Below you can find a version of the talk that I just gave at the European Identity Conference and at Identiverse talking about what I consider to be the missing element in Identity Management. Seems the curse that the A/V gods put on me at last years Cloud Identity Summit survived the conference rebranding, as
The last few years have seen an uptick in efforts to use biometrics more widely in authentication, most notably driven by the consumerization effect of Apple introducing Touch ID and Face ID. But this could be the (strong) nudge that was needed to push it over the edge. Mastercard just announced that all issuers of
So I waited patiently for the folks at the Cloud Identity Summit to publish on their Youtube channel the talk I gave earlier this year on Invisible Identity. But it never came. Turns out that a few session recordings got messed up, and unfortunately mine was among them. I sense Paul Madsen’s hand in this.
In part 1 of my blog post expanding on my Cloud Identity Summit talk on Invisible Identity, I proposed ‘The 4 Core Principles of Invisible Identity‘ that ensure that security and usability stay in a symbiotic partnership for an organization. I believe that adopting the concept of Invisible Identity will be vital to securing people
Almost 4 years ago I wrote a post titled ‘The Epic Hacking of Mat Honan and Our Identity Challenge‘. In it I examined how hackers exploited the ways in which our online accounts are daisy chained together through poor password recovery and KBA based systems to systematically take over Mat Honan’s digital life. 4 years
The Cloud Identity Summit is underway here in New Orleans, and it’s off to a great start. The organizers have done a wonderful job again, and with so much great content, the hardest thing is choosing which of the many interesting talks to go to. My talk is already done (it’s oddly liberating to not
If you’ve followed my last few blog posts, you may have noticed the topic of usability in security pop up quite a bit. I’ve said in the past that usability issues in security should be considered vulnerabilities, because they create attack vectors in the form of user errors, exploits and workarounds. The idea was captured