine vendors. The result was an unwieldy standard that nobody could figure
Last week, I gave a well-received talk to a group of CxO and high-level IT managers on a new way to think about security built around entitlements. The premise of the talk was that with the de-perimiterization of the enterprise, the modern enterprise has already become entitlement-based; we in the security industry just haven’t caught