The 82nd Edition of the Identity Jedi Newsletter

Let's talk Digital Identity and Beyond...

Presented By:

When Security is a Must, Trust Lastwall

Discover Lastwall's all-in-one Identity as a Service (IDaaS) solution to streamline IT administration and bring hassle-free user access across all your cloud services and IT infrastructure. With integrated quantum resilient cryptography and a PKI-first approach to identity provisioning and authentication, credentials are safely tucked away in hardware-bound, segregated systems within a range of modern off-the-shelf devices. Ready to go passwordless and level up your data security? Get in touch with us today to start your journey with Lastwall.

Hey Jedi welcome to the 82nd edition of the Identity Jedi Newsletter. Big shout out to our sponsor for this week’s edition Last Wall! Looking forward to working with them more in the weeks to come stay tuned for a completely nerdy podcast with them as we talk Quantum computing! You have no idea how excited I am for that conversation. As always, show our sponsors some love!

Morgan Freeman Applause GIF by The Academy Awards

Gif by oscars on Giphy

Coming up in this week’s edition. Let’s talk about Digital Identity as a whole. I think we need to shift our mindset on this problem. Also I just can’t stop thinking about API’s!!! And let’s move Beyond Identity and talk about things like leadership, training…and and also some news from Beyond Identity…lol. Gonna be great time. Now…

LET’S GET TO THE GOOD STUFF

This week's edition

Modern IGA Guide

Interesting guide from the crew over at ConductorOne that talks about what Modern IGA should look like. Good read, and free and easy to access. Just hit the link, no contact information needed.

Going Beyond Identity

Sarah Cecchetti announced this week she’s leaving Amazon to head to Beyond Identity and lead their product team. For those who don’t have the pleasure of knowing Sarah.

She’s kinda of a big deal. (And really good at Escape Rooms)!

I was already interested to see what Beyond Identity would bring to the market, but I’m even more excited now to see what things Sarah has in mind.

Interesting times!

Check out her words on why she chose BeyondIdentity and her thoughts on the world of identity.

Congrats Sarah!!!

Breaking Down Silos: The Unified Path to Digital Identity Management

In the realm of Identity and Access Management (IAM), the industry often finds itself fragmented into distinct segments. We speak of and sell identity solutions in isolated parts, focusing on Identity Governance and Administration (IGA), Single Sign-On (SSO), Privileged Access Management (PAM), and Non-Human Identity Management. We even categorize these solutions by different personas, whether Workforce, Consumer, or Supplier identities. Yet, this segmented view obscures a critical truth: the interconnectedness of all these elements. We are on a quest to manage the lifecycle of a digital identity—from its creation to its deletion, and every moment in between. Our ultimate mission is to understand and control what a digital identity does throughout its existence, achieving true mastery over the digital realm. Ok, maybe not the last part, but you get the point.

The concept of digital identity is all-encompassing. It transcends the boundaries set by individual IAM components and personas, weaving a comprehensive fabric that underpins an organization’s security and operational efficiency. This holistic approach to digital identity management acknowledges that every aspect of IAM is interrelated and collectively contributes to the secure and efficient management of identities. Now ask yourself this question. Does the current selection of IAM tools match that outlook?

The Lifecycle of a Digital Identity

A digital identity’s lifecycle begins with its creation. This phase involves not just the initial provisioning of access but also ensuring that the identity is accurately represented within the system. The onboarding process, often driven by Identity Governance and Administration (IGA), is critical as it sets the foundation for the identity’s future interactions and permissions within the network. During this phase, ensuring that the identity has appropriate access based on its role and responsibilities is paramount.

Once established, a digital identity enters its active phase. Here, tools like Single Sign-On (SSO) and Multi-Factor Authentication (MFA) come into play, providing seamless and secure access to various systems and applications. SSO simplifies the user experience by allowing a single set of credentials to access multiple services, while MFA adds an additional layer of security, ensuring that the identity accessing the system is indeed who it claims to be.

In parallel, Privileged Access Management (PAM) focuses on securing and monitoring identities with elevated permissions. These privileged identities pose a significant risk if compromised, making PAM a critical component of IAM. By controlling and auditing the actions of privileged users, organizations can mitigate the risk of insider threats and ensure compliance with regulatory requirements.

The lifecycle of a digital identity also involves ongoing maintenance. This includes regular reviews and updates to ensure that access rights remain appropriate as roles and responsibilities evolve. IGA plays a crucial role here, facilitating periodic access reviews and certifications to maintain the principle of least privilege. All of these functions are a by-product of trying to deal with identity as a collection of different problems, instead of one single problem. Think about it for a second. If at the time of creation of an identity I assign it to polices that govern what type of access it can have, I then use those same polices during the active phase to ensure that it aligns with what it was given at creation. If I need to modify that policy I introduce a change to the identity, or the policy itself. But by having both the creation phase and active phase of the identity lifecycle in sync I am ensuring what that identity has access to. So if that's the case, why would I need to review the access?

The Interconnected Nature of Digital Identity

What becomes evident through this lifecycle is the interconnected nature of digital identity management. The creation, usage, maintenance, and eventual deactivation of a digital identity are not isolated events but are part of a continuous, interconnected process. Each stage relies on the others to ensure a secure and efficient identity management ecosystem.

For example, the data collected during the onboarding process influences the identity’s access rights throughout its lifecycle. Similarly, the monitoring and auditing conducted by PAM provide insights that can lead to adjustments in access controls enforced by IGA. The seamless access provided by SSO is underpinned by the robust authentication mechanisms enforced by MFA. It's all connected.

The Future of Digital Identity

As we move forward, the IAM industry must shift its focus from fragmented solutions to a holistic approach. By recognizing that digital identity management is a continuous lifecycle, organizations can develop more effective strategies to protect their digital assets. This requires an integrated mindset, where every component of IAM is seen as part of a larger, cohesive system. This also requires tools that allow you to manage that system, and not just parts of it. This requires breaking down the walls of personas, and point solutions. We solve the fundamental problem, and we create revolutionary solutions.

Identity Jedi Show Podcast

The Last Word

Every conversation I have about identity is revolving around these two points: 1) Convergence is here.

The biggest threat to every single vendor in the identity space right now are the following words: Microsoft E5 License.

If you read that and shuddered, I’m sorry. But this is a real discussion to have because love them or hate them Microsoft is making a compelling case to businesses to consolidate into the Microsoft umbrella of products. The ease of use, and financial motives just make too much sense. Now do those customers get a great IAM experience with that? Meh…kinda. Entra SSO is solid product, Active Directory/EntraID is solid, MIM…well….we don’t talk about MIM

What we’ve known about Microsoft is that they’ve never been able to deliver a quality IAM/IGA/PAM experience. Does that mean they can’t? No. Will they?…… ( I think that is the next deep dive topic)

2) What’s next?
This market is so ripe for disruption I can almost feel it! There are some amazing companies that you’ve never heard of ( yet) that are working to move past the problems of today. Delivering value in a way that doesn’t conform to conventional thought. There are also PASSIONATE founders in this space who just want the problems to be solved. It’s an amazing time to be in the space.

That’s all I got this week. Once again shout to our Sponsors at Last Wall. Don’t forget to show them some love.

Identity Jedi University is coming soon! Beta testers are wrapping up and we are expecting Go Live the end of the month!

Also Identity Jedi AI will be launching with the launch of Identity Jedi University!

Next IAM A Gamer Series is THIS FRIDAY!!! ( We’ve had some people drop out, so it might just be me playin Hell Divers and talking CIAM…but we’ll see. IF that is the case you might get College Football instead…lol)

Also I just launched a 9-week blog series titled: IAM Navigator: From Setup to Success. Dives into the steps for setting up and IAM program, and the goes from the perspective of selling to that program. Drops every Monday at 9:30am for the premium subscribers.

Whew….that was a lot..alright I’m out.

Till next time

☮️

Be Good to each other, Be Kind to each other, Love each other

-Identity Jedi

What did you think of this weeks newsletter?

Login or Subscribe to participate in polls.

Reply

or to participate.