Event Recording

Panel | Deliver on the Promise of an Identity Fabric: The Power of Data


Log in and watch the full video!

Digital identities of consumers, customers, business partners, employees, but also devices, things, or services are at the core of the digital business.  Unfortunately, most digital identities reside in siloes. Building a modern Identity Fabric that delivers seamless yet secure and controlled access from everyone and everything to every service requires breaking down the legacy identity siloes, and building a modern, flexible, identity data foundation.

Log in and watch the full video!

Upgrade to the Professional or Specialist Subscription Packages to access the entire KuppingerCole video library.

I have an account
Log in  
Register your account to start 30 days of free trial access
Register  
Subscribe to become a client
Choose a package  
And for the final panel before the coffee break, I want to invite Ray Batman from one identity to the stage. I want to invite, I OV to the stage from radiant logic and Gary Weisberger from Atos and Martin kina. Who's already there
Have even one more microphone. Nice. You have to share. Sorry for that.
Okay. We have 20 minutes. So first a starter, of course, we want to talk about the promise of an identity fabric and especially about the power of data or data quality. And so I want to ask the four of you for a very quick, really quick introduction of who you are and why you are able to talk about this topic. So if we start to the right with GLI,
So my name is Rita Bachman. I worked since 17 years now for one identity before I was more than 10 years as an it manager. So I did a lot of consolidations, migrations, data, quality, whatever, so handled with a lot of data and did a lot of projects with customers the last 17 years around identity and access management.
Okay. Just carry on. Sorry. Have to shake. Have to share.
Yeah. Hi, my name is Gary Weinberger. I am from Atos and I have 18 years of experience now in identity and access management, mostly with our direct products and yeah, since nearly a year, I'm now in product management, but I have lots of experience in our, in products, migration projects and yeah. Projects with different data sources with different data qualities. So yeah, we developed our strategies how to approach these topics and from this panel, I like to see how others do it.
Okay, great. Thank you.
Okay. My name is Eli. Nazaro good afternoon. And I'm been with radiant logic for over seven years now. Mostly I worked in the United States. I'm from east coast, Washington DC, but now I'm based in cologne, Germany. And basically we've had a lot of conversations with customers and that's how we learn about this market. That's what we can share stories and examples that they giving us related to identity data fabric.
Okay. I think most Nomi Martin equipping are principal Analyst at Kuppinger called 33 years in the industry and yeah, that's it.
Okay. If we start with one short quiz, one, one sentence for all of you starting again with your data. Quality is
Critical.
Underestimated
Comes from variety of sources.
Okay.
That's more and more important,
Right? Okay. So then, then, then kick off the discussion with, with one question. Are we already good enough? Are we in terms of organizations, governments, whatever, are we good enough in delivering high quality data, identity data for our users in general? What do you see from your professional experience? Maybe again, starting, starting with Eli?
Well, I think the answer is no. And, and the answer is based on the conversations we've had with our customers who are struggling with a multitude of issues related to the fact that the data identity data resides in so many silos, so many systems that are not connected and, and the identity is so fragmented that it's very hard to make decisions, be that for access management, for provisioning or other requirements from business,
Right. Rachel, any, any additions from your side? Is it only silos or where are the, or do you agree? We can deliver.
I, I agree and think the problem is not a technical problem. The problem is an organizational problem. So technically we would be able, but not organizational wise,
Martin
Gary
First.
Yeah. It's, it's not just silos. I mean, we had centralized data sources with the yeah. Really bad data, quality duplicate entries, entries with different identifiers with the wrong email addresses because they were put in manually wrong in, in HR. So it's not just in silos. It's also in, in centralized data sources where the issues are.
Yeah. I think few identity management projects didn't experience some issues in identity, data quality. I think that's, that's part of the challenge we, we are facing. I think as Rao said, it's not just a technical thing. So I see way to few projects where people sit down and say, okay, which objects do we have? Which attributes do we have? Where do these attributes live? Which is, which is the leading source in which situation it might be different for change and move and so on. And if, if you do that exercise, you learn a ton of things. And that really helps.
Okay. You've mentioned, you've mentioned the silos. When we look at this silo problem, we, we talked about technical issues, re mistyping or whatever can be, can be decentralized, can be decentralized. What other issues do you see when it comes to having in larger organizations, identity data in separate silos, be it organizational or technical, what are the experience that you gained and maybe also a few approaches to, to tackle them again, you like maybe to start, sorry.
So I think the current problem is that with the speed of cloud, we have a lot of internal or departments installing new applications and they are just typing in the data they need and they are not, they don't care about the rest to be honest in the end. And so I think this is also a big issue. We have more and more in the past, it was like typing in the wrong email address because it was typed in by the HR. But now we have more and more with clouds growing applications and totally disconnected. So, and no one has really a clue. So responsibility, I think is also a big issue. So the, the previous speaker, he brought up a lot of points, which I think is exactly what what's the problem in the end. Yeah.
But isn't that a governance problem, an organization, a process, a power problem within an organization to really say, okay, you cannot just add an identity to the cloud just to make it work.
It is a power problem, but in the end, who pays the bill makes decisions. So if you go to, let's say an insurance company, it's not the it, which is doing the decision is the business. The question is how many insurance I can sell in the end and
UN, unless the bill for data integration gets too high afterwards, then they learn it the hard way.
Yeah. But they won't be the ones to pay. But any other thoughts around that topic?
Well, real quick, the, the biggest problem we see repeatedly is a fact that organizations have to go through an identity integration project over and over again. And every initiative in identity then requires some view of data that doesn't exist. And then, and that, that is inefficient, right? That's where a lot of inefficiencies exist. And that's why creating an identity. The data fabric is such a critical idea. And, you know, we can actually add to that from another industry, which is business intelligence, you know, in that industry, they had a very similar issue, but there it's recognized that it has to be overcome. There are tools and systems that, that solve this problem in identity, it's even more critical because access decisions, you know, would impact security and usability.
Right. And, sorry, sorry.
Yeah, probably just one thing to add out of experience, a big issue, nearly every project was to bring the data together. I mean, if you have data silos, you have to match the data. And if you have, for example, Hans Miller in, in one silo, it's not the same Hans Miller in the second, or probably he is, we don't know. And to bring this together, it's, it's quite time consuming. And usually the customer does not see that in, in first place because he thinks, Hey, the data's all there. Quality is, okay. So yeah, this, you have to, to bring this to the customer and to tell him, you have to look at your data and you have to bring this Toga together. And this is an important topic.
I agree with Gary, just to add real quick. I agree with that's precisely one of the issues. And I think it also talks to the maturity of an organization, whether they understand this problem or issues to ignore
It, but like the point you made early on others have been looking at it like in business analytics. And I'm just working on leadership on data quality and data integration. And I think when, when we look at what is feasible around enrichment of identities, for instance, also from external sources, clearly always keeping privacy stuff, etcetera in mind. But I think we can learn a lot from, from others. And I, I think we probably also put too little effort into being really good in this data integration exercise and being not maybe specialized enough and in integrating in so embarrassing and matching and enriching all the things which are standard in another industry we can learn from, or another part of the industry we can learn from that.
Right. So just aside questions, it's 2022. We really have data sources where there's no unique identifier and where there are Hans and you have to check them with, with the birth date. Okay.
It's trust 2022. You
Know, there will be in 20 23, 20 24.
I, I guess so I'm afraid. So another question you've mentioned that briefly, everybody's talking about adaptive authentication. Everybody's talking about policy based authorization based on data from your experience across organizations, how mature are they, how mature can they get when you have been done? Have you have done your work when it comes to access decision? Is this, is this, how does this change? Is this feasible,
Garbage in, garbage out?
Yeah.
I see nodding from all of you. Any, any spoken comments?
Yeah. The garbage in garbage out. I can probably talk about a project I once had, where we had to in, in the contract had to sign that we will deliver 100% data quality. Good. How do you do that? That was a question. And eventually what we did is I just sum it up because it's what was a long discussion that we had. Eventually, what we did is we created some sort of quality layer and on this quality layer, we imported all the data from the different data sources and on this quality or quality control layer, that's what it was called. We had had some, some policies running over these checking the data for specific topics. And eventually there were, it, it was different steps of quality control. We had some basic label. We had some silver and some gold standard label. And the better the data quality was the, the higher the label was that we categorized this data. And eventually when a specific label was reached, the data was imported as an actual identity and be, if the quality control did not pass, we informed the provider of the data. Hey, your data is incorrect, please. Correct it. And by that, we pushed away the responsibility for, for data yeah. For, for the data quality and gave it back to the source. And by that we could eventually guarantee that our data is 100% correct.
So the one that passed through you. Yeah, exactly. Okay. Quick, quick change in topic, we, we, we've been talking about employee data mainly as of now, how is, is there a difference between customer data and employee data when you go through these projects and how does this differ when you are integrating data quality and, and integrating data and improving data quality, maybe later to start, I'll give you for a few seconds and
Let's, I can, I can add a couple of, couple of ideas here. If you look at adaptive authentication, something you've asked just now about and other business initiatives, right? Where, because security initiatives, right. We all require additional data points. It's all about the quality of data, but also availability of data for that purpose. And that affects both workforce and customer IM. So there are new ways of digital interacting with users and they require more data to be present in that identity data fabric. So it just puts more and more pressure on, on organizations to do that. And one more thing is that if we think about devices and IOT and other things like that, that creates a requirement for relationship hierarchy. So you want to create, be able to maintain hierarchy and know which users own, which devices and vice versa, which, which devices owned by which users. And so you have to be able to map all that. And so if your identity data fabric can support that type of transformational information, data, and yoga shape
Martin, then Rita.
Yeah. I think the point is for, for customer and consumer data, there's more enriching happening already because a lot of this also happens outside of the identity domain, more towards customer data platforms and more towards business or business oriented data applications. And there, we have a lot of providers depending on, on the legislation, it differs, but there's more happening already.
And, and it's important to have this relation together because you can have also the, the same person, which is a customer and the same person is in workforce. So this is also what we see more and more and customers having a customer identity management system and internal identity management system. And you have to bring this data together because more and more we see this, my customer is my employee. So how you bring this, this things together in the end. So this relation is very important.
Does this also mean applying sod rules?
Of course, because it's a difference when you act as a customer, then when you act as a normal employee.
Okay. My favorite example here is insurance company, customer freelance broker, and employee. You can be all, all three in one person, then you have some very interesting, so de
Conflicts, right? Okay. We have just a few minutes left. I want to go dive deeper into one of the moves. I say, how, how, how good can AI machine learning already support in improving data quality in correlating, in rewriting data, in improving data in general, quick question from all of you, maybe, maybe starting with Gary.
Yeah. Based on experience, what we did with the quality control. Of course this could be, or this would be the best if we had something with machine learning in this case. So it would definitely improve the situation. And we would yeah. Benefit from, from AI and machine learning. I think so.
Okay. Rachel,
It depends how you involve the end user in the end, because we did something a few years ago and it was kind of a bot and that the problem was, it was maybe too early and it was too overwhelming for the end user. So we stopped the initiative because maybe we were too early or it was too complicated for the end user in the end. So we, we are doing now something similar, but with less automation and less information. But I think the main point is you need in the end, the end user, it's like the train driving or on the street. The problem is the people driving the car by their own. It's not the car driving autonomously. It's right. The person between which is driving the car by themselves. So that's the problem. And I think it's the same with, with this kind of topic. As soon as you involve humans, you have to be careful.
Okay, great. Eli.
So, you know, we have to recognize that identity data fabric sits between the sources of identity and then consuming applications or systems. Right. So AI is interesting because it can be on either side of it, right? So AI can be a source of identity or it can be consumer of identity. So in, in as far as it creates better data quality and it enables and enriches that, that, that profile of data. I mean, in that, that sense, it's very valuable.
Okay, great. So we have two minutes left power of data, improving the quality of data, correlating data. I think nobody in this room will say our data is perfect in our identity store. What would be your call to action for them to take home and start Monday after EIC working on Martin?
Yeah. You know, the technology is here. And just to add to the AI question, 24 years ago, I've been working for a company which had technology that this fussy analyzes and address optimization, all that stuff. The technology is out there for long. We just need to use it
Eli.
Basically, if you look at the problem statement, right, which is that we have so many silos of identity data, what it, the behavior it often drives is people tend to look at it and say, we'll just do this one project and claims success, and then we'll start another project. And over time it becomes very inefficient. So I think the way to approach this is to take a step back in a strategic way, you know, increase the maturity organization and say, are we doing the same thing over and over again? And, and how can we prevent that? I think that would be a way to approach to start.
Great. Thank you, Gary. Any additional thoughts?
Yeah. Just, if you ask me for recommendation, don't go with less than, I don't know, 100% data quality because in the end it comes back at you. That's what my experience says.
Okay. And Richard fun words.
I know it sounds silly, but involve as much people as possible and bringing to top to the management because below management it's very hard and it could be very difficult because if they don't have the attention and the power, it would be very difficult to do it.
Right. Thank you very much. Listen to the experts. Listen to them. Thank you very much for your contribution to this panel. Thank you very much.

Stay Connected

KuppingerCole on social media

Related Videos

Event Recording

Cyber Hygiene Is the Backbone of an IAM Strategy

When speaking about cybersecurity, Hollywood has made us think of hooded figures in a dark alley and real-time cyber defense while typing at the speed of light. However, proper cyber security means, above all, good, clean and clear security practices that happen before-hand and all day,…

Event Recording

The Blueprint for a Cyber-Safe Society: How Denmark provided eIDs to citizens and business

Implementing digital solutions enabling only using validated digital identities as the foundation for all other IAM and cybersecurity measures is the prerequisite to establish an agile ecosystem of commerce and corporation governed by security, protection, management of…

Event Recording

Effects of Malware Hunting in Cloud Environments

Webinar Recording

Advanced Authorization in a Web 3.0 World

Business and just about every other kind of interaction is moving online, with billions of people, connected devices, machines, and bots sharing data via the internet. Consequently, managing who and what has access to what in what context, is extremely challenging. Business success depends…

Webinar Recording

A Winning Strategy for Consumer Identity & Access Management

Success in digital business depends largely on meeting customers’ ever-increasing expectations of convenience and security at every touchpoint. Finding the best strategy to achieve the optimal balance between security and convenience without compromising on either is crucial, but can…

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00