Listen to Identropy's Jim McDonald and Jeff Steadman on their podcast at "Identity at the Center".


Both Jeff and Jim have over a decade of experience in the Identity & Access Management space and guide companies on their IAM Program journey through Identropy's Advisory Services arm.

On this episode, Jim and Jeff talk with Arturo Cordoba, Senior Advisor on the Cyber Security team with Cemex in Mexico, about the differences in IAM in Mexico compared to the United States, building IAM teams, and a hint of blockchain identity use cases.

Brought to you by

Want to join the conversation? Leave us a message here: or email us at .

We hope you enjoy this episode and please subscribe to the podcast for updates on new episodes!

LISTEN HERE or read the full transcript below.

*Disclaimer from Identropy: These transcripts are produced using automated tools, so may not be an exact word-for-word transcription. (i.e. - if you read something that sounds wrong, it's the tool's fault!) As always, for a better experience, please listen to the actual podcast.

Podcast #10 Full Transcript:

Identity At The Center #10 - South of the Border with Arturo Cordoba

Jeff: Welcome to another episode of the identity of the Center Podcasts. My name is Jeff Steadman. I'm on the road this week, took the show south of the border with our friend Arturo Cordoba, who is the senior advisor on the cyber security team. Hi, Arturo.

Arturo: Hi, Jeff.

Jeff: Hey, Jim.

Jim: Hey, Jeff. How's Mexico treating you?

Jeff: It is beautiful coming from Chicago; I never see anything more than just flat land. And the mountains here are amazing, so I am drinking it up as much as I can. It is hot. But that's OK, It is a dry heat, as I think, some people might think it's little bit better.

The humidity is not quite as high. Oh, there was a very cool lightning storm Tuesday night when I got here, so that was kind of neat. Arturo, you're probably used to the weather, right? Yeah.

Arturo:  You are lucky because this week there the weather started cooling down because a few weeks back will be very high, like 40 something degrees.

Jeff: That's my kryptonite. I can't handle the heat. Jim knows.

Jim: I know. I'm in Georgia and it's climbing out here still. But Jeff, I mean, you should be commended, it's Friday before Labor Day and you're still working on the road. That means you're going to be traveling home on Saturday, right?

Jeff: That's correct.

Jim: And you're there with Arturo and he's rocking the October fall beard, I love it Baseball playoffs season. That's one of the things I love about our Arturo is that he's a fellow baseball junkie.

Arturo: Yeah, I'm actually this next week at the local team here in Mexico with the Mexican League. They start playoff next week. So my team made it to the playoffs.

So I'm going to keep this and I continue with the MLB. Atlanta.

Jim:  And they've got quite the team this year. So they'll be playing in October, like you said before, Jeff, we should have a separate podcast for Baseball.

Jeff: I would be able to add much value for that one, what's Baseball.

So Arturo, I'm glad you're able to set some time to talk with us. We've been working with you for the last almost two years I guess coming up pretty soon; maybe I can talk a little about your background and let's start with IAM. How long have you been in the IAM space?

Arturo: in the IAM space, this actually is not clear enough because I am start like eleven or twelve years ago in the security space information security. So I'm a start like an information security consultant mostly for employee-security things and an infrastructure like firewalls say I.P.S, things like that,  and eventually ones that we starting brought on more and more things. I start like taking projects related somehow with Identity. I think at the beginning without knowing that actually Identity was a thing like around two thousand eleven and twelve is like, what, six years back? So I start thinking I get that taken things like identity management and things like that. So I think that I didn't release that I was doing things related with identity until I start reading papers, reading information. And so at some point I just realized that I had my identity professional.

Jeff: What was the first project that you worked on that was that was specific to identity?

Arturo: The first one was an implementation of some identity monitor. So we were deploying some identity in different countries. So that was my first project related with identity. Now after that, it was like more come on until we started like formalizing the department like a couple of years back and started doing things in a more formal way. And also I think that at the same time and probably we are going to discuss that, but at the same time I just released in that entire market, these tried to formalize that practice as well. Like the early days of IAM.

Jeff: We should talk about ID problem, that's a relatively new organization. And I know that you recently just joined, I've been a member for a while. I also helped out with the board selection committee.

Jim, are you a member of IV PRO?

Jim: I'm not currently

Arturo: The reason why I right there is because I was looking and actually a couple of years back, I start looking for, Why are the kind of certification that an identity professional should meet or achieve ? So I started out looking. I find out that there's not any org if there are any is like a reference, But it's not something generalized like security, like a CFP or CSM.

Jeff: particularly more like a product focused, maybe a CyberArk engineer or SailPoint engineer. There is very specific technology.

I do something that will probably have a show specific to that at some point. Maybe we can get Dabi from that organization to come on and talk a little bit about it.

But it's the beginnings of a very specific group to support other people who are working in the ID world.

And I think it's going to be a good thing overall. But we can bring it back to IAM.

And let's talk a little bit about what your view is from your perspective of how does how does IAM get viewed here in Mexico compared to what you see maybe in other countries or the US?

Arturo: A very good question. Well,  I still feel like identity like to be part of security somehow,  like identities being like the child security somehow or something that it depends on security, at least in most of the organizations right now here in Mexico. And when things like hadn't happened, the same for security, at least from my point of view, like if you think on  security like ten years back, at least here in Mexico, it was like something new and something that wasn't like, OK, you are a security professional. So are you aren't I.T. guy who probably oversees or will have more private rights with security, but your 90 guy. So I think that in the in the past two years, security has become like security professional with authorization, where more things related to that. And I think that right now identity is following the same path, so just more years after that. But I believe that identity is going to follow the same path that security. So for right now, at least here in Mexico, he's like more I would say, like increasing in the last few years, for sure, many of organization related to the financial sector like banks or insurance companies. They do have a lot of regulation and that and so are the most mature right now in some other international companies like us, like Somex. They are doing more things related with security because of the same thing, like the same drivers to compliance. But I think we are very early in the sense of adopting new technologies or actually that companies have people really dedicated to identity, specifically to identity.

Jim:  One of the interesting things I would think is have you had to go out and hire people with an IAM background or have you tried to do that?

And what was your experience? Were there many people in the market who had the skills that you were looking for, or did you feel like you'd have to bring somebody in to train them either on IAM basics or product specific skills?

Arturo: Actually we started looking for more people since last year and actually guided us or prized-like we had a very hard time to find people. Actually, we still do because you. Again, it is like very specific, even though trying to find people focus on security right now here in Mexico is not that easy. Unfortunately, they most of the universities in here, they didn't have information security career until just a few years back, one of the most important universities here in Monterrey. They didn't have a master degree from security until I think that you going to start something like that. So I think that in the sense of the universities getting or preparing people for that, it is sort of new. And so, yeah, it's very high right now. And I have been reading some papers about that or Opinion Day Internet that they tell you about. It is better to train somebody like somebody with certain skills, like people who is more creative or because you know that also identity, at least from my perspective, is like a yes, it is a cyber-security mindset. Somehow without it that creativity or that sense of the problem solving guide rather than just a person who knows about technology. Yeah. And in some of the articles about that, they say that what's better like hiring somebody in training to be an identity person. I hear that also at one of the conference on Identiverse this year, was a girl from I don't remember the name of the company, but she was trained to be an identity professional in that company. And she was from helpdesk and out, so thinking about that because helpdesk are the ones that have like more sense today and use rather than people who is working on other projects.

Jeff: I can test that. That's my background has helped us. You know, I fell kind of into I knew I want to be in security and just kind of fell into IAM is my way to get security. And I've been there ever since. But, you know, going back to what you're saying about the hiring, I had a very similar take on that. What I'm looking to bring someone on technology skills are important, but I can typically train technology when I can't train is personality, the drive to get things done, those sorts of things. And this goes back like even  before might the days when I was in the service industry, waiting tables, managing restaurants, those sorts of things,  give me  a person with a good attitude and I can train them to do just about anything. And I think that's something that's interesting here, especially when you're it is difficult to find IAM resources and Jimmy, you seen this as well, trying to find very specific skills. That is very difficult. It's even harder when it's such a competitive market like IAM, where you have even more limited talent pool. So you do have to invest in training folks and getting people up to the skills that you want.

But she also has to make it an environment where they want to stay, and continue on that because you don't want your investment to walk out the door.

Two years later or a year later, because they're not happy with the way things are going. So is stepping on companies to invest in their people. Make it an environment where they want to stay.

Arturo: In any way, it is not easy because, it’s not like, OK, just to take a train, train from certain technologies.  it is not clear the bath of the train either neither, so you have to figure out what is next and how a curriculum for an interview can only look like because we don't have something like that.

Jim: So if you need somebody who's going to be the overall IAM architect. You want to take somebody who doesn't have IAM experience. You don't want to have to train for too many different elements. I kind of agree with where you're going, where you both you guys, you're going. Skills like intangibles like creativity and having good customer service focus. I think those are must haves. But then if you're gonna have somebody who's going to be in a large organization, you're number one IAM person. They need to have some relevant background, some relevance skills kind of going into that position.

Jeff: You really have to know what your runway is. If you've got a long runway, you might be able to invest more time. But most organizations don't. At least at the very beginning, they need to get things going right now.

Jim: Too much turnover in your group rate if you have an IAM team says of 10 people, you don't want to be losing five of those people every year if you're not going to watch continuity in your program if you do. I'd say one of the things that I've seen in terms of organizations that are successful in maintaining large IAM groups and having highly skilled people are those that either have multiple locations where they can source people from or they have a work from home culture. And this is something that I wanted to put back to our Arturo is, you know, especially with Mexican companies. The question would be, do you feel like. There is a culture where working from home would be acceptable or having full time remote employees or what's it like? It is the culture more driven towards everybody needs to be in the same place as they can have.

Arturo: Well, right now, I mean, in the last, this start shifting to more open to remote office or having these room and open spaces in to their buildings of the companies. And it's something routing you. And in most of the times this is driven because of the problem with transportation in big cities like here in Monterrey. So we are facing right now should wait. I know people moving from one place to another like one hour more than an hour or two hours’ drive to from home to the office. So it's not that you cannot maintain that lifestyle. So start changing that. And most of the consultancy companies do it and is designing susceptible. And for some other companies, they are seeing the benefits like having smaller solstices or reducing the times for moving from one location to another.  But I think that Mexico is moving into that culture. Probably a little bit behind you guys, but they are doing some changes on that. And also in general, the culture because of the new generation,  like millennials right now they're getting to big companies like these are all companies like Somex that more than one hundred years old. And so the company needs to make this transformation and actually be very open and very attractive for these newer telling, because otherwise the new Italian will go forward. The ones that have the more funds staffing to the office are more flexible in terms of the. Just a lot of the time and things like that. So I think that if the companies are not willing to transform, they will eventually die. Or do you eventually get in trouble to get people on board because otherwise they don't have any each other that.

Jeff: What are some of the challenges that you see as we're working on the IAM program here at Somex? What are some the challenges that you see just starting that up and getting it going. That you've run into over the last few years?

Arturo: No more challenging, in general about identity?

Jeff: Yeah, just about starting up the program.

Arturo: The first thing is that how you communicate that identity? Actually, I think I mean, what you are taking about security, ID, Data, most of the time it really helps. Like using like trend topics, like I don't like security. Most of the times, compliance for sure will help. But it has been like process, like a processing where you need to actually communicate along with the conversation on security, because we are part of the security team here. So it is like the conversation driving in the security side, but also saying that debating this is something new and something that is not only about security, but it's also about compliance. It's also about user experience, about also about all the other benefits that you have to wait along with those. And in passing the message like, okay, this is something unethical and how a program as a whole will help you on that.

Jeff: What are some of use cases that the business comes to you for?

From an IAM perspective, you see any differences between this region of the world compared to maybe what you've heard from converses that we tend to IDPro or Identiverse or Gartner or Blackhat, a similar use cases coming off fording or there are other things that might be.

Arturo: I think also Malaria and do something that really was the war like made me happy because at the beginning I was still saying that probably these use cases are very particular for us, us as a region or as a company because we have location more than thirty five countries. So I thought that was based on a type of company probably, but I realized no one more peered through into security and identity space that the challenge hard the same and they are strolling the weights M.F.A. deployments. They are struggling with the automation of certain technologies. So they having a bad time with one particular band or things like that, so actually sometimes this kind of conference I like a shoulder to cry riot.  And it's fun. But at the same time you say hey so we are not on that road and we can share experience and chat about that, in the most of the cases and, from regional things like that, we just recently finished worldwide deployment for multi-factor authentication and we had certainly challenge for different countries and regions because not all the people like, for example, in Mexico or in the US, they are willing to use their phone, even that their personal phone for being M.F.A.. But in some other countries they are not. So they are saying like, why should I use my personal phone for something related to war?

Jeff: So there's an expectation that if you're making me use this from where you really should be paying for it or I'd rather do that.

Arturo: In some other countries you and they have like a very strict work on field. So you have to lead with that as well. So it is different from country to another.

Jeff: Do you notice any difference from an expectation of things like SLA or how long it takes to get things done?  Let’s maybe take like Amber, for example. They would love to have it be automated and it works just automatically. But the reality is some companies; they take two days to work on that or a week or two weeks. Do you notice any difference with being a global company where, in the US, the expectation is that this work will be done in two days, but in, let's say, Germany, the expectation is that it's one day. Do you notice any differentiation in that?

Arturo: Not really. I mean, usually the process that we review, the use cases from one country to another at why the same, and probably because we are much globalized world. So if you go into a LinkedIn and you see like people saying, I'm just going into this company, you can show the photo from day one and come with the entire freebie and all the things there. So I think that HR is the kind of experience that they are trying to deliver to their customer, which our employees. And I think that in terms of expectation, there is you're trying to expect the same. And in recent years, how so? H.R. departments are leaving this transformation with different tools from their side. So they are looking for the same, so how we can on-board people in the fastest way. So other concern, not for H.R. but for security is okay. What about the 0:40? Broadly, H.R. is not really concerned about of boarding because they are just saying bye bye, as long as they get from the payroll system. But for a security standpoint we tried to look for, okay. We need to make sure that of boarding do also works at this day at the right time, right?

Jeff:  What about the language support? Do you find that because of being a global company that there may be language challenges or have you settled on a certain language is sort of like a default?

Arturo: That's very good point, actually. We usually struggle with that. And most of the cases, we ended up making no foreign translations, even though that the system for some day, the sun migration at the time, we had to translate things from day out-of-the-box solution. So we usually work with the local I.T. or H.R. departments to make that translation. So even that they come up with French language. The French guy would look and say he's done making his hand. So they made the change in the translation from day on language something. And I think that the Spanish happened the same now. So we have Spanish from Spain, from Latin America, from Argentina. So we have that variation as well in some languages. But yet this is another challenge as well and happens, right now, the same with cloud technologies and more difficult data optimization there.

Jeff: So you find a lot of technologies are more English focused at this point, or are they doing a pretty good job of having native better native support for.

Arturo: they're getting better. They're not the same like 10 years ago. But they're getting better. I think that they're not reaching a point yet where they have like strong language. Yeah. And also the other thing is that the war is getting more globalized. So it is true that the most of administrator with employees can handle in different languages, at least in global companies. But us today through is that we have a lot of local workforce. We just focus on the. They're all language like French, or Britain that’s happened here in Mexico, so, something that is needed,  and companies going ahead doing better right now, but still a thing.

Jeff: Jim, when you're working on different projects, do you see a lot of kind of language things come up?

Jim: I was sitting here thinking I was thinking back to the workshops that we held. And I thought everybody spoke excellent English. I mean, better than I was expecting going into the meetings. But one of the things that we have to remember is that almost every large corporation has no factories or folks in the field. And that's where, leaking back to everybody. Everybody speaks English, at least as the second language breaks down. And you get to the point where you have to make your systems available in multiple languages. I definitely remember the days, a decade ago with systems like Sun or Oracle. And it wasn't specific to the systems, but it was just, we needed to make all of our solutions available in multiple languages. Most of them had language packs. Yet they didn't have translations for customization that you put into the system. So if you added some language, you'd have to add in whatever number of languages you want to just support, make those language files available. I haven't run into it as much these days. I think a lot of enterprise deployments companies make the decision to make their systems available in English only.

And usually I think the biggest driver of that decision is cost. Quite frankly, I think the other thing is that there are more technologies now that are browser based that will do some automatic translations and I'm sure they probably come out sometimes. I always point back to I want to take my wife and I wanted to go on a vacation to Iceland or looking at going there for our honeymoon. This was 20 years ago and found an Iceland tourism site. And or is it? It was obviously translated from wherever the local languages into English. And it said, don't forget to bring your swimming costumes. And I thought I would like to learn how to swim because of you. But actually, you know, as we were talking about all this, I was thinking also about, I know that Arturo is at some stage in his Privilege Access Management deployment, Privilege Access Management Deployment is my experience often run into a lot of resistance primarily from the folks that do system administration, whether you're used to knowing accounts on the servers. And that's kind of a safety net in their mind in terms that they can always get into their systems, Now you want to put something in between and you want to look over their shoulder. So I'm wondering, after what has been your experience so far in rolling out privilege, access management, has there been much in the way of resistance?

Arturo: Well, in terms of resistance, I think that for sure, PAM is one of them. But I think that in general, any change that may impact the end user; they would require this kind of management of the change. And it's interesting because I have been working with different partners here related; we either have implementation or single sign on implementation with Microsoft technology, for instance. And a lot of companies right now, even though they are companies, focus on technology or identity security. They are either working with a partner company or like a small company or a sister company that is dedicated to organizational change management. So I think that in the last few years, how did technology companies in this case related with any kind of deployment that involves the end user they're adding this important piece of orientation change management is something that also and here the company has been working in the past, four years now and having these department in charge of that. But it's something that I don't know, like six years ago, at least here in Mexico; you don't see that kind of change management. So right now, I think that companies are releasing that important and it's something that needs to be added. And yeah, actually this week that were reviewing about that, we are still in the planning phase for. PAM and we include into their deployment and into the whole project that is because since the beginning we knew that it's going to be important to manage the changing in a better way. So what? But comes to my mind in that when we were reviewing that is I. OK. That's interesting because the companies are including these, but usually they have focused team or an even focused company on only change management. So the idea is simple. Pertinent and probably with the help of these companies where you are getting to more strategies around, how do you convince your administrator, how you sell internally to your administrator, the idea or not the idea, but the benefits because there are benefits there for sure, but it's not always easy for everybody to get all the benefits. So this is where change management comes into play and they really help you to understand what is the benefits idea , it's happened the same with the MFA. So what is the benefit of this? I don't get it's just to bother me with this asset, but I'm gonna keep it for that. But it's a lot of benefit behind that. So it's important that organizationally change management take place and say, OK, this is important because of this and that the security department works with them to pass the measures through.

Jim: That's your million dollar idea.

I mean, it's really spot-on. I think it's something that was much more overlooked in the past, but now it’s a key component of being successful is, thinking through what is the impact of this technology or assist that we're going to create change for people. And, how are we going to make sure that we minimize the impact of the negative impact of the change? So I know we're running up on time, but I did want to touch on one more time.

At least, which is GDPR and global privacy regulations overall are kind of how are they impact to you so far in terms of your Job and having to make accommodations for global privacy regulations?

Arturo: Well, at least here in the company, these kind of topics are highlighted by medical plans, apartment. But, definitely we were involve on some of the changes that were needed for that.

Jeff: Get more on the compliance side, or at least for here.

All right, I got one last question, and it's really more around the work or the studying that you did if your masters around blockchain.

So can you tell me a little bit or maybe talk a little about the dissertation you did regarding blockchain and identity management?

Arturo: Yes, I did my master's degree in two thousand fifteen to sixteen. I did my third degree on cyber security in university on some small company in the U.K. And I went there just to I need a break after eight years straight to work. And I went there. Let's go update in cyber security space in general. So it was pretty cool because you'll plug everything from your regular life and you go back to day classroom and, actually, it was like a lot of work because you had, like in the U.K., just one year for your master degrees different than the other countries that usually have two year for that. And it was very good in terms of going back to cyber security and in a lot of topics, so one of the topics that really caught my mind at the end was day to blockchain technology. And at that time, there was a heap on every team related to blockchain and bitcoin and things like that. And so I decided to stick it to that topic. Blockchain and I added Identity because at that time I were working on identity as well. So I was talking with that professor and I was working on that dissertation. And she said, she is an Italian professor, she said okay, let's combine both of them. Let's take identity. Let's take blockchain and let's do some research about what is the market doing and where how things are going in that end, so, it was basically we didn't build something in terms of building a product or something, it was more like a research.

Jeff:  where blockchain apply. Where would it make sense to use from an identity perspective?

Arturo: we were taking it at general blockchain, what it is, how it works, and then also taking the identity part. So, how you can apply blockchain, you know that blockchain technology, they have a different use cases and different implementation ways to implement it. So one of the things was, OK, what about identity? One of the main topics or that was OK. Why are the issues we dated these systems right now.

 And one of the particular issues I found is that you have everything in a single location. So most of the hacks related to, for instance, they started out targeting where they have all the keys in one place. So the attacker get into that systems and install getting stolen all the whole keys. So you're screwed, and at that time. And this is how we can separate that and how we can take advantage of that. And at some point, why not the end user or the user can keep all that sensitive information. So if somebody breaks into a main location, there's not any key. There are two way that the fraud is taking blockchain as this huge ledger to have that breadth different systems and then don't have it ever to a single location. And one of the both I was also to use Thirroul as proof, which is another type of implementation. Cryptography implementation to not share the information with the service provider. So imagine that you are an identity provider and you need to prove something to the service provider.

So in that prove how you can actually prove.

Whatever they are asking for without revealing the whole information that you have, so using this kind of cryptography, you are able to somehow make that proof without actually revealing the information. So this is more in a privacy standpoint where you say, OK, what if there is a way in where you can actually prove. Imagine everything in your personal life that you need to prove to somebody that you are more than 20 years old for buying a beer or you are. I know your title or your certification, every proof that you need to made. You can make it the proof without revealing any extra piece of information. So he's like a lot of concept around that, for privacy and for getting back to privacy to the actual user. And this is also a very interesting topic, because right now, as you may know, a hacks related to privacy, over up two were doing companies like Google or Facebook in terms of privacy there, they are exploiting that part rather than keep it private. So our conversation, how we can tell you about the privacy, how we can take back control over our own teams and then have the privacy. And these are protocols that help you and that unfortunately, at least at that time, three years back; they weren't any more efficient protocols for that. So the implementation just in lab or only with some research doing. IBM was working on that data at the time. So, yes those are very good technology and a lot of good things going around that. So hopefully in the near future, if the researchers continue working on that or if more people who are willing to research on that, we will have interesting implementations either on blockchain or protocols.

Jeff: I see it being more ethical to more like the consumer space.

I'm still struggling to find a good application for where it makes sense to use blockchain inside the enterprise. I mean, there's probably some out there. And I would certainly welcome anyone who has thoughts on that because I'm curious what those might be, that would be practical today for blockchain use, but I certainly see it more external facing.  Its more government focused its school medical records. Those are the things we do need to have an expectation of privacy. And you want to take the concept of the zero knowledge is really kind of the least that the concept of least privilege If you think about it from a data attribute perspective. So how do I prove that I am twenty one years old or eighteen years old? Do I need to show my flight or time to settle on a trade where it has my address in my name and everything else in addition to my age? Or can I have just a system that says it's binary? Yes. No. Is this person 18 or older? Yes. Does it matter if I'm 50, 40, 30 or new 18? Probably not that case and I can see you use cases like that where you need to demonstrate. Certain things, right, with that knowledge.

Arturo: Right. Would that mean blockchain is something that we can talk like forever?

Jeff: We'll probably have to do it. You have to have a separate one. So I think that's a good place to leave it with the other confusion that blockchain tends to involve amongst people.

I feel like I've sat through and listened to so many blockchain things that I probably know it. And I still feel like I don't know.

Arturo: I sit with one of my colleagues here that day, he's in charge of that complaint. And he says that the blockchain is only for financial things and related to have a coin and something in particular, bitcoin, things like that. And actually, he's through because it is a way that was created. But they are finding some different implementation ways to do it and that doesn't mean that you cannot do it for or something else, the same concept but applying in a different way.

Jeff:  It'll adapt and move to something or it'll spark something new. It's just that's just the way of technology. Innovation works in general.

Arturo:  Something that really surprised me, one that are stunning or even researching more about bitcoin is that all the technology is involved in the concept of bitcoin and blockchain where there were real ones. I mean these two big systems already exist; all of them already exist few years back. Why don't you as somebody put all the pieces together and say this is idea. So this is something that is really I mean, really surprise me. And at the same time, really give me a lot of hope for the future, because how many applications, how many technology that we already have could end up being some kind of idea like that.

Jeff: And there I think as a professional podcaster, I'm going to call myself.

Now, that goes back to the creativity that you were talking about earlier. It took the creativity of someone to say, hey, what if we combine these pieces in this specific order in a specific way and all of a sudden you had this brand new space that I mean, you put blockchain in your name and, you know, people were throwing money at you it.

 Jim, do you have everything you want to close out with.

Jim: No you guys kill it there.

Jeff: All right.

Well, I certainly appreciate the time Arturo. It's always good to see you. It's always good to see the mountains of Monterrey and look forward to coming back soon. Appreciate the time you've spent with us.

And we're gonna go ahead and leave it there for folks who are listening. Hope you enjoyed this. And if you like what you heard, like subscribe, put out a five star rating or eight, tell your friends, tell Jim's dad. If you listened to last week's episode, we're always looking to have different ideas come our way. And if there are things that you want to send to us, you can get a hold of us at

And we'll talk to you on the next one. Thanks,



Jim McDonald & Jeff Steadman

Jim McDonald & Jeff Steadman

Jim McDonald is a professional with over 15 years leading teams through business-critical technology initiatives. Technical Strategist, Leader and Champion of Change with history of crossing organizational boundaries, cultivating strategic alliances and building consensus and alignment among diverse constituents to leverage IT as strategic asset and deliver solutions that rejuvenate and advance global business’ financial performance. Also as part of our advisory practice and with over fifteen years in the identity and access management space behind him, Jeff Steadman helps develop realistic IAM strategies and provide vendor agnostic recommendations to move the needle on IAM maturity for organizations large and small.