In the evolving tapestry of the AI driven digital realm, Enterprise Digital Identity stands as a linchpin, central to both operational efficacy and security. As businesses soar to new digital heights, understanding and innovating within this sphere becomes imperative. The "Inside: Enterprise Digital ID" session stream at EIC 2024 delves into the nuances, challenges, and innovations that are shaping the identity landscape for modern enterprises. With a blend of cutting-edge trends and foundational strategies, this stream addresses the future-ready requirements and the transformative potential of digital identity management within organizations.
Identity-First Security Strategies:
- Redefining Cybersecurity: Understand how pivoting to an identity-first approach amplifies security measures, ensuring robust defenses against evolving threats.
- Integrating Identity: Delve into the mechanics of weaving identity management into the very fabric of cybersecurity, enhancing both prevention and response mechanisms.
The Rise of the Identity Fabric Architecture:
- Scaling Identity Needs: Explore how a dynamic identity fabric architecture can cater to growing and diverse identity requirements within enterprises.
- Future-Proofing IAM: Grasp the importance of adaptive and scalable architectures in ensuring longevity and resilience in identity management.
Reestablishing IAM Hygiene:
- Setting New Standards: Learn about the imperative of raising the bar in identity and access management (IAM) protocols.
- Best Practices and Innovations: Delve into strategies that ensure optimal IAM hygiene, reducing vulnerabilities and optimizing user experience.
Managing Diverse User Constituencies:
- Expanding Environments: Address the challenges and strategies associated with managing varied user groups across multiple digital environments, platforms, and geographies.
- Unified Identity Solutions: Understand the tools and technologies that enable cohesive identity management across diverse user bases.
Rising Threats to IAM Infrastructure:
- Predicting the Unpredictable: Examine the increasing and evolving nature of threats targeting IAM systems.
- Fortifying Defenses: Learn about advanced protective measures and response strategies to counteract sophisticated attacks.
Leveraging Identity Data for AI and Analytics:
- Data-Driven IAM: Understand the power of data strategies in enhancing identity management protocols.
- AI in IAM: Explore how generative AI applications and analytics can revolutionize IAM, offering predictive insights, automating processes, and ensuring real-time adaptability.
Each topic within this session stream promises a combination of expert insights, real-world case studies, and forward-looking strategies, ensuring that attendees are well-equipped to navigate the challenges and harness the opportunities within the enterprise digital identity sphere.
Enterprise Identity I
Rethinking IAM
June 05, 2024 11:00 - 11:20
Location: B 07-08
Decentralized Identity Comes of Age: How Identity Forces Are Making Enterprises Rethink Identity
A significant trend in cybersecurity breaches is the shift from targeting endpoints to hijacking user identities. This evolution marks a significant change in attack vectors, emphasizing the need for robust Identity Threat Detection and Response (ITDR). The presentation will dig into the dynamics of this trend, explaining the mechanisms through which attackers infiltrate systems by exploiting identity vulnerabilities instead of traditional hardware or software loopholes.
In response to the...
June 05, 2024 11:20 - 11:40
Location: B 07-08
IAM Teams Always Seem To Be Stressed, Over-budgeted or Lagging Behind
This session will examine the nuances of running an effective IAM program and explore how to strike the perfect balance between business, security and audit requirements, keeping the employees engaged and thus laying the foundation for a resilient and agile IAM.
June 05, 2024 11:40 - 12:00
Location: B 07-08
Identity Convergence & Integration Among Platforms
Holcim is a global leader in innovation and sustainable building solutions and has been running its Identity Management program in EMEA for the past eight years. The program had reached a high level of maturity, but the time came to improve the connectivity between the different IAM platforms so that they could be combined into an Identity Fabric. This session will share in a practical and tangible manner how this was approached, the lessons learned, and the challenges faced...
Rethinking IGA
June 05, 2024 12:00 - 12:15
Location: B 07-08
Data Driven Implementation of IGA
This session will look at how analytics can pave the way for decisions about the implementation of IGA instead of hundreds of requirements based on assumptions.
June 05, 2024 12:15 - 12:30
Location: B 07-08
When Something Goes Wrong, Are You Ready? Real-World IGA stories
The glitzy and very convincing diagrams of IGA processes and architectures demonstrate what happens during the provisioning, deprovisioning, access request, and attestation stages using one key assumption… that everything will go according to plan. But what happens if something goes wrong? As an example: what happens if an access request process gets stuck because a dynamically calculated approver is on long-term leave or has left the organization? Ask IAM operations professionals, and...
June 05, 2024 12:30 - 12:45
Location: B 07-08
Gabba Gabba IAM: The Day Old IAM Died
The Ramones took the boredom out of Rock&Roll. They played it faster and with more fun. And they invented a new genre. Three fresh ingredients will reshape IAM as we know it today like the Ramones did with R&R. Graph DBs, Large Language Models (LLMs) and Temporal Graph Networks will reshape IGA, addressing the complexity and lack of temporal insights. This session will provide a practical understanding of how these three new ingredients will reshape the way we think about IGA and make...
June 05, 2024 12:45 - 13:00
Location: B 07-08
Trust, Transparency, and User Experience in AI-Driven Identity and Access Management
In the rapidly evolving landscape of identity and access management (IAM), the integration of Artificial Intelligence (AI) brings forth both unprecedented opportunities and significant challenges. This talk examines the critical importance of trust and transparency in AI systems, particularly in the context of IAM. We explore how AI decisions are made and communicated, emphasizing the need for Explainable AI (XAI) to demystify complex processes and foster user confidence.
We begin by...
Enterprise Identity II
IAM Architecture
June 05, 2024 14:30 - 14:50
Location: B 07-08
Everything I Needed to Know About Identity Governance I Learned from D&D
In today's digital landscape, organizations face the critical challenge of protecting sensitive data and ensuring appropriate access controls for their resources. Identity governance plays a pivotal role in addressing this challenge. In this engaging and interactive session, we will embark on a unique journey inspired by the world of Dungeons & Dragons (D&D) to explore the intricacies of building and managing an identity governance program. Drawing parallels between the quests...
June 05, 2024 14:50 - 15:30
Location: B 07-08
Panel: Real-World Success with Identity Architecture Programs
Effective Identity Architecture programs have become crucial for organizations of all sizes and industries. IAM solutions empower businesses to securely manage user identities, control access to resources, and protect sensitive information. However, moving beyond your documented framework to implementing and achieving real-world success with an identity architecture program can present enormous challenges and complexities. This panel discussion brings together industry experts, thought...
IAM Evolution
June 05, 2024 15:30 - 15:50
Location: B 07-08
How Does Large Enterprise Sustain IAM Solutions Evolution Throughout the Years? Detect, Migrate, Adapt, Repeat
How does large enterprise deal with everchanging modern IAM requirements? The answer to this question is quite complicated because over time, once popular mechanisms become outdated and insecure. At the same time, modern applications have much broader, specific IAM requirements. This session will explore how If P&C Insurance went through more than 10 years of different IAM solutions. The past few years have been devoted to migrating from a simple open source IDP to a modern solution,...
June 05, 2024 15:50 - 16:10
Location: B 07-08
Battle-Tested Strategies for SaaS IGA
A candid session on SaaS IGA procurement. As a seasoned IAM professional, Janne will share practical insights from the field. Learn how to craft effective RFPs, assess vendors, and align solutions with your unique needs.
Discover the art of balancing technical prowess and strategic decisions. Explore the shift from on-premises to cloud-driven IAM, maintaining security while gaining SaaS-benefits. Leverage battle-tested strategies to empower your organization’s IGA journey.
June 05, 2024 16:10 - 16:30
Location: B 07-08
Enterprise IAM Transformation Plan
Learn how to establish Business Process ownership in a typically technical and audit-driven industry, and how to put emphasis and focus on business outcomes from an IAM Program.
CIAM Evolution
June 05, 2024 17:30 - 17:50
Location: B 07-08
Unlocking the Future: Rethinking CIAM and Identity Management
In an era dominated by digital connectivity, Customer Identity and Access Management (CIAM) stands as the gatekeeper of user interactions and data access. However, despite its proclaimed prowess, CIAM solutions are failing customers and businesses alike.
This presentation looks into the glaring gaps in identity management solutions, unraveling the reasons behind their failures, and proposing a paradigm shift in approach.We will explore the systemic flaws plaguing CIAM solutions, highlighting...
June 05, 2024 17:50 - 18:10
Location: B 07-08
Do Better for Our Customers: Using OpenID Connect in a First-Party Context
In IAM parlance, a "first party" context is when a single organisation owns both the identity provider as well as the relying party applications that are connected to it. There is little doubt that OpenID Connect and OAuth 2.0 are great standards and have done much to enable federated identity ecosystems across the globe. While there is a tendency for IAM professionals to argue for the use of these protocols in virtually any situation, the reality is that they were designed and built with...
June 05, 2024 18:10 - 18:30
Location: B 07-08
Customer Identity and Access Management: Build or Buy?
When it comes to implementing a Customer Identity and Access Management (CIAM) system, many organizations often focus solely on selecting a product or vendor and negotiating the associated licensing costs.
While this method may indeed be the correct one, making the right technological choices in a business context requires a more nuanced approach and more careful analysis. Purchasing a product is not the only option available. The necessary analysis includes evaluating factors such as...
Enterprise Identity III
Practical IAM & CIAM
June 06, 2024 11:00 - 11:20
Location: B 07-08
Securing Workload Identities: Best Practices for Tokenizing Third-Party API Keys and Access Tokens
Stolen secrets and credentials are one of the most common ways for attackers to move laterally and maintain persistence in cloud environments.
Modern cloud deployments employ secrets management systems such as KMS to protect key materials at rest and avoid leaking keys or credentials in source code or other build artifacts. However, secrets are unprotected at runtime, so any vulnerability or compromise of a service could lead to credential theft.
This talk will propose an architecture that,...
June 06, 2024 11:20 - 11:40
Location: B 07-08
Facilitating Ownership in External Authorization
In a world where authorization is externalised, ownership often still relies with decentralised application teams to allow for organisational scalability. Autonomy of these teams is important so that they can move fast. Zalando has 2000+ inhouse applications owned by 100s of engineering teams who will use externalised authorization. Each of these teams will write their own authorization policies as code using Open Policy Agent. This talk will share insights into how we started treating...
June 06, 2024 11:40 - 12:00
Location: B 07-08
Appropriate Level of Assurance - A Foundation for Proper CIAM
There is no good or bad Level of Assurance to root any CIAM upon. It all depends on the business and the risks. A unique mix of business, legal, IT security, technical, and CX skills is required to discover, define, and communicate requirements for customer authentication methods. The correct balance between these factors brings peace of mind and enablement to the business. Hear some highlights of If P&C Insurance's journey of defining and enforcing a Level of Assurance aligned with...
Solving IAM Challenges
June 06, 2024 12:00 - 12:20
Location: B 07-08
IAM With - or Against ITSM
Everyone wants to integrate their access request processes into ITSM, but what is the reality behind this?
What kind of integrations are required, what are the pros and cons of requesting access through the ITSM solution instead of the IAM solution.
This talk is based on several (long) discussions with several clients
June 06, 2024 12:20 - 12:40
Location: B 07-08
To SaaS or Not to SaaS
This talk will share lessons learned from migrations to SaaS based IAM… and what best in class tech looks like if you need to stay-on premises but want the benefits of SaaS.Outline:1. Trends in the market, crossroads our clients our on and the adoption/relevance of SaaS based IAM.2. All SaaS-IAM is equal, but some are more equal than others (differences in maturity across AM, IGA and PAM).3. How maturity and these differences impact implementations and success.4. What can you do about...
June 06, 2024 12:40 - 13:00
Location: B 07-08
Implementing Access Certification
This session will explain how Philips implements access certification, how it helped to improve security, and why they have not got tired yet.
Enterprise Identity IV
Solving CIAM Challenges
June 06, 2024 14:30 - 14:50
Location: B 07-08
Examples of How to Scale Access for External Identities Successfully
Dive into real life examples of applying workforce IAM principles in CIAM. We’ll focus on adapting joiner-mover-leaver scenarios and adaptive authentication for external users, such as suppliers, distributors, brokers, customers with multiple subscription types. We’ll showcase how managing lifecycles intuitively can streamline access control, enhancing user engagement and offering personalized application usage. Ideal for CIOs and Product Managers, this session reveals a practical...
June 06, 2024 14:50 - 15:10
Location: B 07-08
Breaking Free from Legacy CIAM: The Key to Unlocking your Insurance Company's Digital Potential
Legacy Customer Identity & Access Management (CIAM) systems contradict insurance companies' digital goals, hindering user experience with slower, less secure methods. These old technologies fragment the user journey and impede operational excellence with high costs, limited scalability, and security risks. Insurers must embrace modern CIAM to remain competitive. Join this session to discover:
Why insurance companies need to modernize their identity systems to remain competitive in...
June 06, 2024 15:10 - 15:30
Location: B 07-08
Panel: Decentralized Identity for Onboarding and CIAM
Picking up on the observation at EIC 2023 by KuppingerCole Principal Analyst Martin Kuppinger about the application of Decentralized Identity to Enterprise onboarding, the panel will discuss how Decentralized Identities can augment and improve onboarding and CIAM (Customer Identity and Access Management) processes, and how enterprises can develop the capability to utilize decentralized customer identities and data.
The panel will also consider the potential for emerging technologies like...
Identity 2.0
June 06, 2024 15:30 - 15:50
Location: B 07-08
Top 5 Lessons - Implementing Decentralized Identity at Raiffeisen Bank
Over the past year, we have learned a lot about practical implementations of decentralized identity. There is a lot of buzz, many organizations are dipping their toes, and some are taking the plunge. Raiffeisen Bank International (RBI) is one of Europe’s leading banking groups, serving more than 17 million customers. Focused on digitization, RBI’s main security priorities are:
Harmonizing CIAM IdPs
Harnessing decentralized identity
Highest security and compliance standards...
June 06, 2024 15:50 - 16:10
Location: B 07-08
Passkeys in the Enterprise
Passkeys are quickly becoming an interesting option for phising resistent authentication in the enterprise, but what kind of challenges are you likely to run into when you roll out passkeys in an enterprise?
This session will cover what we have learned about passkeys and passkey roll out in a global, flat packed, and meatball centric organisation.
June 06, 2024 16:10 - 16:30
Location: B 07-08
Hybrid Identity: Liminal Space or Permanent Fixture?
Hybrid identity has been sold as this sort of temporary, interim state that is typically required to get us away from Active Directory and into a cloud-native, cloud-driven identity. Yet many organizations, assessing their current landscape, find limitations and gaps that leave them unsure if hybrid identity is the final stop on their identity modernization journey.
In this session we’ll explore the current state of hybrid identity, assessing current real-world blockers and gaps for...
Authorization 2.0
June 06, 2024 17:30 - 17:50
Location: B 07-08
Graph-Based Harmony: Simplifying Zero Trust Authorization in the Age of Data Breaches
In the face of escalating data breaches and relentless attacks on identity, the imperative to establish robust Zero Trust (ZT) architectures has never been more urgent. Yet, the complexity of this undertaking, coupled with the multitude of tools and stacks involved, can be overwhelming.
This session will examine the Zero-Trust reference architecture outlined by NIST, revealing that authorization sits at its very core. Building on this foundation, we'll showcase how harnessing the...
June 06, 2024 17:50 - 18:10
Location: B 07-08
Dynamic Authorisation: The Key to Unlocking Open Banking Potential in the PSD3 Era
The next frontier of customer identity lies not in simply knowing who someone is, but in what they are allowed to do. This is more important than ever in the financial services industry, as the proposed Payment Services Directive 3 (PSD3) framework creates further opportunities to deliver highly personalised, secure, and scalable data-driven services through Open Banking. At the same time, customers are pushing their providers to give them the tools needed to delegate control of their...
June 06, 2024 18:10 - 18:30
Location: B 07-08
Panel: Why Authorization Standardization is Imperative
Join this discussion about the efforts of the AuthZEN working group in the Open ID Foundation, which will include an overview of the authorization space, and the various technologies and players involved. The panel will also discuss why the group exists, the problems that it is trying to solve, and the state of the current work.
As Authorization appears to be the next horizon for standardization efforts, and the multiple technologies, often incompatible with each other, the need...
Enterprise Identity V
Solving IAM Security Risks
June 07, 2024 10:30 - 10:50
Location: B 07-08
Top Risks of Identity and Credential-Based Cyberattacks
This session explores the pressing risks posed by identity and credential-based cyber attacks, spotlighting live demonstrations to expose vulnerabilities and real-world examples that underscore the dire consequences when identities are compromised.
Attendees will gain actionable insights into fortifying their defenses against evolving threats, with a focus on proactive cybersecurity strategies.
Join us to navigate the complexities of this ever-evolving threat landscape and learn from...
June 07, 2024 10:50 - 11:10
Location: B 07-08
Zero Data Enabled Zero Trust
Zero data is the idea that organizations can store much less data than they used to - sometimes zero data- because of the advent of just-in-time identity streaming technologies like verifiable credentials. Verifiable credentials, combined with ubiquitous fine-grained access control can provide significant benefits to organizations using zero trust principals to secure their applications and internal workloads.
This talk will discuss how just-in-time data that is easily verifiable...
June 07, 2024 11:10 - 11:30
Location: B 07-08
An Identity Company's Own Enterprise Journey to ZTA, Passwordless & Phishing Resistance
This is an implementation and enterprise change management story about how we moved Okta from a baseline of traditional MFA gating app/resources access to a far more dynamic & secure app/resource access policy position using ZTA principles, passwordless, & eventually, phishing resistance. It’s about cross-departmental partnership, iterative improvement, and performance benchmarking to deliver a data-driven transformation in our security posture in a short, yet realistic, time...
IAM and Data Governance Beyond Compliance
June 07, 2024 11:30 - 11:50
Location: B 07-08
Do we need to Internalize Authorization Before we Externalise it?
Compared to externalising authentication, externalising authorization has proven elusive. Yet a combination of the rise of advanced threat actors, regulation, compliance and pressures for greater business agility is bringing it back in focus. It is tempting to think of externalising authorization as a technology problem. Technology like policy languages, authorization engines and workflow systems is necessary to enable the externalisation of authorization, but it is not sufficient....
June 07, 2024 11:50 - 12:10
Location: B 07-08
Micro Authorizations: Unlocking the Potential of Zero Trust in Privileged Access Management
The cybersecurity landscape is evolving rapidly, and traditional security paradigms are proving inadequate in the face of modern threats. As organizations strive to embrace Zero Trust principles, the role of Privileged Access Management (PAM) is pivotal. This talk explores the transformative concept of "Micro Authorizations" and its potential to shape the optimal direction for PAM implementations in support of Zero Trust initiatives.
The Authorization Fabric decides whether a specific...
June 07, 2024 12:10 - 12:30
Location: B 07-08
Beyond Compliance: Enriching Data Governance with Identity Insights
One of Identity’s core purposes is to secure access to resources. Since the inception of Identity Governance programs, organizations we have taken an “inside out” approach to secure access and have not focused as much on the resource model. While this approach has produced positive results, it has come at the cost of efficiency, speed and accuracy. We explore the different contributions that identity governance can make to data governance and how combining data and identity...
Secure, Collaborative IAM
June 07, 2024 13:30 - 13:50
Location: B 07-08
Automate Disconnected Apps for IGA Deployments - Automate the Non-Automated
Do you find yourself chasing down data files for disconnected apps? Yes, we all want fully bidirectional apps…But what about those “file” apps. Learn how to modernize the file collection and ingestion for your IGA Solution by empowering disconnected app owners to upload and pre-validate user and entitlement data on recurring schedules. Don’t fool yourself that your deployment will be the exception. Join Aquera, a 2022 Gartner “Cool Vendor” in...
June 07, 2024 13:50 - 14:10
Location: B 07-08
Enabling Fine Grained Authorization for Microservices with Standards
The proliferation of micro-services along with the changing threat landscape means it is no longer possible to rely on network segmentation to establish a secure permitter while allowing broad access between services inside the perimeter. As a result, we have to assume that the attackers are inside the perimeter and apply fine grained authorization at the microservice level to ensure least privilege access based on the context of each transaction. This context includes details of the...
June 07, 2024 14:10 - 14:30
Location: B 07-08
Digital Trust - Building Truly Collaborative Networks
Collaborative Networks have been widely used in business models for modern manufacturing to support today’s fast-moving innovations and complex supply chains. Managing different levels of trust efficiently and securely in Collaborative Networks is critical for productization and time-to-market.
Enabling trust in digital interactions requires the right balance between security and user experience. By combining the lessons learned from the user experience of consumer identity;...
SAP Identity Management End-of-Maintanance
June 07, 2024 14:30 - 14:50
Location: B 07-08
End of SAP Identity Management Support: Strategies for a Seamless Transition
Join Martin Kuppinger for an insightful discussion on how organizations can effectively prepare for the end of SAP Identity Management support in 2027. As organizations face the impending sunset of this critical identity management solution, it's essential to develop comprehensive strategies for a seamless transition to alternative solutions.
In this talk, Martin will delve into the challenges and opportunities presented by the end of SAP Identity Management support, offering practical...
June 07, 2024 14:50 - 15:10
Location: B 07-08
SAP Identity Management Ends - Know-How and Migration Support for Your Future IAM
Obtaining detailed clarity about the technical requirements associated with the replacement of SAP Identity Management is a central task with the given end of the maintenance period for the SAP product. The search for the best possible succession solution is now in full swing. Answers are needed how to follow-up and what are the next steps. The right solution depends on a large number of prerequisites and technical details.
The approach presented here is based on existing experience from...
