KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
The old paradigm of a centralized directory for security has been shattered into a thousand pieces and scattered across the Cloud. Identities, sensitive data and resources, and the management of who may access them are now distributed across hundreds of on-premise and Cloud systems each with its own idiosyncratic security model and none designed to be managed in unison. The shift to Microservices has accelerated the pace of this change. Given this monumental new challenge what is the solution for identity professionals?
The answer lies in embracing this change and applying Microservice design patterns to Identity and Access Management. As an example, IAM can play a key role in an organizations Microservices design by acting as what is known as an "Anti-Corruption Layer". The Anti-Corruption Layer Design pattern isolates systems having different models by translating communications between them, allowing one system to remain unchanged while the other can avoid compromising its design and technological approach. In this case, IAM can be the glue that translates between an organizations security practices and the multitude of ever-changing Cloud applications and their local security.
Over the past 12-18 months, there has been a mounting interest in how Blockchain technology might support the next generation of IAM systems. The promises of decentralized and self-sovereign identity, which promote a frictionless user experience and improved privacy controls, are very appealing to any organization looking to reduce both costs and risks. But how do you get started? Many organizations are just starting their journey to cloud, so the idea of Identity + Blockchain may seem too futuristic. In this session, experts from IBM will share how clients are progressively moving towards a decentralized identity solution today while maintaining and integrating it into their existing identity management systems. Learn, how use cases like passwordless authentication for law enforcement personnel and digital job credentials are becoming a reality. Moving to cloud-based IAM is the first step in the process, and with the right strategy, the next generation IAM is closer than you think.
In today’s world, organizations and people manage a complex web of digital relationships. To keep everyone safe, each digital interaction must be validated. Strong tools and technologies are now available to help organizations protect their resources, employees, business partners, and customers. But there are no similar tools—beyond legislation—for individuals trying to protect their private information. As an industry, we have a responsibility to provide technology tools that ensure privacy for individuals even while they strengthen security. This means supporting citizens’ rights by putting them in control of their data and providing standards-based solutions for interoperability, portability, and protection for the entire data lifecycle.
Modern authentication and authorization services need to generate more than the traditional allow or deny result. Developing user discovery flows that capture and store contextual information, can allow authorization services to deliver dynamic and fine grained data redaction and resource protection. It enables organizations to digitally transform their business and to develop future proof identity models and ecosystems focusing on zero trust and continually secure infrastructures.
Who was the real Tara Simmons? On November 16, 2017, she sat before the Washington State Supreme Court. The child of addicts and an ex-addict and ex-felon herself, she had subsequently graduated near the top of her law school class. She was asking the court to trust her to become an attorney, and the outcome of her case rested whether or not her past could be used to predict her future.
Algorithms that use the past to predict the future are commonplace: they predict what we’ll watch next, or how financially stable we will be, or, as in Tara’s case, how likely we are to commit a crime. Over the last several years, the identity industry noted the influence of algorithms on human well-being and the inherent biases in many of them. How can we as identity practitioners employ algorithms while at the same time ensure that they promote justice and fairness?
As we follow the case of Tara Simmons and others like her, we’ll develop a practical ethical standard for evaluating algorithms from a uniquely identity-centric standpoint. Learn how to ask the right questions, use open-source tools, and develop an assessment model to ensure that your systems prioritize well-being, demonstrate accountability, provide transparency in decision-making, promote fairness, and provide for user data rights.
Do you build your own car? Do you buy all the components and put them together yourself? Of course you don't. You find vendors who have already assembled all of the pieces into a finished car, and then select the options for the car that fits it perfectly to your wish list. Don't you think it’s time that you bought your software the same way? Why spend your time and money running around trying to find all of the best pieces, and even more money trying to put them together. Broadcom believes that there is a better way, and we intend to deliver it to our customers. Come hear how we are merging DevOps with Security to deliver a one-stop shop for purchasing everything you need to deliver apps and services to your customers.
If we look under Alexa’s hood and read between the technologies we find a disturbing reflection of our own identities and personal data. In your home Alexa is always listening and influencing your options. In your company’s product deployment Alexa is influencing your brand, your customers, and your user data. We will discuss why this represents a geo-political shift more significant than the rise of social media. As a previous developer of Alexa skills and other AI systems I will share with you my lessons learned.
And we will examine alternatives.
A comprehensive and fully functioning identity program is an ever evolving mission. From creating security awareness that sticks with employees, getting executive buy-in, and assembling the right team, there’s a lot to do – and then deciding the correct mix of services and solutions that are required for the identity program can be quite the task. One thing is certain – security should not compromise user experience. If there is too much friction in the mix, users will avoid best practice. In this keynote, Gerald will look at some of the challenges as they exist today, some of the solutions that will help into the future, and what mix of solutions can help you deliver an effective identity program that is both robust and flexible.
The Holy Grail of identity and access management is identity governance and administration (IGA). Unfortunately, getting IGA right is much easier said than done. From access request through provisioning and into identity lifecycle management; and from user access governance, through data governance, and into privileged access governance, the sheer volume of users, systems, and scenarios that must be addressed can be overwhelming.
In this session, One Identity will discuss what IGA truly means, how to determine where to start, and where to go next once you are on the path. Don’t be fooled by vendors pitching a myopic or siloed approach to IGA, or a heavy-handed solution that may be more complex and expensive than you can handle. To get IGA right takes designing a program that satisfies YOUR objective and fits within YOUR budget and skillset. It can be done, but it takes a fresh look at the age-old challenge.
Blockchain to some is the future solution for everything, or at least for managing identity information. Rabobank is piloting extensively with blockchain. In his presentation Henk will use a few cases on blockchain to see what works well and what doesn't, and where blockchain could be applied to managing identities, whether these are customer identities or employee identities. Or both.