Event Recording

Privileged Access Management – Moving from Cost to Service Centre

Show description
Speaker
Felix Behringer
PAM Project Director
Deutsche Kreditbank AG
Felix Behringer
Felix Behringer is a certified Information Security Manager (CISM) with 7+ years of experience in IT Security. Felix leads the implementation of Privileged Access Managements (PAM) at Deutsche Kreditbank (DKB) since 2021 and is therefore responsible for DKB’s Privileged Access Security...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
IGA Everywhere - Creating your Future Security Ecosystem
May 10, 2023

Identity Governance and Administration (IGA)is a core component of Identity and Access Management (IAM) infrastructure and refers to integrated solutions that combine Identity Lifecycle Management (ILM) and Access Governance. IGA helps to cut costs, increase security, improve compliance, and give users access to the IT resources they need.

Depending on maturity in terms of IAM, some organizations may need to bolster their capabilities in ILM while others need to focus on Access Governance. But most organizations are looking for a comprehensive IGA solution, that combines traditional User Access Provisioning (UAP) and Identity and Access Governance (IAG).

Event Recording
The Human Impact of Identity – Women in Identity Code of Conduct
May 11, 2023

Women in Identity strongly believes there is a need for a global Identity Code of Conduct to address identity exclusion—being excluded from access to identification credentials — that subsequently leads to exclusion from financial services and products.

The Women in Identity team are half way through their research project with the current phase focused on the development of the code of conduct.

This panel will share early look at the guiding principles that will ensure all users of digital identity systems have a consistent and high-quality user experience.

Event Recording
Passwordless For the Masses
May 10, 2023
Event Recording
Spicing up Authorization - A Zanzibar inspired approach
May 11, 2023

As a global OEM of highly critical and complex industrial devices, managing access to hundreds of millions of IIoT device resources spread across customer sites all around the globe is already a challenging task.  
Use cases for providing a digital service platform need to address end customers accessing devices owned by themselves as well as priviledged access for in house and third party analytics applications and serice personnel. A combination of requirements for excelent user experience, authorization management and high performance for cross-tenant queries for endless scenarios can become a nightmare.  
The task was to analyze the access requirements, abstract them and then deploy a “Zanzibar” inspired approach to manage access authorizations with a swift and reliable backend architecture, able to handle millions of information assets to be protected against unauthorized access.  
Creating a mere access model does not do the full trick - it has to be cleverly designed into data storage structures and queries to achive the required performance goals!  
The talk quickly introduces the problem set and then dives deeper into how to implement data storage optimization magic to get quick response times and swift adjustments of authorizations.

Event Recording
eIDAS 2.0 and EUDI Wallet - State of Play
May 12, 2023

While eIDAS 2.0 is still under legislative process, closing to the end, the European Commission prepares the framework for the EUDI Wallet reference implementation, and standardization bodies are working on developing new technical standards.
There is a real need for updated information on all efforts around eIDAS 2.0, as the implementing deadlines are very tight.
The session will shed light on latest developments and impact on the market.

Event Recording
Trust Inspiring CIAM – Essentials for a Secure, Experience-Driven Digital Business
May 12, 2023

Confusing Customer Identity Management (CIAM) with traditional Enterprise IAM comes at a high price: Applying internal regulatory compliance requirements and heavy security challenges to customer-focused interactions could easily limit user experience in a way that it measurably affects your digital business success, with dropped or interrupted transactions. Building Identity & Access around your customers' needs requires a profoundly different approach, which is on the one hand a trust-driven interaction experience with your brand, and on the other hand, complies with KYC and Cybersecurity requirements. In this session, we will give you an overview on the current state of CIAM and future developments you should include in your considerations before deciding on how to move forward.

Event Recording
Why Policy-Based Authorization is Critical for Identity First Security
May 09, 2023

The enterprise perimeter is now its data objects, APIs, applications, and its users are now the workforce, customers, partners and in many cases, machines. In this new, decentralized, and highly segmented world, CISOs and IAM leaders find themselves struggling with multiple systems and interfaces that control the most basic question: Who has access to what and when? 

In this session, we will present a new architecture for Identity First Security based on Centralized Access and Authorization Policy Management Platform, and discuss pro and cons, specific real-world implementations.

Event Recording
Building Identity Bridges: Where Digital Identity and People's Expectations Meet.
May 11, 2023

This presentation will bring together and report on experiences in developing identity and privacy standards that are technically feasible but that also address the lived experience of people trying to negotiate a complicated digital identity space.

This will include an update on the Kantara Initiative Privacy Enhancing Mobile Credentials Work Group, as well as identity consideration in some recent virtual care and electronic health records standards. This will consider the impact of self-sovereign identity on the possibilities for reclaiming individual autonomy.

Event Recording
Rogue on Steam? Risks and Rewards of a Seamless Digital Life in the Metaverse
May 10, 2023
Event Recording
Holistic SAP Governance through Enterprise Environment Integration
May 12, 2023

Vertical risk management and complete identity governance can only be achieved through integration of critical platforms with other systems and applications in use and by either integrating existing point-solutions or reducing their number altogether. Integration of the identity-platform with SAP is one of those major challenges for many organizations today.

One Identity’s approach to this challenge is through a unifying, standard integration into SAP as well as other systems and applications to establish a common GRC framework and security concept. Which includes preventing isolated environments. To establish SAP-internal governance and minimize risk within the platforms privilege landscape most organizations use specialized embedded tools like ECS (Easy Content Solution) from IBS-Schreiber Solution. Integrating the identity management platform with the SAP rule-set administration allows SAP Rule sets to be applied directly, run SoD-analysis fast and efficiently and extend them to other systems and applications, such as MS AD, AAD. The potential value of this approach is significant as it allows a preventive risk-assessment throughout the whole SAP-stack.

This integrative approach also extends to the SAP Firefighter concept for it to be applied to the rulesets and extend these into other systems. The objective is clear: Simplify risk assessment and management, establish a unified identity administration framework and as baseline - reduce cost.

In short – it lays the foundation and framework for solid Governance.

Event Recording
The Decentralized Identity Journey has Begun in Financial Services
May 11, 2023

Learn how Raiffeisen Bank International heads toward decentralized identity to empower their customers across Europe and set the gold standard for privacy protection.

The increased mobility of users and their demand for personalized, unified omnichannel access experiences has stretched federated IAM beyond its limits. Meanwhile, the need for organizations to collaborate more to compete, and build communities of trust and value for those same users affordably and securely, cannot be met by existing federated IAM solutions. Learn how Raiffeisen Bank International (RBI) will embrace the new paradigm of decentralized identity to improve existing experiences and create the opportunity for new, valuable user experiences and increased levels of engagement and collaboration withbusiness partners across multiple jurisdictions, without the need to replace their infrastructure. Simultaneously, understand why starting their journey now, enables RBI to future-proof their ecosystem to rapidly support the EU Digital Wallet and official digital credentials that will become available. Get a glimpse into the solution architecture being deployed at RBI and an understanding of the benefits and how they can be communicated to executive leadership and business partners. Yes, decentralized identity may be great for web3 someday; however, learn from RBI how it can also solve today’sproblems in a practical way and work in harmony with existing IAM systems enhancing existing federationplatforms.

Event Recording
The MFA Dilemma and Moving Beyond Mobile
May 10, 2023

This panel will explore the current state of multifactor authentication (MFA) and its limitations, as well as potential solutions for improving the security and user experience of MFA. We will discuss topics such as the challenges of implementing MFA, the limitations of mobile-based MFA, and alternative methods for MFA, such as biometrics and behavioral analysis. The panel will also address the future of MFA, discussing the potential for new technologies to improve security and user experience, and the role of industry and government in shaping the future of MFA. Overall, the panel aims to provide valuable insights and perspectives on the multifactor authentication dilemma and the steps needed to move beyond mobile-based solutions.