Identity Management Blog

I consider a Zero-Password Enterprise to be one in which the end user does not have to remember or be prompted for additiona l passwords for each of the applications she is accessing. Rather, the user is authenticated by a primary authentication authority which acts as the main identity provider. Ideally, this primary authentication authority employs a multi-factor authentication scheme (i.e. 2FA), rather than username/password. It is important to note that at a technical level, many 2FA mechanisms may still prompt the user for a password for that mechanism. For example, if you were using ...
Read More
That is the position is set out to convince people of with my talk 'IDaaS: The Now Big Thing' at this years Cloud Identity Summit. Even with the words 'Cloud' and 'Identity' in the name of the conference, and even with a fairly friendly crowd, I knew that this would be a somewhat daunting challenge. 30 minutes is a short amount of time in which to make the case that IDaaS has better Security, ...
In part 1 we introduced the notion that the proliferation of Internet-enabled health devices (such as sensors like Nike+ FuelBand or FitBit) and a growing base of health apps (such as myfitnesspal), is changing the landscape of healthcare.  In this post, I want to explore how they will help catalyze a shift towards more preventive care and healthier lifestyles, which will challenge the definition ...
Professionally, I have spent quite a bit of time helping healthcare companies implement enterprise Identity and Access Management (IAM).   Over the course of those engagements, I’ve learned a lot about the healthcare business.  One thing I learned is that the vast majority of healthcare costs in the US are linked to lifestyle diseases such as heart disease and type 2 diabetes, both of which can ...
You may have heard that we launched a new SaaS Advisory offering this week. As part of this process, we've generated some methodology and some tools that we wanted to share with you. Some of these have been available from our website for several weeks, and we've just published some new ones, so we wanted to pull them all together into a DIY kit.
It’s par for the course in enterprise IT that when game-changing technologies hit the mainstream, the many benefits they offer are accompanied by a new set of unforeseen IT risks.  It’s the way of the world, and while you may not be able to account for the unknown, if you anticipate that there will be surprises, you can ensure that the benefits of any given innovation will far outweigh the risks.
I wrote a two-part column for a new online community, Solution Providers for Retail on how Facebook is driving consumer and enterprise SSO convergence. Part one focused on how Facebook was catalyzing BYOI in the retail industry and part two discussed some of the hurdles that are currently preventing broader adoption of BYOI.
Part 1 and Part 2 describe the evolution of our thought process as we become an IDaaS solution provider. In part 3 I provide the two more lessons that have helped us shape our approach. Do you really need to be that unique?
In part 1, I started by sharing two important lessons in our journey to becoming an IDaaS solution provider, namely avoid Cloudwashing and don’t forget about the on-prem apps. In part 2, we will focus on two additional lessons. Start with identity, not with SSO In  several occasions before, I have stated that Single Sign-On (SSO) should be the by-product of doing identity and access management ...