EIC - Exploring Digital Identity from Every Angle

This week saw the 13th European Identity & Cloud Conference hit Munich. The five-day spectacle brought over 200 expert speakers, 50 vendors, and numerous expert implementation partners, all discussing the current trends in the digital identity and access management space.

EIC Blog 4.jpg

 

Good News in Digital Identity

A really refreshing part of many corridor discussions was a general consensus around how some of today’s largest identity, privacy and security problems, are being solved (if you squint a little!).

One of the topics that certainly occurred in several of my conversations with customers and vendors alike, was the need to correctly apply context to the authentication and authorization processes. We know concepts such as intelligent driven authentication are now the main foundation for how projects deliver simple to use yet secure user experiences, but more is needed!

EIC Blog 3.jpg

 

The Journey Continues

The next part of that journey is the ability to collect, store, and analyze context throughout entire user login and resource access journey. Steve Hutchinson, a board member of IDPro organization, gave a great real world account of how modern organizations can work towards this, followed by a great panel, where we mulled over the prospect of how machine learning can contribute to the analysis and attempt to get organizations closer to a trusted access design model based on Zero Trust or CARTA.

Switching gears, privacy remains as hot a topic as ever. Not just from a compliance perspective - aka GDPR - but more from an end user viewpoint. How can the end user be empowered to have better visibility over who accesses their data - and more importantly, how that data is used?  A person may want to “control” their data, but it is generally the role of the application owner to decide what attributes they need to describe a user of their service.

EIC Blog 2.png

 

API Discussions

The vehicle for those data process flows is typically APIs and some interesting panel discussions around modern API security. OAuth2 has a huge role to play here, along with MTLS, microsegmentation, edge enforcement and new transaction and performance demands. It all made some for some great chats over excellent KuppingerCole logo printed cappuccinos and the evening’s weissbier.

Cloud automation of identity platforms and the integration of machine learning were two other areas where real world examples and use cases where exchanged. Digital IAM is a complex beast and having the ability to outsource the build-run-operate component was a consistent theme for many CISOs.

EIC Blog 1.jpg

 

EIC 2020!

The 14th KC EIC event has already been announced for 2020. Will be great to return, to see the progress the industry makes towards a more continually secure and privacy enabled future.

Until next time Munich, Auf wiedersehen!

For more info on these digital identity topics and ForgeRock in general, visit us here.

 

Who Is Simon Moffatt?

Who’s Simon? Simon is a technical product dude here at ForgeRock. He has 16 years working in the identity game at companies like Oracle, Sun Microsystems, and Vaau. At ForgeRock, he helps to design new products - specifically in the Access Management space. Not only is he ambidextrous, but he can design with both hands...oh wait.

Recent Posts:

Privacy and Access Management: Insights from Michael Chertoff

Former DHS Secretary Michael Chertoff Talks About Privacy and Access Management at Gartner’s US Security & Risk Summit

On Tuesday morning at the Gartner Security & Risk Management Summit in National Harbor, Maryland, former DHS Secretary Michael Chertoff sat

Cloud Deployment: Berlin Hosts A Workshop

Attendees at this year’s Berlin Identity Live Summit returned for a second day of talks at a second venue.

Breach Happens. Got the Right IAM?

It seems as if a week doesn’t go by without us hearing about a security breach that takes down a government installation, causes havoc among companies across an industry, or steals the private data of millions of consumers.