Recent thoughts and media appearances

  • Putting the Four Components of Modern Identity to Work

    Back in July, I fessed up to my struggle to understand current marketing definitions and boundaries in the IAM world. As part of my journey to clarity I proposed four components found in modern IAM architectures: policy, orchestration, execution, and data. I went on to then suggest, for good or evil, the notion of a workforce identity data platform which expanded on my ideas about the data tier of the modern IAM architecture. I now want to expand on the ways that you can use the four components of a modern IAM architecture to better understand your IAM world and approaches to augmenting and modernizing that world.

    Read more

  • The Rise and Future of Identity with Joseph Carson

    I had an amazing opportunity to sit down with Joseph Carson. I have been a fan of his for a long, long time. We had a great time talking about everything from non-human identity to zero standing privilege, where AI comes into the mix, and much much more! Check it out!

    https://player.captivate.fm/episode/6d6e49fb-9af5-4511-a586-1f7ad20a8f64

  • Introducing a probably bad idea: Workforce Identity Data Platform

    Continuing from my post a few weeks back about the four components of modern identity (policy, orchestration, execution, and data), I wanted to spend a little time on one of the components: data. I have a really bad idea and need to get it out of my head… and I want a bit of validation that yes, in fact, this is a really bad idea.

    For the moment, let’s look at the consumer world of IT. In this space, there is a notion of a customer data platform (CDP.) CDP’s are thought of as marketing technology. They are notionally the repository for everything related to customers. From clickstream, to email open, to expressed preferences, to orders, to call center interactions, to life time value, and more… all flow into the CDP. And the CDP is consulted to construct a customer’s journey, regardless of whether that journey starts as an email campaign, a guest user on a site, in an app, or just browsing around. Different kinds of tools use the CDP for their own outcomes (e.g. segmentation, ad placement, customer lifetime value analysis, etc.)

    Read more

  • Tactical ZSP chat with Alex Bovee

    I first met Alex of ConductorOne a few weeks ago at Identiverse. We were on an Identity at the Center podcast together and hit it off. We caught back up last week to continue our conversation. We were talking a bit more tactically about how to actually implement zero standing privilege… and it was a blast!

    Check it out!

  • Four Components for Modern Identity

    For the last 6 months or so, I have been struggling with market definitions in identity and access management. I used to understand markets such as identity governance and administration and access management; I understood what the feature boundaries were; I could map vendors to those markets. But honestly, lately, I feel like those maps and those boundaries aren’t as accurate as they once were. So, in some regards, this post is my attempt to work through ways of defining what IAM looks like in the modern era, what parts should enterprises be willing to pay for, which are table stakes, and where is this all going.

    Read more