Good afternoon, ladies and gentlemen, welcome to our KuppingerCole webinar. The globalization of IM for manufacturing businesses, regulatory challenges, and use cases for global IM this webinar is supported by IC consult group to speakers. Today are uncla who is CTO of IC consult group. And me Martin Kuppinger I'm principal Analyst at co a Cole. Before we start with the content of our webinar, let me give you a quick overview of co and Cole and our services, and some housekeeping information, co a Cole delivers broad range of services, including our reports, such as executive view reports and leadership CES, such as individual briefings and inquiries and Analyst, Analyst, webinars, conferences, and other types of events, and our supporting advisory do this across identity and access, cyber security and artificial and challenges. We have a variety of research formats, which you can easily access through our new Casey plus service, which delivers you this content in a very flexible format.
This includes our leadership compass, our market comparison, our executive view reports, which give you quick and concise overview of about products, our advice for notes and other types of documents. We also support you in getting your strategy done, identifying your portfolio, selecting the right technology. We also support you with guidance through your project. These are our advisory services, which are strictly went and neutral. So we don't do any implementation work. We just support and setting the ground for that. And then we have a couple of upcoming events. So tomorrow and on Thursday we have our digital finance blockchain enterprise. We have events around consumer identity and cybersecurity and AI coming up this year. So with that, let's have a quick look at the housekeeping information. You are muted C you don't have to control these features. We are recording the webinar and we will provide post the podcast recording and the slides for download short term after the webinar.
And there will be a Q and a session by the end of the webinar. However, you can enter questions at any time during the webinar, we will pick them up by the end of this session. That brings us to the agenda for today. In the first part, I will talk about challenges of running IM global organization, including the regulatory aspects. And I will look at key success factors for global IM in the second part on I believe CTO of IC consult group. We'll look at an approach. Businesses can take to solve the deployment and operational challenges in global environments, how to remain flexible and meeting the key success factors. And then in the third part, as I've already told you, we will have our Q and a session. So let's directly look at the first piece of content.
I think one of the things, and, and this is targeted at manufacturing to some extent also true to companies in, in other industries. But I think it's specifically relevant and specifically critical for manufacturing that many manufacturing companies are global. So most of the mid-market and specifically all of the large of these organizations are global in production and they're global in sales. And so when you operate a global business, you need a global IM. And this is I think, particularly challenging because when I had these conversations, every literally every day with these businesses and this, then they say, okay, we have here our headquarters, maybe in Europe or north America, but then we have China and then we have Russia, maybe Latin America, others. So it is not as simple challenge here. And when you run this, this global business with people also regularly relocating from one location to the other, with the need, for having really a consistent management of identity effects entitlements across the globe, then you need a global approach.
And I am. And I think when we look at IM it's also very important to, to step back a little and think about what is the drop of IM the drop IM simply speaking is connecting everyone to every service. So this requires a consistent set of services, which allow to share the identities across services, which allow access to the services, which allow to work together with partners, allow to integrate consumers, allow to work with the employees and all of these need access to the cloud, to federated applications. You are running and to legacy applications, you typically are running. And again, most of the, the established businesses have a broad variety of applications. It's not only cloud, it's a lot of older stuff. So to speak down to legacy, we have different types of identities. I had a very interesting conversation this morning, again, around this was one of our advice customers.
It's about bringing the identities of consumers in which might be bringing your own identity, which might be external I business partners, you federate in, or which you run through new service. You built based on one of these identity platform, the employee place, which you might still have in your own directory service, and they need to connect to the other side federate out, and you also need to do a lot of other things. And one part of that is factually the access management. So allowing everyone to access these services, that automatically comes with the need to do some form of identical governance and administration. So creating the accounts, managing the accounts, which is somewhat different for a consumer than for an employee, which is different for a cloud application than for a legacy application. You also need to implement the right level of governance. And finally, also you need to increasingly manage things like constant privacy and our stuff.
What it means is you need to think about how do you restructure your identity management, my approach on that, our approach, and that is to start thinking and a set of services, which we call identity fabric as this set of services. And this should be a consistency across the globe. When you're manufacturing business, it could be something which is a standardized set of services, which is a consistent set of services. It might be delivered by different, in different ways. What we increasingly see is delivering debt in an, as a service model of some type. So when we look at the challenges of operating IM global environments, specifically for manufacturing, but beyond, so the column pitfall that really cost friction travel cost, then there are a couple of these. So, so, and I look at it more of what you should have instead of what is the problem.
So the problem would be inconsistent technology. What you should have is consistent technology. So I, again and again, observed that there are different identity management stacks at very different levels of maturity across the different locations that automatically leads to integration challenges, to challenges of delivering a reliable, good level of service. So having not too much technology, specifically, not too many stacks of technology, doing the same stuff in every location that is important. You also need consistent processes. There are regional local specifics and well defined process in which this a couple of times can reflect the need for having regional local specifics while ensuring that the baseline process are consistent across the entire organization. Simple example for the need for that is a relocation process. Relocation always involves at least two locations. And if these processes are not consistent, not integrated, these processes become cumbersome. And I bet that many of you in your organizations have experienced a challenge of mover or even worse relocation processes that can be healed that can be done better.
Then there's the need for identity information quality. And I think everyone, a few working in the global organization is aware of that first name, last name, Andrew differently. And a lot of other things which leads lead to challenges. And several of these are factually a result of inconsistent ways of doing IM and that that costs money that causes trouble, that causes a lot of frustration multi-language support. Yes, you need to do it in different local languages, at least for major regions, you need to consistent operating model, ideally a seven X 24 model to ensure that you are IM. And the more obviously you integrate the more important it is to have it up and running all, all the day, all the time, all, all the week.
On the other hand, it's easier to implement a consistent operating model when you have a global consistent approach, because you just need to implement one operating model, not many per location. I already touched the regional local specifics it's language it's processes. It's also sometimes regulatory requirements. You must consider be aware of these. The entire thing must be cost efficient. And if you calculated cost of all IM and you have a lot of different IM in, in different locations, you can't be cost efficient. It'll cost you far too much dry to think about how can you really optimize that cost as a service models, which operated globally obviously are an opportunity here. And then that's the regulatory compliance, which must be met, and which is hard. And identity management is key element in every regulatory compliance. If you look at really a vast number of regulations, there's always something around access controls around sign on, authentication, cetera, and, and all the access governance.
These are pieces which are relevant. Sometimes you even have to keep a long term lifetime idea, and let's look at some of these regulations. So when you look at product safety and, and quality assurance, then, then you might end up with having the need of, of maintaining lifetime ideas for your employees in certain industries and your partners. So who did what expo regulations. So restricting the access to certain business activities and information to ensure that you don't violate export regulations. Again, there's a lot of access in there. When you look at the critical infrastructure regulations you find in various countries, IM is a key element of such regulations managed to use a restricted access care for adequate privileged access management, all that is mandatory for financial regulations. So, so when, when the cyber Oxy act came up many years ago, one of the central elements of it was around access reviews.
And if you look at financial regulations, KYC, know your customer onboarding processes. Again, a lot of these regulations, concern, identity, access management. Then we have data protection, data protection is about who has access to what at the end of the day, which is identity and access management. And, and also when you look at whatever I information security standard to take ISO 27 0 0 1, there are a lot of specific controls around identity, access management and privileged access management. So when you look at regulations, you will not find the one which says this is the identity management regulation, but you will find elements which require to manage IDs, onboarding identification of customers, authentication, access control, access governance. And that is a very common element to regulations. So to be able to deal with these regulations, even more, to be able to deal with the regulations across the globe, which sometimes differ, you need a strong identity and access management.
Also one that is flexible enough to be somewhat more relaxed loser in certain regions and strong than others. So what are your key success factors then for IM global organizations? One is have an organization define the organization, the accountability responsibility across the global organization, no local kingdoms. That is something which needs to be central. Then to define services. Identity mentioned services must be well defined and comprehensive. They must have service description. They must have SLAs. Otherwise you will run into trouble, even more in a global business. They must be consistent and flexible. This is one of the, the most challenging tasks. So, so how do you provide a flexibility for local specifics without losing consistency? It, it is feasible. It works, it can be done. You need global support and operations across time zones, and you need an adequate operating model that must fit to the approach for something which runs across the globe and as a service model.
And that's, I think something which also is logical for other reasons, is a very good fit. So let's finally look at three sort of mini swats, some strengths, weaknesses opportunities, and threats for three different types of models. So, so the one would be what we very free, as I've said, very frequently see running I identity management distributed across the globe where we have a couple of local kingdoms, et cetera. So I would say the only strength is that you might preserve in investments, but it comes at a price. It might be even from an opportunity perspective, lower, right? At least appear being the best fit for regional specifics. I believe it can be done better because you can cover Richard specifics in every other model, if you do it right. But there are weaknesses, multiple technologies in place, no shared knowledge, different levels of ma maturity, which make it done.
That's. These are the threats complex to integrate which result in inconsistent process, etcetera, et cetera. And it's really hard to impossible to meet global regulatory requirements. If you don't have a CRI on all identity management across your organization. So if you move to an global IM and run yourself, you at least achieve a consistent IM implementation and the set of defined identity management services. But in the other opportunities, it's easy to meet obviously the regulatory compliance requirements, but you're still in. That's where the weaknesses come in, still in a traditional operating model requiring your own data centers and operations. And you might want to get even strategically as an organization, want to get rid of these. And it's also, I think one of the things we shouldn't underestimate when we look at managed service models. So with more and more of our critical workloads shifting to the cloud, there's a logic and saying, why not also shifting the, the systems which manage these workloads. And I am a central element of these systems to the cloud.
When you are sales managed, it might be still not easy to ensure proper operations across the global organizations. And if you do it yourself, you end up in all the challenges of implementing identity management with project stalling, et cetera, becomes even more complex. At global scale, we have a lot of webinar recordings from the past years where we talk about the challenges of IM projects, so why they might stall the challenge, all these things. So I think there's a logic and there various ways to do it. And there also might be some mix mixed trust between these models, but there's a launching and saying, I have it globally. I run it as a service. So you have a modern operating model across our regions. You shift via service, expand models. So more OPEX than CapEx, operational expense and capital expenditure. You have a consistent implementation of defined IM services with SLAs, if you do it right.
And that should be always part of as service models, consistent approach on regulations. And you rely on the service provider to deliver services, according to the SLAs, instead of caring for itself, there are no no obvious weaknesses, and there are no obvious threats for that. So, generally speaking, I see a clear trend of identity management shifting to, as a service models, different formats of a service models. And there's the logic. And there's even more logic if you're a manufacturing organization across the globe, which otherwise would have to deal with all the local specifics, which can be very specific when they look to Russia, China, which probably from the Russian or China Chinese perspective are also very specific when you look at the us or Europe. So that is basically trust some sorts from our end about why would it make sense and how to do identity management, good for manufacturing, global manufacturing and why as a service fits in with that, I hand over to unbeliever, who is, as I said, the CT of IC consult group, who will look at in more detail at an approach business can take to solve these challenges, remain, making them remain flexible and meeting the key success factors.
Andrea, it's your turn.
Thank you very much, Martin, for the introduction. And, and especially for this very exciting SWAT analysis, I like it very much. So, yeah. Before I start with, with this, the content of this webinar, a very, very short overview of I, and don't be afraid. I don't want to share a lot of boring figures with you just as important information for this webinar is that I starts claiming to be global, or we have our offices not only in central Europe, but, but also in the us and China and even more important, our customers, we have a lot of large scale enterprises as our customers. And as, as Martin already said, all of them have to act globally. Therefore, we, we were facing challenges around global identity access management for years now took different approaches and want to share a little bit of our experiences and what we want to do right now to do it in the right way.
But let's start with a short recap. So why do we need a global identity and access management now a little bit more from a technical point of view? So if an organization already has an identity access management system build, which is capable of all the required features, there's still, this is in a central place. Still the situation that our users are distributed all over the world, employees, partners, contractors, customers, all user groups, Martin already mentioned at the questions, why is this not enough having them the central place? And first of all, we have the, the user perspective. And the user perspective is mainly not only about, about bad performance it's users in remote locations, especially in China, you will not make a Chinese customer happy if you want to access digital service, add on to your products. And it has to, to log in register to all his self service system, which is hosted in, in Europe.
And these are issues. You cannot cover this, this content delivery networks, the other point. And that's all so mentioned by Martin about typically it's not easy to do all the local specific adoptions in the central identity access management system. And there's a couple of, of these, of these things. I just want to mention two of them. So one is about the, about the market specific social networks, where you want to have typically an outstanding integration, not just single and on, but, but, but more than that and where local knowledge is required. And, and there, there are also regulations which companies are allowed to use these kind of services. The other is about is about how to communicate with your users, not only in points of language, but to give you concrete example, you won't, you will not tell your Chinese customers that that Taiwan is a foreign state, but just the province in other parts of the world, this perspective will be somehow different in if you're interacting with your customer.
For example, for registration, you want to take these, these local specific aspects. And there are a lot of them into account, but what is about the application? So as today, you are not running your, all your applications in your own data center in one central place of the work, but you're going to have them in remote locations as well. And the bad performance is not only affecting the end users when accessing the identity and access management system, but, but also the applications which to have to receive user informations, or which have to, to, to, to get information out of, of single time on tokens of access tokens, and all these kind of things. It's also about availability. And at the end of the day, we have the, the identity provider perspective and the legal issues, regulations, regulatory requirements already mentioned. I don't want to go into the details, which sometimes, well, sometimes there are an approach to try to, to have some kinds of technical workarounds, storing some data in remote locations, but this is, these are expensive workarounds, which doesn't make sense from a technical, from a technical perspective.
So the only valid approach is going for kind of decentralized identity and access management, which solves all these problems, but unfortunately introduces some new problems. I want to mention. So one from the user perspective is traveling around the world, if your product or your digital services are not exactly just used by, by users in their own premise. And that they're traveling around, there may be a situations that they're going to access to it system, which are not in their home region, where they are stored in the identity access management. If your systems are not talking to each other, which might be the case because of legal restrictions, then, then users have to reach, again, links their services again, and, and doing these kind of, of, of tasks, which you really want to prevent. Cause it's well, a very bad user experience you're causing calling by that.
Then we have issues with the applications, which are not, which are a little bit more complicated to understand. So one is about using tokens in if you are not working just with monolithic systems anymore, but going into the direction of microservices, you will have some situations that one microservice callings, another microservice, callings, and next microservice calling in order to fulfill the task, which is required. And if you are not able to deploy all your services in our regions, you will have some situations that one services from one region's calling service in another region. And if the, to, if they're not compatible well, this is an issue. Also having the situation that a mobile app is having to and calling systems and calling systems, which are maybe not in the home region of the user, but in some remote locations and just the same, the same issue then.
And this is a point Martin also mentioned if the identity access management system is not built up in a consistent way all over the world, then the applications have to do adjustments for the specific deployments and the specific regions, which can be painful if different protocols to be used or different flavors or inconsistent data model and so on. And at the end of the day, as the identity provider has a lot of additional complexity to maintain and to build and to maintain identity access management systems in a traditional way, all the world, and also to support organizations of not capable of well providing 24 by seven and maybe in an incident case, but not only regular base, for example, to integrate applications or to help applications to integrate this identity access management system. And I want to show our approach how to deal with this issue, and it is identity as a service, but, but, but not on a, on a generic level, having one central public identity service provider, but kind of custom fit identity as a service provider so that we can also cover very specific requirements.
Our approach is called service layers. This is a subsidiary of IC founded two years ago, and now I'm going to show some, some of the approaches you've taking to deal with the challenges of global identity access management. So first of all, what is, what is inside service there? We have taken well, very well established access and identity management product. We started with two vendors. We have vendor independent, but paying identity and choices for us and use them in a kind of approach, which we all properly all know very well from software engineering go into kind of, kind of flexible desktops world instead of, of, of traditional approach to operate these products. One of the most important paradigm here is infrastructure scope. So all the infrastructure requirements deployed product are described in code and enrolled in automatic way. And also configurations for these products are, are provoking as code.
So we are not going the direction that the straight locks in and just clicking all the buttons to configure the product the right way, but it is configured in a code encrypted file. And, and therefore then automatically applied to the instance and during the deployment are showing some in a few minutes. And the last pattern I want to mention here is 100% automation. So I can assume that most of you, if you're working with large identity access management installations, which are maybe not just in one location, but in different locations as often, the situations that that tasks which should be done on every system are not done on every system, that specific repository of file forgotten in the backup or, or is not monitored, accurate, things like that. So the 100% automation for monitoring of components. So each component just automatic way and also of backups are applied automatically, not on an instance, individual based anymore.
So having said that software engineering approach means C I C D pipelines. So continuous integration, continuous delivery pipeline is a core of, of that approach. So in the source control, they are not, it's not only source code custom developed source code, but also the rules, how the images, Docker images are built, where the products are running on the base configurations, but also the individual configurations applied by by experts. And then the C I CD's responsible to build the solution and test it and then deploy it. What is the benefit of that approach? So we know exactly every single configuration, which has been applied to a specific stage because it's in the version control, there's a change for them. There's merge for that. And it's, it's, it's a completely different level of traceability. You get by following that approach infrastructures called configuration.
And of course you can go back to any older configuration cause you know, exactly when which change has been applied to a specific stage, how does this look like the deployment? So services completely built on microservices and dock containers for the Docker images are deployed under Kubernetes, running in the Kubernetes cluster monitor towards there with all the exciting features. This new container world makes much easier for us like, like how to scale it, for example, or having more easy redundancy of a different for, for, for specific components, which are very parts of availability. And of course, Microsoft is a little bit better to maintain than traditional monolithic mono systems. Okay. So deployment is done. How does it help for global identity access management? So guess what, as all configurations are in the source control, it's easy to deploy them, not, not just in one humanities cluster, which is in one specific region, but two different clusters distribute all of other different classes in one region for performance and redundancy reasons, but also into different reasons into different regions for legal reasons. And for the points we, we, we mentioned mentioned before you can deploy the same configuration or you can deploy a similar configuration adapted a little bit. So having, for example, everything like in Europe, but adapted the page, which is showing the registration for Taiwan, things like that, it's much more easier because if you're going to maintain the system, it's basic upgrade often for access manager, P federate is done once in the right way and then applied to all to all the regions or in the case of service layers to all customs.
Okay. So what is inside inside that box? It is in just service next box. It is the heart it's of course, identity management product. Right now we are working together with sting identity and, but we are going to enhance this and having further vendors provided by our service layer and future as well, then very, very important. This is C I C D pipeline, and which is delivered com completely through service layers, security features, for example, scanning for, for outdated libraries, for non vulnerabilities in the libraries for, for, for any security issues, which can be analyzed during the build and deployment process, but also the monitoring. So each component is automatically registered to monitoring system and, and therefore there are notifications in the case of outages via phone, via email, whatever require, and there are some custom features I'm going put mentioned a few of them, which are important for global identity access management in a minute.
Before going to that point, I just want to highlight one, one important thing and why our service layers, we deliver this whole package, but not in an approach where you have one large installation with multi tenants, but a complete individual installation for each customer, which can be in a cloud, which is provided by us, for example, AWS, but also in the AWS account, which is owned by the customer itself, or even in a managed, which is running on, on premises. That's a customer in the customer data center, depending on the, on the requirements of the organization. All so let's talk about the features provided to services. One is called intelligent user roaming. So what is is meant by that it's, it's a solution to enable the user to log in, in every location, by replicating a set of data, which is just enough for the login process.
Additional information about the end user is only replicated. If, if legal legal requirements allow us to boost, this is something which is, is configured per region. So it, so it can be decided which other attributes brought from pan region to, to another region in case the require information are not available. Cause we are not allowed to synchronize them from one region to another region we have of course, to ask the end user, to provide us that information again. But this is not, not such a bad user experience as you would have by a new registration process of this end user. Another point I want to mention is about working worldwide with the same with, let's say compatible talking that I want to explain the issue a little bit and then, then talk about the solution. So if you have a mobile app, which is working based on myd connect and or it's asking the op ID provider oration server to get token has to log in for that.
And then users is talking to call an, the API gateway has to validate the token typically by using the token introspection specification and then knows, okay, it's this user and we have for specific scopes and all these things, I don't want to go details what is happening in case of a global situation? Well, we have set gateway and whole solution, which is, for example, deployed in China. And now we have a service which has to be caught by that app, which is deployed in the us. So what will happen that case the API gateway, the dates are token against its own hospitalization server server, which does not know the token. Now there are two approaches how to deal with this issue. One approach is just work with cryptographically protected tokens and making, make sure that the cryptographic materials, so the keys are distributed for all gay based, which have to, which should be able to, to work with, to of course they have Rob of that approach.
Like it's not easy to, to revoke these kind of token. And so, but it's, it's feasible in global identity access management deployments. The other approach is going for service layers as a platform to provide identity access management as a service to you, based on the global token processing features, this can be delivered out of the box. We solve now most of the issues we mentioned before, but what is about the support organization? Well, of course, 24 by seven required in global identity access management scenarios. But to make sure that identity access management is not the bottleneck in the process of onboarding new applications. There's, there's one very important approach, which is giving the application owners, the developer application of the applications, there a possibility to help themselves via a self-service Porwal of course they are not identity and access management experts, but if they just get a very strict template of what they can configure for their application, a lot of them are able to work with that because also all those, the internet giants like, like Google and Facebook are not taking a different approach for that. It's just a self-service to register your application and you can provide the same, some identity access mentioned products have this kind of functionality, part of the box services, also providing a Porwal to do simple configurations by themselves to onboard a new application, to adjust configurations, for example, defining URLs, which will be protected or which, which kind of grant type should be used during the connect integration flow.
So this is one approach to get rid of the bottleneck. The other is whenever support for end users is required. Try to delegate the responsibility to that region where the user purposes, where the home home room of that user is, and for customers it's, these are typically market organizations also for, if you have dealerships in these, in these countries for your employees, you have maybe local help desk, which can take care of that and provides them the tool to take care of, of individual user accounts sometimes. So these kind of features are often delivered by identity governance administration solutions, or there's also a lean, lean delegated administration Porwal within service, which you can use to give these kind of, of issues, which are user specific. So I hope there were some, some interesting aspects for you. This was my part of the presentation. Please feel free to ask questions about the things we told.
Okay, thank you, Andre. I think this was very insightful and a good mix of overview and technical deep, deep dive with that. I directly switch back to my presentation and the agenda. And the next part we will do is our Q and a session. We have already a couple of questions here, and I'm, I'm happy to, to get more questions asked by the audience so that we have lively Q and a session. So let's begin with the first question, which is directed to you, Andre. Is it possible, or is it also possible to deliver service layers from other region as, or only from, from EU Russia and China?
Yeah, it is also possible to deliver from, from other regions. So there are three different approaches. One is that you, as a customer are going to provide a managed Kubernetes, which is running wherever you want to run. Okay. But this is not a standard situation that you have something like that. Then you can provide us your cloud account and for your infrastructure, for example, in AWS and AWS is having a couple of regions, not the exact number right now in mind, but it is nearly most all upon regions worldwide available. And the other options to go for Microsoft Azure, where this is not possible. The third approach is we are working together with a company called giant form. They are focusing completely on operating Kubernetes and they can take care of every very specific situation. So feel free to, to, to ask for your specific scenario, we are happy to provide an approach for that.
Okay. Next question. There are only ping and four truck available right now. Is it planned to provide other products, wire service layers?
Yes, it is. We are working together right now with identity governance and vendors to have said something different on the platform. And, and, but there's not, not always a decision, which one will be the next, but this will be something which will be announced probably in the next month.
Okay. There's, there's another very interesting question. Just coming in and that is around, is, is it possible to have a multi-level admin scenario or a delegated admin scenario, meaning that business partners can manage their own identity landscape in their organization or other types of delegated administration, which I also believe is increasingly relevant.
Yes, yes, yes it is. So, so the standard situation is a multi-level organization approach. So typically you have somewhere the head Porwal, which is responsible for the overall solution and then market organization, and then maybe, maybe the market organization, a specific country, and this market organization has have 10 dealerships or 20 dealerships and the dealerships have employees or maybe departments and then entries in this department. So these kind of, of multilevel delegated administration is supported. Yes.
Okay. Another question I have here, are there any additional products and components utilized in service layers in addition to ping identity and fro
Yes, there are a couple of additional ones. So I don't want to mention, mention all of them, but, but to give you some, some examples of we, we reused of course, existing solutions where, which, where this is possible for examples of famous L stack elastic, search Keana for getting access to all logs and events, to see what is happening in your solution. Then, then GitLab is a tool provide to use to provide the C I C D pipeline. Then we have crunching relational database in the solution UMN for providing us information about vulnerabilities in, in libraries and, and things like that. So feel free to, to reach how directly, if you want to learn more about the details used used there.
Okay. One more question I have here. Maybe some others are coming in. So if you have another question asking now, so what role does the global I play? What's an interesting question. I never thought about this aspect. What role does the global IM play for digital assistance such as Alexa?
That's that's a good one. Yeah. So, so my answer, just not, not, not for, for Alexa, but, but also for other services, which I would say consumer cloud services, where, where there are actions taken by it systems like Alexa on behalf, the end user. So this kind of scenarios, it's a system like digital system acting on behalf of one of your end users. And yeah, so, and global IM is very, very important for that because you never know where this digital assistant is running. Is it running near to your home IAM system is running in different regions, is running in the us. Is it changing all the time? Because the system is running on the mobile device of the end and he's traveling around. So these are situations where we are typically have to provide some kind of global IM to support this, these scenarios very well. And to, to give you one hint, what we realized is that some of these kind of, of consumer cloud services are not very good in working with, or features like changing refresh tones because they are massively paralyzed and ed and, and, and therefore you have really take care, rotating keys and stuff like that.
Okay, great. It looks like we are done with all the questions of this webinar. So it's up to me to say thank you to all the attendance of the call webinar, hope to you soon at one of our other webinars or one of our upcoming events. Thank you, Andre, for your input, all the insights you provided and thank
Have a nice day, have a nice day.
