Category: The Cloud Identity Series

#FAIL No More: The Rise of the Self Defending Enterprise

I love hashtags, because I love twitter. So it was inevitable that hashtags would become a major part of one of my talks at some point. And as I get ready for another round at Defrag (one of the highlights of my year every year), I realized I never posted about the talk I gave

2FA in Password Managers: Fair or Faux

It all started with a tweet I sent regarding the position on passwords and password managers that a member of Microsoft Research was taking in an NPR article (I’ll expand on my viewpoint in a later blog post). But one of the resulting responses I received sent me down a very interesting rabbit hole. Faux 2FA? Of course I

The SCUID has a new home. At CA Technologies

Identity is the key to a secure, agile, cloud-based world. Which means that managing and using identities has to be easy, seamless, inherent, cost-effective. Enabling that was the mission when I joined Identropy to build what would become SCUID. We believed that the future of identity management lay in the cloud, and required a fundamental rethink of the business

O SCIM, Where Art Thou?

This is a rant. Connectors, more specifically provisioning connectors, have always been the bane of my career, and I’m sure I’m not alone in feeling this way. It really is what drives a lot of us in the identity management game to drink. I know it’s what gives Frank V nightmares. Because each connector is

It’s about Provisioning, not provisioning

In 2010, I gave a (in retrospect somewhat optimistic) talk at the Catalyst conference in which I described a pull-based architecture for account provisioning. SAML was a central part of that architecture, especially in supporting Just-In-Time  (JIT) Provisioning, which I was sure was going to be important to the evolution of enterprise cloud applications. In 2011,

Cloud-Based IAM is Bigger, Better, Stronger than On-Prem IAM

That is the position is set out to convince people of with my talk ‘IDaaS: The Now Big Thing‘ at this years Cloud Identity Summit. Even with the words ‘Cloud’ and ‘Identity’ in the name of the conference, and even with a fairly friendly crowd, I knew that this would be a somewhat daunting challenge.

CIS Wrapup: What Does Enabling ‘Next’ Entail?

Another Cloud Identity Summit is in the books, and it confirmed its status as one of the premier conferences for all things identity management. Andre and the Ping Identity team did a great job as always, and Napa was a great location (though connectivity did become an issue). Most importantly, Mark and Pam did a

The Conundrum of 2FA meets the Enigma that is PAM

“It’s a mystery. Broken into a jigsaw puzzle. Wrapped in a conundrum. Hidden in a Chinese box. A riddle.” – The Riddler, The Long Halloween Yesterday’s hack of the AP’s Twitter account was big. Not only did the impact it had on the stock market prove Ranjeet’s thesis that Twitter is now a SOX (Sarbanes-Oxley)

The IDaaS Powered World

Last week I was in Colorado for the Defrag and Blur conferences. Defrag bills itself as ‘the premiere thought leader discussions about “what’s coming next” in technology’. And it certainly lived up to the billing, as I attended some great talks from folks like Paul Kedrosky, Jeff Ma, Ray Wang, Jay Simons and Jeff Lawson.

The Epic Hacking of Mat Honan and Our Identity Challenge

Wired has the kind of article that will make all of us leading highly digitized lives (is that the right term?) wake up in a cold sweat. While the title – How Apple and Amazon Security Flaws Led to My Epic Hacking – may strike many as sensationalist, the article does a good job of