Cloud-Based IAM is Bigger, Better, Stronger than On-Prem IAM

That is the position is set out to convince people of with my talk ‘IDaaS: The Now Big Thing‘ at this years Cloud Identity Summit. Even with the words ‘Cloud’ and ‘Identity’ in the name of the conference, and even with a fairly friendly crowd, I knew that this would be a somewhat daunting challenge.

CIS Wrapup: What Does Enabling ‘Next’ Entail?

Another Cloud Identity Summit is in the books, and it confirmed its status as one of the premier conferences for all things identity management. Andre and the Ping Identity team did a great job as always, and Napa was a great location (though connectivity did become an issue). Most importantly, Mark and Pam did a

Looks Like The Internet Finally Got An Identity Layer

As this Joy of Tech cartoon demonstrates, PRISM seems to have solved that problem for us. All that’s left to do is slap a RESTful Web Service on that data source. Should it be SAML or SCIM? This is pretty much the epitome of “It’s funny because it’s true”. The way that “metadata” can be

The Conundrum of 2FA meets the Enigma that is PAM

“It’s a mystery. Broken into a jigsaw puzzle. Wrapped in a conundrum. Hidden in a Chinese box. A riddle.” – The Riddler, The Long Halloween Yesterday’s hack of the AP’s Twitter account was big. Not only did the impact it had on the stock market prove Ranjeet’s thesis that Twitter is now a SOX (Sarbanes-Oxley)

The Dilemma of the OAuth Token Collector

‘Tis the season to be hacked, I guess. Twitter joined a bunch of other companies in revealing that it was the target of a sophisticated attack that may have exposed the information for about 250,000 users. While the data that was allegedly exposed, including encrypted/salted versions of passwords, was not as bad as in some

Why 2013 will be ‘The Year of the SCUID’

I’m just now coming back to earth from the high I’ve been on since I came back from Vegas on Wednesday. And no, it has nothing to do with the usual things you’d associate with Sin City. I was in Vegas for our company’s bi-annual all-hands meeting. We’ve grown tremendously since I started at Identropy

The IDaaS Powered World

Last week I was in Colorado for the Defrag and Blur conferences. Defrag bills itself as ‘the premiere thought leader discussions about “what’s coming next” in technology’. And it certainly lived up to the billing, as I attended some great talks from folks like Paul Kedrosky, Jeff Ma, Ray Wang, Jay Simons and Jeff Lawson.

What Happens When Telco’s Declare SMS ‘Unsafe’?

If you’ve been following Authentication related discussions, you know that a lot of the tactical focus is on adding additional authentication factors to the base username/password login mechanism as a way of making it more secure. This is particularly true in consumer facing applications, as brought into stark contrast by the Mat Honan hack episode.

It’s All About the Conversation (At the Back of the Classroom)

Another year, and another Catalyst conference had come and gone. This one was very different. For one, the structure of the conference is very different from years past, focusing on thematic areas rather than topics of research. As such, there was no focused identity track, but rather a sprinkling of identity management topics throughout the