Identity at the Center

• #329 - Discovering Effective User Access Reviews with Stephen Washington

  In this episode of the Identity at the Center podcast, hosts Jeff and Jim discuss the vital role of user access reviews, device identity, and the evolving landscape of Identity Access Management (IAM) with guest Stephen Washington, Head of IAM at Discover Financial. The conversation delves into regulatory compliance, the use of AI in IAM, and practical steps for improving user access certifications. They also explore the importance of managing service accounts, innovations in IGA, and the role of identity in modern cybersecurity frameworks. The episode wraps up on a lighter note with a chat about fitness challenges like Tough Mudder and personal cheese preferences for grilled cheese sandwiches. Chapters 00:00 Introduction to Regulatory Compliance in Financial Services 01:54 Welcome to the Identity at the Center Podcast 02:07 Exploring Device Identity 03:19 The Role of Identity in Modern Security 06:44 Engaging with the IAM Community 10:31 Upcoming Conferences and Events 13:58 Interview with Stephen Washington 25:36 The Importance of User Access Reviews 33:55 Backend Changes in IGA Systems 35:04 The Concept of Identity Data Lake 36:37 AI and Identity Fatigue 37:22 Importance of Identity Hygiene 38:32 Challenges with Access Reviews 39:42 Regulatory Compliance and Policy Changes 41:06 Advice for Practitioners on Access Reviews 45:47 NYDFS and User Access Reviews 47:41 The Role of NIST Cybersecurity Framework 52:35 Training Auditors and Policy-Based Access Control 57:38 Fitness and Stress Relief 01:05:38 Grilled Cheese and Final Thoughts Connect with Stephen: https://www.linkedin.com/in/stephen-washington-jr-5569b57/ Gartner IAM Summit - Code IDAC425 saves 425€: https://www.gartner.com/en/conferences/emea/identity-access-management-uk European Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridac Identiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

  --------  

  1:09:44
• #328 - Continuous Identity with Sean O’Dentity

  Jeff and guest co-host Sean O'Dell, an identity expert from Disney, discuss the importance of knowing and cleaning data to optimize identity and access management. They delve into topics like Shared Signals Framework (SSF) and Continuous Access Evaluation Profile (CAEP), and how these standards are paving the way for event-driven IAM. They also touch on the complexities of verifying identities, role management, and session management in a zero-trust environment. The episode includes insights into the future of identity practices, emphasizing the shift from runtime to event-driven models and the critical role of accurate data. Chapters 00:00 Introduction: The Importance of Data Integrity 02:16 Welcome to the Identity at the Center Podcast 03:12 Catching Up with Sean O'Dell 09:23 The Role of Identity in Business 12:36 Understanding Shared Signals Framework (SSF) and CAEP 20:49 The Future of Identity and Access Management (IAM) 32:36 Continuous Management and Identity Verification 33:33 Contextual Signals and Security Regulations 34:44 Data Hygiene and Business Process Challenges 37:52 Centralizing Data for Better Identity Management 44:08 Session Management and Access Control 50:04 Zero Trust and Ephemeral Access 55:51 Defining Continuous Identity 56:50 Fun and Lighter Notes Connect with Sean: https://www.linkedin.com/in/seanodentity/ European Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridac Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

  --------  

  1:01:14
• #327 - Sponsor Spotlight - Andromeda Security

  This episode is sponsored by Andromeda Security. Learn more at https://www.andromedasecurity.com/idac⁠ Join Jeff and Jim on the Identity at the Center podcast as they chat with Ashish Shah, co-founder and Chief Product Officer of Andromeda Security. In this sponsored episode, Ashish dives deep into the importance of solving identity security problems, especially in cloud and SaaS environments. He explains how Andromeda's AI-powered platform focuses on both human and non-human identities, offering use case-driven solutions for security maturity. The discussion covers challenges, AI and machine learning applications, and practical insights into permissions management, risk scoring, just-in-time access, and more. Stay tuned for interesting takes on identity security and some fun recommendations for your reading/listening list. Chapters 00:00 Introduction to Identity as a Data Problem 00:41 Overview of Andromeda's Capabilities 01:27 Welcome to the Identity at the Center Podcast 02:03 Meet Ashish Shah, Co-Founder of Andromeda 02:37 The Genesis of Andromeda 03:33 Addressing Identity Security Challenges 05:29 Andromeda's Approach to Identity Security 09:44 Measuring Success with Andromeda 12:21 Andromeda's Market Position and Ideal Customers 18:35 The Rise of Non-Human Identities 28:42 Understanding Identity and Accounts in AWS 28:54 The Concept of Incarnations in Identity Management 29:42 Human and Non-Human Identities 32:13 Challenges in Authorization and Access Control 32:44 Implementing Zero Trust and Least Privilege 35:10 Role of AI and Machine Learning in Identity Management 36:21 Risk Scoring and Behavioral Analysis 39:04 Customer Data and Model Training 41:08 Explainability and Security of AI Models 46:14 Customer Influence on Model Tuning 49:03 Andromeda's Offer and Final Thoughts 51:34 Book Recommendations and Closing Remarks Connect with Ashish: https://www.linkedin.com/in/ashishbshah/ Learn more about Andromeda: https://www.andromedasecurity.com/idac⁠ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and watch at https://www.youtube.com/@idacpodcast Keywords: Identity security, IAM, cybersecurity, artificial intelligence, AI, machine learning, ML, non-human identities, NHI, just-in-time access, JIT, IGA, privileged access management, PAM, identity threat detection and response, ITDR, cloud security, SaaS security, Andromeda Security, Ashish Shah, IDAC, Identity at the Center, Jim McDonald, Jeff Steadman

  --------  

  58:57
• #326 - IAM in 2025 with Martin Kuppinger

  In this episode of the Identity at the Center podcast, hosts Jeff and Jim welcome Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, for his fifth appearance. The discussion delves into the evolving intersection of AI and identity, emphasizing the critical need for reliable identity verification as technology advances. The conversation also touches on the future of identity systems, including the potential of decentralized identity solutions and the role of AI in enhancing identity management. Martin shares insights on the European identity landscape, promoting reusable identity verification and highlighting emerging trends such as policy-based access and natural language interfaces. The episode wraps up with travel tips for Berlin and a look ahead at the European Identity and Cloud Conference (EIC) 2025. Chapters 00:00 Introduction to AI and Identity 02:09 Welcome to the Identity at the Center Podcast 02:15 Upcoming Events and Personal Anecdotes 06:18 Guest Introduction and Main Discussion 07:03 Identity Verification Trends and Challenges 10:04 The Future of Identity Verification 23:27 Enterprise Use Cases and Solutions 28:05 AI Agents and the Future of SaaS 28:59 Introduction to Martin the Chatbot 29:23 The Role of AI in Enhancing Search Functionality 31:05 AI's Impact on Various Industries 31:49 Challenges and Limitations of AI 34:10 The Future of AI in Identity Management 40:40 Leadership Compass for Access Governance 45:28 Microsoft's Strategy in Identity and Security 56:19 Travel Tips for Germany 01:03:01 Conclusion and Final Thoughts Connect with Martin: https://www.linkedin.com/in/martinkuppinger/ The 2025 Identity Fabric and IAM Reference Architecture: https://www.kuppingercole.com/research/an80978/the-2025-identity-fabric-and-iam-reference-architecture Webinar Recording: Identity Fabric and Reference Architecture 2025: Future-Proofing your IAM Access may require registration and maybe a KC membership (for the report). Information about KC Memberships: Membership Packages | KuppingerCole European Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridac Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords Identity Verification, AI, EIC 2025, Digital Identity, Trust, Decentralized Identity, User Experience, Onboarding, Security, Technology Trends, AI, identity management, access governance, data extraction, future trends, Germany travel tips, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Martin Kuppinger

  --------  

  1:04:58
• #325 - Theorycrafting Modern Identity Architecture with Ian Glazer

  Welcome to the Identity at the Center podcast! In this episode, hosts Jeff and Jim dive deep into modern identity architecture with guest Ian Glazer. They discuss topics such as the importance of policy, data orchestration, and the evolving landscape of identity and access management (IAM). Ian shares his thoughts on the future of IAM, the integration of various data sources, the role of events in IAM, and the potential for real-time identity solutions. They also touch on upcoming conferences, the European Identity and Cloud Conference 2025, and the significance of engaging with the identity community. Tune in for a thought-provoking discussion on the advancements and future directions of digital identity! Chapters 00:00 Introduction and Podcast Overview 00:11 Upcoming Plans and Challenges 01:03 Guest Invitation and Podcast Dynamics 03:31 Conference Announcements and Discounts 06:05 Welcoming the Guest: Ian Glazer 06:46 Fido Feud and Conference Experiences 16:29 Identity Market Trends and Innovations 19:19 Modern Identity Architectures 33:51 Identity First Security: A New Approach 34:50 Unified Data Tiers: Breaking Down Silos 36:14 Modern IAM: Opportunities and Challenges 37:02 Ephemeral Access and Zero Standing Privilege 39:18 Understanding Identity Data 41:30 Workforce Identity Data Platforms 47:14 Orchestration and Execution in IAM 51:09 Real-Time Event-Based Identity Systems 54:45 Future Directions and Community Engagement 59:03 Teaching and Sharing Knowledge 01:05:33 Closing Thoughts and Recommendations Connect with Ian: https://www.linkedin.com/in/iglazer/ Notional architecture for modern IAM: Part 3 of 4 (blog): https://weaveidentity.com/blog/notional-architecture-for-modern-iam/ 2025: The year we free our IAM data: https://weaveidentity.com/blog/2025-the-year-we-free-our-iam-data/ Learn more about Weave Identity: https://weaveidentity.com/ Digital Identity Advancement Foundation: https://digitalidadvancement.org/ Avoid the Noid! - https://en.wikipedia.org/wiki/The_Noid Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Ian Glazer, Weave Identity, Identity and Access Management, IAM, Modern Identity Architectures, Modern IAM, Data Tier, Events, Orchestration, Zero Trust, ZTNA, Shared Signals Framework, EIC, Gartner, Black Hat, RSA, Identibeer, Data Lake, OIDs, IANS

  --------  

  1:09:17

More Technology podcasts

Trending Technology podcasts

About Identity at the Center