Podcasts about Access management

This episode is sponsored by Trusona. Visit trusona.com/idac to learn more.In this episode of the Identity of the Center podcast, Jeff and Jim discuss identity verification challenges with Ori Eisen, the founder and CEO of Trusona. The conversation explores the problems surrounding help desk authentication and how Trusona's new product, ATO Protect, aims to address these issues by confirming caller identities, even in scenarios involving social engineering and advanced AI threats. Ori explains the technology behind document scanning, data triangulation, and geolocation to validate identities. The episode also includes an intriguing hack challenge for listeners to test the robustness of Trusona's solutions. Check out the detailed demo on Trusona's website and join the challenge!Timestamps00:00 Introduction and Episode Excitement01:16 Introducing the Guest: Ori Eisen from Trusona02:11 The Problem with Passwordless Authentication03:53 The Rise of Gen AI and Its Impact on Security04:51 Understanding ATO Protect and Its Importance16:10 How ATO Protect Works: A Step-by-Step Guide27:51 The Puppeteering Scam Unveiled28:24 Fingerprinting the Fraudsters29:11 Real-Time Fraud Detection Demo29:42 Challenges in Penetration Testing30:08 Combating Man-in-the-Middle Attacks30:41 The Ultimate Security Challenge33:44 Verifying Caller Identity41:24 Future Threats in Cybersecurity42:10 AI: The Double-Edged Sword49:08 Issuing the Hack Challenge52:45 Conclusion and Final ThoughtsConnect with Ori: https://www.linkedin.com/in/orieisen/Learn more about Trusona: https://www.trusona.com/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Trusona, Ori Eisen, Identity Verification, Help Desk Security, Service Desk, Passwordless, Authentication, KBA, Knowledge-Based Authentication, Cybersecurity, Identity and Access Management, IAM, Multi-Factor Authentication, MFA, Zero Trust, Identity Proofing#IDAC #Trusona #Passwordless #Cybersecurity #IdentityManagement #HelpDesk #ZeroTrust

Andrej Safundzic, Gründer von Lumos, spricht mit Mike Mahlkow über seinen beeindruckenden Weg von Social Enterprises in Uganda über die deutsche Bundesregierung bis hin zum Silicon Valley. Mit 65 Millionen Dollar Funding baut er heute eine der innovativsten Cyber-Security-Lösungen. Andrej teilt tiefe Einblicke in die Zukunft der Cyber-Security, die Bedeutung von AI-Agents und warum Deutschland der beste zweite Standort für Tech-Unternehmen werden sollte. Was du lernst: Von Deutschland in die Welt: Wie Andrej erst Social Enterprises in Uganda gründete Warum er Tech4Germany aufbaute und vom Bundeskanzleramt übernommen wurde Cyber-Security und AI: Warum Identity & Access Management durch AI-Agents wichtiger wird Wie sich Cyber-Angriffe durch Voice-AI und Social Engineering verändern Deutschland vs. Silicon Valley: Warum Deutschland der beste zweite Standort für Tech-Unternehmen werden sollte Die Bedeutung von Qualität und Nachhaltigkeit im deutschen Markt Story-Led Companies: Wie Lumos durch eine klare Vision und Story Mitarbeiter begeistert Warum Cyber-Security der neue "Polizist" der digitalen Welt ist AI-Transformation: Wie Unternehmen sich auf die AI-Revolution vorbereiten sollten Die Bedeutung von frühem Experimentieren mit neuen Technologien ALLES ZU UNICORN BAKERY: https://zez.am/unicornbakery  Mehr zu Andrej: LinkedIn: https://www.linkedin.com/in/andrejsafundzic/  Website: https://www.lumos.com/  Mehr zum Co-Host Mike: LinkedIn: https://www.linkedin.com/in/mikemahlkow/  Website: https://fastgen.com Join our Founder Tactics Newsletter: 2x die Woche bekommst du die Taktiken der besten Gründer der Welt direkt ins Postfach: https://www.tactics.unicornbakery.de/  Kapitel: (00:00:00) Wer ist Andrej Safundzic? (00:01:17) Warum gründet man ein Startup in Uganda? (00:03:36) Vom Bundeskanzleramt gekauft (00:11:27) Von Deutschland in die USA: Warum San Francisco? (00:21:30) Die Gefahr von Voice-Agents & Cyber-Angriffen (00:29:52) Bis zu welcher Gefahr deckt Lumos die Sicherheit ab? (00:36:00) Die nächste Stufe der Sicherheit (00:40:33) Lumos als Story-led Company

Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple. In this episode of Apple @ Work, I talk with David Faugno from 1Password about the company's recent announcements at RSAC. Links 1Password Introduces Agentic AI Security for the Next Era of Enterprise Automation 1Password and Drata's Strategic Partnership Closes the Access-Trust Gap with Unified Security and Compliance 1Password Delivers the Next Generation of Access Security with New Extended Access Management Platform Capabilities Listen and subscribe Apple Podcasts Overcast Spotify Pocket Casts Castro RSS Listen to Past Episodes

Yes, AI is a problem in the hands of bad actors, especially when they use bots to automate brute force attacks on identity. There are also a ton of companies dedicated to protecting your identity to keep the bad guys from impersonating you and those you care about. One of those companies is Ping (no, not the guys that make the golf clubs). In a continuation of our series on bots, we talk with Peter Barker, chief product officer for Ping and what they are doing about AI-based attacks.

AI is reshaping cybersecurity as we know it. From sophisticated AI-driven phishing attacks to the amplified risk of insider threats using tools like Copilot, the landscape is shifting at an unprecedented pace. How can security leaders and practitioners adapt?Join Ashish Rajan and Matthew Radolec (Varonis) as they explore the critical challenges and opportunities AI presents. Learn why 86% of attacks involve credential misuse and how AI agents are making it easier than ever for non-technical insiders to exfiltrate data.In this episode, you'll learn about:The "Blast Radius": How AI tools can dramatically increase data exposure.From "Breaking In" to "Logging In": The dominance of credential-based attacks.AI-Powered Social Engineering: The rise of "conversational bait".Copilot Use Cases & "Aha!" MomentsData Integrity in AI: The critical, overlooked pillar of AI security.The Enduring Importance of Access Management in an AI World.Transforming Security Operations: AI for incident response, playbooks, and forensics.Guest Socials - ⁠Matt's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(01:57) New Threat Landscape in Cloud & AI(08:08) Use cases for regulated industries(10:03) Impact of Agentic AI in the cybersecurity space(12:22) Blind spots of going into AI(18:06) Shared responsibility for LLM providers(20:56) Lifting up security programs for AI(27:82) How is incident response changing with AI?(29:30) Cybersecurity areas that will be most impacted by AI(34:43) The Fun SectionThank you to our episode sponsor Varonis

Wer darf eigentlich was? Und sollten wir alle wirklich alles dürfen?Jedes Tech-Projekt beginnt mit einer simplen Frage: Wer darf eigentlich was? Doch spätestens wenn das Startup wächst, Kunden Compliance fordern oder der erste Praktikant an die Produktionsdatenbank rührt, wird Role Based Access Control (RBAC) plötzlich zur Überlebensfrage – und wer das Thema unterschätzt, hat schnell die Rechtehölle am Hals.In dieser Folge nehmen wir das altbekannte Konzept der rollenbasierten Zugriffskontrolle auseinander. wir klären, welches Problem RBAC eigentlich ganz konkret löst, warum sich hinter den harmlosen Checkboxen viel technische Tiefe und organisatorisches Drama verbirgt und weshalb RBAC nicht gleich RBAC ist.Dabei liefern wir dir Praxis-Insights: Wie setzen Grafana, Sentry, Elasticsearch, OpenSearch oder Tracing-Tools wie Jäger dieses Rechtekonzept um? Wo liegen die Fallstricke in komplexen, mehrmandantenfähigen Systemen?Ob du endlich verstehen willst, warum RBAC, ABAC (Attribute-Based), ReBAC (Relationship-Based) und Policy Engines mehr als nur Buzzwords sind oder wissen möchtest, wie du Policies, Edge Cases und Constraints in den Griff bekommst, darum geht es in diesem Deep Dives.Auch mit dabei: Open Source-Highlights wie Casbin, SpiceDB, OpenFGA und OPA und echte Projekt- und Startup-Tipps für pragmatischen Start und spätere Skalierung.Bonus: Ein Märchen mit Kevin und Max, wo auch manchmal der Praktikant trotzdem gegen den Admin gewinnt

In this episode of Identity at the Center, Jeff Steadman and Jim McDonald are joined by Alejandro Leal, Senior Analyst at KuppingerCole, live from the EIC 2025 stage in Berlin, Germany.Alejandro delves into the critical distinctions between misinformation and disinformation, exploring their historical context and how they manifest in today's technological landscape, particularly within social media and legacy media. He discusses the intent behind disinformation, often aimed at creating chaos or confusion, versus misinformation, which can be an unintentional spread of false or inaccurate information.Chapters:00:00:00 Defining Misinformation vs. Disinformation & Historical Context00:02:00 Introduction at EIC 2025 & Guest Welcome00:06:14 The Role of Intent, Generative AI, and Countermeasures00:12:15 Impact of Mis/Disinformation on Business, Politics, and Philosophy00:16:02 How Mis/Disinformation Intersects with Identity Management00:18:07 Balancing Anonymity, Privacy, and Truthful Content Online00:23:09 Connecting to Digital Identity, Verification, and Potential Solutions (AI Labeling, VCs)00:26:45 AI Guardrails, Free Speech vs. Hate Speech, and Authenticity00:29:24 Worst-Case Scenarios and the Global Impact of Mis/Disinformation00:31:24 Actionable Advice: Responsibility and Critical Thinking00:35:38 Book Recommendation: "The Question Concerning Technology"00:39:31 Wrapping Up and Final ThoughtsConnect with Alejandro: https://www.linkedin.com/in/alejandro-leal-a127bb153/The Question Concerning Technology (essay): https://bpb-us-e2.wpmucdn.com/sites.uci.edu/dist/a/3282/files/2018/01/Heidegger_TheQuestionConcerningTechnology.pdfConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Alejandro Leal, KuppingerCole, EIC 2025, Misinformation, Disinformation, Identity and Access Management, IAM, Digital Identity, Cybersecurity, Tech Podcast, Technology Ethics, Generative AI, AI Ethics, Truth in Media, Social Media Responsibility, Privacy Rights, Verifiable Credentials, Critical Thinking Skills, Fake News, Online Safety, Political Disinformation, Business Reputation, Philosophical Tech Discussions, Martin Heidegger, The Question Concerning Technology.

In this episode Jetro interviews Michael Ratemo, a cybersecurity expert and author, discussing his journey from Kenya to becoming a cloud and security leader.They explore essential topics such as cloud governance, identity and access management, the importance of cloud auditing, and cost management in cloud environments.Michael emphasizes the need for a business case before moving to the cloud, the significance of training for IT teams transitioning to cloud operations, and the role of Cloud Security Posture Management (CSPM) in maintaining security. The conversation highlights the dynamic nature of cloud environments and the necessity for continuous monitoring and auditing to ensure security and cost-effectiveness.In this conversation, Michael Ratemo and Jetro discuss the critical aspects of managing cloud operations and cybersecurity.They emphasize the importance of financial discipline in cloud usage, the necessity of a robust cybersecurity program, and the need to view cybersecurity as a business risk rather than just an IT issue.They also explore the concept of cyber resilience and how organizations can prepare for and respond to incidents.Finally, they touch on future trends in cybersecurity, particularly the integration of AI and secure development practices.CHAPTERS(00:00:00) INTRO (00:00:35) Introduction to Michael Ratemo (00:06:57) Michael's Journey into Cybersecurity (00:11:54) Cloud Security Governance Essentials (00:18:10) Identity and Access Management in the Cloud (00:24:41) The Importance of Cloud Auditing (00:27:45) Cost Management in Cloud Environments (00:29:05) Financial Discipline in Cloud Operations (00:32:44) Building a Robust Cybersecurity Program (00:41:42) Cybersecurity as a Business Risk (00:46:58) The Importance of Cyber Resilience (00:51:40) Future Trends in Cybersecurity and AI

In this episode of Identity at the Center, hosts Jeff Steadman and Jim McDonald are joined by Jerome Thorstenson, IAM Architect with Salling Group, live from EIC 2025 in Berlin! Jerome shares his insights on B2B identity, the challenges of managing access for a complex supply chain, and the importance of an identity-first approach.Discover how Salling Group, operating major labels like Target and Starbucks, handles identity for thousands of employees and external partners. Jerome dives into the complexities of balancing security, user experience, and the practicalities of implementing IGA and ABAC.From navigating the challenges of data quality and high employee turnover to the nuances of transitioning between IGA systems, this episode offers valuable insights for identity practitioners.Chapter Timestamps:00:00:00 - B2B Identity Challenges00:02:14 - Welcome to Identity at the Center from EIC 202500:04:14 - Jerome's Journey into Identity00:05:19 - Salling Group Overview00:06:57 - Securing B2B - Jerome's Presentation00:10:54 - Controlling Access in B2B00:11:41 - Identity as a Product00:14:51 - The Role of the IAM Practitioner00:16:31 - ABAC as a Game Changer00:21:00 - Language Considerations in a European Context00:22:33 - Employee Turnover Challenges00:25:07 - IGA Implementation Insights00:29:28 - Identity Fabric Discussion00:31:21 - Jerome's Caribbean Background00:34:06 - Wrap-up and Contact InformationConnect with Jerome: https://www.linkedin.com/in/jetdk/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, EIC 2025, B2B Identity, Identity First Security, IAM, Identity and Access Management, Supply Chain Security, IGA, ABAC, Attribute-Based Access Control, Role-Based Access Control, Identity Fabric, Digital Identity, Cybersecurity, Data Quality, Employee Turnover, Caribbean

Azure AD is one of the most versatile directory services on the market. To help organizations maximize its capabilities, Azure IAM is offering Azure AD system design consulting for both private and public entities. Learn more at https://azureiam.com/ Azure IAM, LLC City: Sterling Address: P. O. Box 650685 Website: https://azureiam.com

The following article of the Tech industry is: “Pros and Cons of Gen AI and Identity and Access Management Tools” by  Enrique Alfredo González Huitrón, Founder and CEO, Nautech de México.

The following article of the Cybersecurity industry is: “Fortify Your Business With Identity and Access Management” by  Juan Carlos Carrillo D Herrera, Director of Cybersecurity Consulting Services (CCS), OneSec.

Microsoft Identity Manager is ending - will your business be prepared? Azure IAM can help you make the switch to the Azure or Sailpoint platforms today. To learn how to migrate your data onto a new platform from MIM, visit https://azureiam.com/ Azure IAM, LLC City: Sterling Address: P. O. Box 650685 Website: https://azureiam.com

As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how employees access sensitive business data. In this episode of Security Weekly, Jeff Shiner, CEO of 1Password, joins us to discuss the future of access management and how organizations must move beyond traditional IAM and MDM solutions. He'll explore the need for Extended Access Management, a modern approach that ensures every identity is authentic, every device is healthy, and every application sign-in is secure, including the unmanaged ones. Tune in to learn how security teams can bridge the Access-Trust Gap while empowering employees with frictionless security. In this topic segment, we discuss the most interesting insights from the 2025 edition of Verizon's DBIR. You can grab your own copy of the report at https://verizon.com/dbir In this week's enterprise security news, Lots of funding announcements as we approach RSA New products The M-Trends also rudely dropped their report the same day as Verizon Supply chain threats Windows Recall is making another attempt MCP server challenges Non-human identities A startup post mortem Remember that Zoom outage a week or two ago? The cause is VERY interesting All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-404

As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how employees access sensitive business data. In this episode of Security Weekly, Jeff Shiner, CEO of 1Password, joins us to discuss the future of access management and how organizations must move beyond traditional IAM and MDM solutions. He'll explore the need for Extended Access Management, a modern approach that ensures every identity is authentic, every device is healthy, and every application sign-in is secure, including the unmanaged ones. Tune in to learn how security teams can bridge the Access-Trust Gap while empowering employees with frictionless security. In this topic segment, we discuss the most interesting insights from the 2025 edition of Verizon's DBIR. You can grab your own copy of the report at https://verizon.com/dbir In this week's enterprise security news, Lots of funding announcements as we approach RSA New products The M-Trends also rudely dropped their report the same day as Verizon Supply chain threats Windows Recall is making another attempt MCP server challenges Non-human identities A startup post mortem Remember that Zoom outage a week or two ago? The cause is VERY interesting All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-404

As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how employees access sensitive business data. In this episode of Security Weekly, Jeff Shiner, CEO of 1Password, joins us to discuss the future of access management and how organizations must move beyond traditional IAM and MDM solutions. He'll explore the need for Extended Access Management, a modern approach that ensures every identity is authentic, every device is healthy, and every application sign-in is secure, including the unmanaged ones. Tune in to learn how security teams can bridge the Access-Trust Gap while empowering employees with frictionless security. Show Notes: https://securityweekly.com/esw-404

Join AI Jeff and AI Jim on 'Identity at the Center' as they explore the most outrageous and entertaining innovations in identity and access management (IAM) for this special April Fools' episode. From 'Identity at the Center - After Dark' on Diz-Prime-flix to the rise of 'Carrier Pigeon Authentication,' this episode promises a wild ride through the absurdities of digital identity. Don't miss highlights like toaster authentication challenges, karaoke biometric logins, and the surreal 'Session_Expired' club experience. Stay secure and get ready to laugh out loud with the most bizarre IAM content you've ever seen!Chapters00:00:00 Welcome & Introduction00:01:00 Special Announcement: 'Identity at the Center - After Dark' on Diz-Prime-flix00:02:00 News: Biometric Authentication Requires Singing Karaoke00:03:00 Sponsor: SonataSecure - Musical Authentication00:04:00 Sponsor: WhisperGuard - Secure Messaging with AuraScan00:05:00 News: Identity Management Replaced by Carrier Pigeons & Caffeine Level Access Control00:06:00 Sponsor: Fortress of Fabulousness Firewall00:07:00 Sponsor: Zeus's Zero Trust Zenith00:08:00 News: Digital Certificates Require Imaginary Friend Permission & Interpretive Dance Passphrases00:09:00 Sponsor: EgoSphere - Decentralized Identity Platform00:10:00 Sponsor: RoleRescue - Rehabilitate RBAC Systems00:11:00 News: Sentient Corporate Directory 'Dirk' Playing Matchmaker00:12:00 Sponsor: Omni-Identity Nexus - Transdimensional Identity00:13:00 Sponsor: Packet Politeness Protocol00:14:00 News: Principle of Extreme Least Privilege (PELP) & Spirit Animal Check Authentication00:15:00 Sponsor: The Sentient Security Snail00:16:00 News: Quantum Entanglement Authentication & PAM Crowns00:17:00 News: Mandatory Offboarding Serenades00:18:00 Sponsor: AccessStream & Permission Patrol00:19:00 Sponsor: The Great Identity Governance Swamp Romp Webinar00:20:00 News: Fortune Cookie Authentication & Jim's Consciousness Theory00:21:00 City Correspondent Tyler: Session_Expired Club Entry Requirements00:22:00 City Correspondent Tyler: Explaining Human SAML Assertions00:23:00 City Correspondent Tyler: Human SAML Assertions & Club Details00:24:00 City Correspondent Tyler: Session_Expired Club Summary00:25:00 Closing Remarks & OutroConnect with us on LinkedIn:Real Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Real Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords: Identity and Access Management, digital identity, cybersecurity, AI Jeff, AI Jim, alternative realities, IAM news, April Fool's.

SUMMARYEyal Estrin discusses his background in cloud security and the importance of adapting to new security challenges in cloud environments.He emphasizes the shared responsibility model, the critical nature of identity and access management, and the risks associated with neglecting cloud security.Also he shares insights on budgeting for security investments, balancing agility with security, and common pitfalls organizations face in cloud security.In this conversation, Eyal Estrin discusses various aspects of cloud security, focusing on identity and access management, data protection strategies, and the importance of knowledge in cybersecurity.We emphasize the need for organizations to adopt best practices in managing identities, implementing encryption, and preparing for future threats in the cloud landscape.The discussion also highlights the significance of privileged identity management and the role of training in bridging knowledge gaps among IT professionals.CHAPTERS(00:00:00) INTRO (00:00:36) Introduction to Cloud Security and Eyal's Background (00:02:46) Understanding Cloud Security Challenges (00:04:25) The Importance of Cloud Security Today (00:06:15) Shared Responsibility Model in Cloud Security (00:08:18) Key Risks of Neglecting Cloud Security (00:10:49) Changing Mindsets in Cloud Security (00:13:04) Layered Security Approach in Cloud (00:15:23) Budgeting for Cloud Security Investments (00:18:31) Balancing Agility and Security in Cloud Deployments (00:26:26) The Cornerstone of Identity and Access Management (00:28:37) Common Pitfalls in Identity and Access Management (00:29:57) Enhancing Identity and Access Management (00:31:00) Break-Glass Scenarios in Production Environments (00:32:48) Privileged Identity Management (PIM) Insights (00:34:46) Data Protection and Encryption Strategies (00:39:10) Future Threat Landscape in Cloud Security (00:43:09) Bridging the Knowledge Gap in Cybersecurity (00:45:29) Final Thoughts on Cloud Security Best Practices

In this interview, we feature some research from Geoff Cairns, an analyst at Forrester Research. This is a preview to the talk he'll be giving at Identiverse 2025 in a few months. We won't have time to cover all the trends, but there are several here that I'm excited to discuss! Deepfake Detection Difficult Zero Trust Agentic AI Phishing resistant MFA adoption Identity Verification Machine Identity Decentralized Identity Post Quantum Shared Signals Segment Resources: The Top Trends Shaping Identity And Access Management In 2025 - (Forrester subscription required) Show Notes: https://securityweekly.com/esw-400

In this interview, we feature some research from Geoff Cairns, an analyst at Forrester Research. This is a preview to the talk he'll be giving at Identiverse 2025 in a few months. We won't have time to cover all the trends, but there are several here that I'm excited to discuss! Deepfake Detection Difficult Zero Trust Agentic AI Phishing resistant MFA adoption Identity Verification Machine Identity Decentralized Identity Post Quantum Shared Signals Segment Resources: The Top Trends Shaping Identity And Access Management In 2025 - (Forrester subscription required) Show Notes: https://securityweekly.com/esw-400

This week, we discuss Apple's AI struggles, the never-ending access management puzzle, and the latest Kubernetes vulnerability. Plus, let's not kill the fun of Vibe Coding. Watch the YouTube Live Recording of Episode (https://www.youtube.com/watch?v=dWt6XwV18v4) 512 (https://www.youtube.com/watch?v=dWt6XwV18v4) Runner-up Titles It's either this or Chips Break glass I'm just making the worst soup Everybody loves a quokka They shipped the product, nobody used it We're at 95% of setting timers Enterprise software fixes everything Vibecoding for Dummies is already in print (not really) Keep Vibe Coding Pure By making it better, you are making it worse I sold high, bought low and it's still low Rundown Apple Media “clutching their pearls” Apple puts the Vision Pro guy in charge of Siri (https://www.theverge.com/news/633358/apple-replace-siri-leader-john-giannandrea) Something Is Rotten in the State of Cupertino (https://daringfireball.net/2025/03/something_is_rotten_in_the_state_of_cupertino?ref=sidebar) Access Management has taken over The Trump Administration Accidentally Texted Me Its War Plans (https://www.theatlantic.com/politics/archive/2025/03/trump-administration-accidentally-texted-me-its-war-plans/682151/) Hegseth Disclosed Secret War Plans in a Group Chat (https://www.nytimes.com/2025/03/24/us/politics/hegseth-classified-war-plans-group-chat.html) Remote Code Execution Vulnerabilities in Ingress NGINX (https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities) Nvidia Nvidia CEO stops by Denny's food truck to eat and serve Nvidia Breakfast Bytes (https://www.tomshardware.com/tech-industry/nvidia-ceo-stops-by-dennys-food-truck-to-eat-and-serve-nvidia-breakfast-bytes-before-gtc-2025) GTC AI Conference 2025 (https://www.nvidia.com/gtc/) Vibe Coding Not all AI-assisted programming is vibe coding (but vibe coding rocks) (https://simonwillison.net/2025/Mar/19/vibe-coding/) The Vibe Coding Handbook (https://itrevolution.com/product/vibe-coding-handbook/) Relevant to your Interests Tech worker found guilty of sabotaging company's systems (https://ia.acs.org.au/article/2025/tech-worker-found-guilty-of-sabotaging-company-s-systems.html?ref=newsletter&deliveryName=DM25608) SoftBank Group to Acquire Ampere Computing (https://group.softbank/en/news/press/20250320) Backstage is dominating the developer portal market (https://newsletter.getdx.com/p/backstage-and-the-developer-portal-market) Clouded Judgement 3.21.25 - M&A Roars Back (https://cloudedjudgement.substack.com/p/clouded-judgement-32125-m-and-a-roars?utm_source=post-email-title&publication_id=56878&post_id=159514016&utm_campaign=email-post-title&isFreemail=true&r=2l9&triedRedirect=true&utm_medium=email) ‘Forced Joy' Is a Miserable Corporate Trend (https://www.bloomberg.com/opinion/articles/2025-03-12/starbucks-tiffany-and-alphabet-make-forced-fun-part-of-the-job) Nonsense Office Space - Joanna - Your Flair (https://www.youtube.com/watch?v=_ChQK8j6so8) 'I made the world's worst keyboard': This YouTuber's homemade board has over 1,000 keys and types in words, not letters (https://www.pcgamer.com/hardware/gaming-keyboards/i-made-the-worlds-worst-keyboard-this-youtubers-homemade-board-has-over-1-000-keys-and-types-in-words-not-letters/) Mac - Lumon Terminal Pro (https://www.apple.com/mac/lumon-terminal-pro/) Conferences KubeCon EU (https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/), April 1-4, London. DevOps Days Atlanta (https://devopsdays.org/events/2025-atlanta/welcome/), April 29-30 Cloud Foundry Day US (https://events.linuxfoundation.org/cloud-foundry-day-north-america/), May 14th, Palo Alto, CA NDC Oslo (https://ndcoslo.com/), May 21-23, Coté speaking. SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: Perform quick actions on iPhone (https://support.apple.com/guide/iphone/perform-quick-actions-iphcc8f419db/ios) Matt: Audio Hijack Transcribe (https://rogueamoeba.com/support/manuals/audiohijack/?page=transcribe) Photo Credits Header (https://unsplash.com/photos/a-couple-of-skunks-that-are-standing-in-the-dirt-C22fvvBcCBY) Artwork (https://unsplash.com/photos/green-and-black-digital-device-yqLrqIsl294)

Join Lois Houston and Nikita Abraham as they interview Samvit Mishra, Senior Manager of CSS OU Cloud Delivery, on Oracle Interconnect for Azure. Learn how this interconnect revolutionizes the customer experience by providing a direct, private link between Oracle Cloud Infrastructure and Microsoft Azure. From use cases to bandwidth considerations, get an in-depth look into how Oracle and Azure come together to create a unified cloud experience.   Oracle Cloud Infrastructure Multicloud Architect Professional: https://mylearn.oracle.com/ou/course/oracle-cloud-infrastructure-multicloud-architect-professional-2025-/144474 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, and the OU Studio Team for helping us create this episode.   ---------------------------------------------------------------   Episode transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead: Editorial Services with Oracle University, and with me is Lois Houston, Director of Innovation Programs. Lois: Hey there! Last week, we spoke about multicloud, discussing what it is, and the new partnerships we have with Microsoft Azure, Google Cloud, and Amazon Web Services. If you haven't gotten to the episode yet, we suggest you go back and listen to it before you dive into this one.  00:56 Nikita: Joining us again is Samvit Mishra, Senior Manager of CSS OU Cloud Delivery, and we're going to ask him about Oracle Interconnect for Azure. We'll look at the scenarios around Oracle Interconnect for Azure and talk about some considerations too. Hi  Samvit! Thanks for being with us today. Samvit: Hi Niki! Hi Lois!  Lois: Samvit, you introduced Oracle Interconnect for Azure last week, but tell us, how does it improve the customer experience? What benefits does it offer? 01:25 Samvit: Oracle Interconnect for Azure can be established with a one-time setup, eliminating the need for an intermediary network provider. This cross-cloud direct connection also helps you migrate to the cloud or build cloud-native applications by using the best of OCI and Microsoft Azure.  Now, because it is a private connection between Oracle Cloud Infrastructure and Microsoft Azure, you get consistent network performance… around 2 millisecond latency. The interconnect also enables joint customers to take advantage of a unified Identity and Access Management platform. So, you can set up single sign-on between Microsoft Azure and OCI for your Oracle applications, like PeopleSoft and e-Business Suite.  02:16 Nikita: That makes the integration pretty seamless, right? Samvit: Exactly, Niki. Having a federated single sign-on means you authenticate only once to access multiple applications, without signing in separately to access each application. And you also get a secure inter-cloud connection that bypasses the public internet.  02:38 Nikita: How extensive is the global reach of Oracle Cloud Infrastructure and Azure in terms of the number of cloud regions available? Samvit: OCI has the fastest growing network of global data centers, with 50 cloud regions available. And there are 12 Azure interconnect regions. For example, Ashburn in the US is an OCI-Azure interconnect region.  03:01 Lois: Samvit, what is the architecture of Oracle Interconnect for Azure like? How is data transferred securely between a Virtual Cloud Network in Oracle Cloud Infrastructure and a Virtual Network in Microsoft Azure? Samvit: A Virtual Network in a Microsoft Azure region is connected to a Virtual Cloud Network in an OCI region using a private interconnection composed of Azure ExpressRoute and OCI FastConnect. Now, on the OCI side, the FastConnect virtual circuit terminates at a dynamic routing gateway, which is attached to the Virtual Cloud Network. On the Microsoft Azure side, the ExpressRoute connection ends at a virtual network gateway, which is attached to a virtual network. So, traffic from Azure to OCI is routed through the virtual network gateway in Microsoft Azure to the dynamic routing gateway in OCI.  What's important to note is that in both directions, the traffic never leaves the private network.  04:05 Nikita: Wow, ok. Samvit, what are some common use cases of Oracle Interconnect for Azure? Can you give us an example of a supported deployment option? Samvit: We can have a .NET application running in Azure that can access an Oracle database in OCI. Similarly, you can also have custom cloud-native applications running on Azure using Oracle Autonomous Database on the OCI side.  04:29 Lois: And are there any prerequisites when you configure Oracle Interconnect for Azure? Samvit: Yes, there are. Remember, on the Azure side, you must have a virtual network with subnets and a virtual network gateway and on the OCI side, you must have a VCN with subnets and an attached dynamic routing gateway.  04:50 Lois: Let's talk about the networking components that are involved in each site of the connection. Can you run us through the comparison? Samvit: Now, if we talk about the virtual network component, on the OCI side, there is a Virtual Cloud Network and on the Azure side, there is a Virtual Network. From a virtual circuit standpoint, in OCI, there is the FastConnect virtual circuit… on the Azure side, there is the ExpressRoute circuit. When it comes to the gateway, on the OCI side, there is the dynamic routing gateway and on the Azure side, there is the virtual network gateway.  Similarly, for routing, there are route tables in OCI and Microsoft Azure. From a security standpoint, in OCI, you can configure security lists as well as network security groups and on the Azure side, you have network security groups.  05:44 Nikita: What are the benefits of this partnership?  Samvit: This partnership allows you to innovate using the best combination of Oracle's and Microsoft's cloud services based on their features, performance, and pricing. So, in a way, you can combine the capabilities of both cloud vendors.  06:01 Nikita: So, a one-stop shop. Samvit: Exactly, Niki. This partnership also gives you a highly optimized, secure, and unified cross-cloud experience so you can use the best of services from Oracle Cloud Infrastructure and Microsoft Azure. And the best part is you continue to leverage any existing investment in Oracle and Microsoft technologies.  06:24 Lois: I wanted to ask you about the typical scenarios where Oracle Interconnect for Azure is supported. Samvit: There are many scenarios where this Interconnect is supported. Let me run you through a couple of them. You could connect an OCI Virtual Cloud Network to an Azure Virtual Network. That's a scenario that is supported.  You could connect peered OCI VCNs in the same region to Azure. You could connect peered OCI VCNs in different regions to Azure. You could also connect services in Oracle Services Network to Azure. 06:59 Lois: And are there any scenarios where this interconnect is not supported? Samvit: When the scenario involves connecting an on-premises environment to Azure via OCI VCN and vice versa, that is not supported.  07:16 Unlock the power of AI Vector Search with our new course and certification. Get more accurate search results, handle complex datasets easily, and supercharge your data-driven decisions. From now through May 15, 2025, we are waiving the certification exam fee (valued at $245). Visit mylearn.oracle.com to enroll. 07:42 Nikita: Welcome back! I want to explore these scenarios in a little more detail, Samvit.  Samvit: OK. Imagine you have OCI on one side and Azure on the other. In this scenario, we have a dynamic routing gateway in OCI and a virtual network gateway in Azure. This is a basic configuration. With Oracle FastConnect and Azure ExpressRoute, customers can create a private interconnection between their OCI and Azure environments. Now in another scenario, we have VCNs in OCI, and they're peered together using a dynamic routing gateway. With this local peering, the peered VCN can talk to Azure through Oracle Interconnect for Azure.  Here's another scenario. We have VCNs in different OCI regions: one VCN in OCI Region 1 and another in OCI Region 2, with Azure sitting alongside. They have established a remote peering connection, and each VCN has its own dynamic routing gateway. Here's the kicker—the peered VCN in this architecture can also converse with Azure using the interconnect.  Now think about this scenario. We have the dynamic routing gateway, but we have also added a service gateway to the VCN in OCI. This service gateway allows your VCN to privately access specific Oracle services without exposing data to the public internet. No internet gateway or NAT gateway is required to reach those specific services. Now, traffic from the VCN to the Oracle Services Network travels over the Oracle network fabric and never traverses the internet. Using Oracle Interconnect for Azure, resources in Azure can also privately access resources in Oracle Services Network.  09:38 Nikita: What are the bandwidth and cost considerations? Samvit: Pricing is based solely on the port capabilities of OCI FastConnect and your ExpressRoute. One thing you need to understand is that the cost of FastConnect is the same across all OCI regions. And there are no separate ingress or egress data charges. The cost of Azure ExpressRoute varies across regions and Oracle recommends that you use the local setting, which has no separate ingress or egress charges. Azure ExpressRoute supports up to 10 GB as bandwidth. FastConnect is available in 1, 2, 5, or 10 Gbps. So, the recommendation here is to choose one of these matching bandwidth options under ExpressRoute.  10:27 Lois: Thank you, Samvit, for taking the time to talk to us about Oracle Interconnect for Azure. Samvit: Thank you for having me. Nikita: Remember, Oracle also offers an interconnect solution with Google Cloud, which is very similar to the one with Azure. It too provides a direct, high-performance, and secure network connection with Oracle Cloud Infrastructure. So, if you want to learn more about it, head over to mylearn.oracle.com and search for the Oracle Cloud Infrastructure Multicloud Architect Professional course.  Lois: In our next episode, we'll take a close look at Oracle Database@Azure service. Until then, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 11:07 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.    

In this episode of Behind the Deal, Imprivata CEO Fran Rosch shares how the company is revolutionizing access to critical healthcare systems with its cutting-edge security solutions. As a leader in cybersecurity for hospitals and health systems, Imprivata specializes in Access Management for shared device ecosystems, as well as streamlining and securing access for professionals in critical environments (like Healthcare). Thoma Bravo Managing Partner Scott Crabill and Imprivata CEO Fran Rosch delve into the challenges in the cybersecurity space, future milestones Imprivata has its eyes on, and its mission to enhance protection for its customers worldwide — making access to critical information simple, secure, and seamless. For more information on Thoma Bravo's Behind the Deal, visit https://www.thomabravo.com/behindthedeal Learn more about Thoma Bravo: https://www.thomabravo.com/ Visit Imprivata's website: https://www.imprivata.com/  To learn more about listener data and our privacy practices visit: https://www.audacyinc.com/privacy-policy Learn more about your ad choices. Visit https://podcastchoices.com/adchoices

Arthur Bigeard shares his journey from a passion project to a thriving business, turning a side hustle into a full-time venture. He discusses the long-term mindset behind building scalable software, the lessons learned from working at Morgan Stanley, and the strategic decisions that helped shape g.v, a graph database client. Tune in for insights on entrepreneurship, tech evolution, and making the leap into the unknown!About our speaker: Arthur Bigeard is the founder at gdotv, a universal, plug-and-play graph database client to simplify & accelerate the day-to-day tasks of graph database users. He started this project following a 10 years long cyber security career, specialising in Identity & Access Management and cryptographic solutions.

In this episode of the Identity as a Center podcast, Jeff and Jim interview Andrew Cameron, Technical Fellow in Identity and Access Management at General Motors. The discussion covers the importance of speed and security in mission-critical automotive applications, the evolution and impact of identity standards, and the integration of modern identity solutions in vehicles. Andrew also shares insights on the challenges of customer identity management, the complexity of B2B environments, and the role of AI in the future of identity. The conversation touches on GM's move towards passkeys, the centralized management of customer profiles, and the rise of car accounts.Chapters00:00 Introduction to Mission-Critical Identity02:03 Welcome to the Identity as a Center Podcast02:20 The Value of IDPro Membership06:18 Upcoming Conferences and Discount Codes11:39 Introducing Andrew Cameron from General Motors12:26 Andrew Cameron's Journey in Identity17:22 The Evolution of Identity Standards19:09 Adopting Passwordless Authentication at GM23:10 Challenges and Benefits of Passwordless Adoption24:55 Role and Responsibilities of a Technical Fellow28:32 Customer Identity Management at GM30:00 Establishing a Scalable Authentication Platform31:09 Centralizing Profile Information32:05 Challenges and Benefits of Centralized Profiles33:18 Mentorship and Collaboration in Tech34:50 Complexities of B2B Identity Management38:56 Global Privacy and Language Challenges41:32 Enhancing Vehicle User Experience with Identity46:50 Speed and Security in Vehicle Identity Systems53:52 Future of AI in Automotive Industry57:28 Detroit Pride and Personal Insights01:02:20 Conclusion and Final ThoughtsConnect with Andrew: https://www.linkedin.com/in/kandrewcameron/Conference Discounts!Gartner IAM Summit - Code IDAC425 saves 425€: https://www.gartner.com/en/conferences/emea/identity-access-management-ukEuropean Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridacIdentiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.com

Protect your organization from account takeover and hiring fraud as deepfake impersonation threats grow. With Microsoft Entra Verified ID, you can use Face Check to verify identities in real time against government-issued IDs like driver's licenses and passports. Use Face Check with integrated solutions for • new employee, guest or admin onboarding • step-up authentication to access sensitive information • securing common helpdesk-driven tasks, like user account recovery Setup is simple and has been designed so that both the enterprise and the person verifying their identity maintain control—without storing or passing biometric information like other face matching solutions. Join Ankur Patel, from the Microsoft Entra team, as he demonstrates how Face Check with Verified ID works and how to set it up. ► QUICK LINKS: 00:00 - Face Check with Microsoft Entra Verified ID 00:54 - AI-powered identity verification 01:44 - First time user experience 03:21 - How it works 04:55 - Use cases 05:34 - Set it up 06:16 - Update an app for Face Check 06:43 - Access packages 08:18 - Wrap up   ► Link References For more information, check out https://aka.ms/FaceCheckSetup Watch the complete playlist for Microsoft Entra Suite at https://aka.ms/EntraSuiteMechanics Access a list of identity verification providers at https://aka.ms/IDVpartners   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Bridging your organizational silos can help drive digital modernization 

The Institute of Internal Auditors Presents: All Things Internal Audit Tech In this episode, Bill Truett talks with Nick Lasenko about the critical role of identity and access management in today's organizations. They discuss common risks, best practices, and the impact of AI on identity and access management. The conversation also covers frameworks, regulatory requirements, and real-world use cases. Host:  Bill Truett, CIA, CISA, senior manager, Standards & Professional Guidance, IT,  The IIA Guest: Nick Lasenko, CISA, CISSP, cybersecurity, privacy, and risk management practitioner Key Points Introduction [00:00-00:00:07] Overview of identity and access management [00:00:08-00:00:31] The financial impact of data breaches [00:00:32-00:01:26] Challenges in detecting and responding to security incidents [00:01:27-00:02:26] Common identity and access management risks for auditors [00:02:27-00:03:26] Weak governance and its implications [00:03:27-00:04:26] Siloed organizations and identity and access management complexities [00:04:27-00:05:26] Regulatory frameworks and standards [00:05:27-00:07:26] Identity and access management controls and data governance [00:07:27-00:09:26] Real-world use cases and security incidents [00:09:27-00:11:26] Horror stories and lessons learned in identity and access management [00:11:27-00:13:26] Best practices for managing user access reviews [00:13:27-00:16:26] Continuous authentication and its challenges [00:16:27-00:18:26] Privileged access management and audit considerations [00:18:27-00:21:26] The impact of AI and machine learning on identity and access management [00:21:27-00:23:26] Final thoughts on strengthening identity and access management controls [00:23:27-00:25:26] Closing remarks [00:25:27-00:31:43] The IIA Related Content Interested in this topic? Visit the links below for more resources: Intermediate IT Auditing Auditing IT Change Management GTAG: Auditing Identity and Access Management, 2nd Edition Fraud and Emerging Tech: Identity and Authentication with the Paycheck Protection Program Implementing The IIA's New Cybersecurity Topical Requirement Cybersecurity Topical Requirement Visit The IIA's website or YouTube channel for related topics and more. Resources Mentioned The IIA's 2025 Analytics, Automation and AI Virtual Conference The IIA's Updated AI Auditing Framework NIST Cybersecurity Framework (CSF) NIST AI Risk Management Framework IBM Cost of a Data Breach Report 2024 CISA and NSA Guidance on Identity and Access Management Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

IT and security teams are under constant pressure to streamline operations while maintaining strong security and compliance. In this Brand Story episode, Chase Doelling, Principal Strategist at JumpCloud, shares insights from the company's latest SME IT Trends Report. The discussion highlights key trends, challenges, and opportunities that IT teams face, particularly in small and medium-sized businesses (SMBs).The Role of IT in Business OperationsDoelling emphasizes the increasing responsibility placed on IT teams. Historically seen as cost centers, IT and security functions are now recognized as critical to business success. More organizations are merging IT and security efforts, ensuring that security considerations are built into every decision rather than being addressed reactively.A major takeaway from the report is the shift toward decentralization in IT decision-making. Departments are increasingly adopting tools independently, leading to an explosion of software-as-a-service (SaaS) applications. While this autonomy can boost efficiency, it also creates risks. Shadow IT—where employees use unauthorized tools—has become a top concern, with 88% of organizations identifying it as a risk.AI, Security, and IT InvestmentThe report also reveals a growing divide in AI adoption. Organizations are either moving aggressively into AI initiatives or staying completely on the sidelines. Those embracing AI often integrate it into security and IT operations, balancing innovation with risk management.Budget trends indicate that IT spending is rising, with security tools accounting for a significant portion. The need for robust cybersecurity measures has pushed organizations to prioritize visibility, access management, and compliance. A notable shift is occurring in remote and hybrid work models. While remote work surged in previous years, only 9% of organizations now report being fully remote. This return to office environments introduces new IT challenges, particularly in managing networks and devices across hybrid workplaces.How JumpCloud Supports IT TeamsJumpCloud's platform simplifies IT and security operations by unifying identity and access management, device management, and security policies. One key challenge IT teams face is visibility—knowing who has access to what systems and ensuring compliance with security policies. JumpCloud's approach allows organizations to manage users and devices from a single platform, reducing complexity and improving security posture.An example of JumpCloud's impact is its ability to detect and manage SaaS usage. If an employee tries to use an unauthorized tool, JumpCloud can guide them toward an approved alternative, preventing security risks without stifling productivity. This balance between security and efficiency is essential, particularly for SMBs that lack dedicated security teams.Looking Ahead: IT and Security ConvergenceDoelling teases upcoming research that will explore the relationship between IT and security teams. With these functions blending more than ever, organizations need insights into how to align strategies, resources, and budgets effectively.For IT and security professionals navigating a landscape of increased threats, shifting work environments, and AI-driven innovation, the insights from JumpCloud's research provide a valuable benchmark. To gain a deeper understanding of these trends and their implications, listen to the full episode and explore the latest SME IT Trends Report.Note: This story contains promotional content. Learn more. Guest: Chase Doelling, Principal Strategist, JumpCloud [@JumpCloud], On LinkedIn | https://www.linkedin.com/in/chasedoelling/ResourcesLearn more about JumpCloud and their offering: https://itspm.ag/jumpcloud-pg7zTo download the SME IT Trends Report: https://itspm.ag/jumpcljqywCatch more stories from JumpCloud at https://www.itspmagazine.com/directory/jumpcloudAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In episode 226 of our SAP on Azure video podcast we have Martin Raepple with us again -- and this means authentication, principal propagation and identity management. A few months ago Martin had published a blog post about Identity and Access Management with Microsoft Entra and how to manage access to SAP BTP. Now he published part 2 where he extends the cloud only scenario with a hybrid identity setup that requires managing the user lifecycle across Microsoft Active Directory, Microsoft Entra, SAP BTP, SAP CIS, and an SAP system on-premise.Find all the links mentioned here: https://www.saponazurepodcast.de/episode226Reach out to us for any feedback / questions:* Robert Boban: https://www.linkedin.com/in/rboban/* Goran Condric: https://www.linkedin.com/in/gorancondric/* Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #SAPIDM #Identity #Authentication #MSEntra

The Data Product Management In Action podcast, brought to you by  executive producer Scott Hirleman, is a platform for data product management practitioners to share insights and experiences. In Season 01, Episode 28, we are excited to introduce to you a new host, Alexa Westgate! Join us as we learn all about her data journey. She'll discuss how she got into DPM, some of her greatest moments and challenges. You'll be excited for her future episodes! About our host Alexa Westlake: Alexa is a Data Analytics Leader in the Identity and Access Management space with a proven track record scaling high-growth SaaS companies. As a Staff Data Analyst at Okta, she brings a wealth of expertise in enterprise data, business intelligence, and strategic decision-making from the various industries she's worked in including telecommunications, strategy execution, and cloud computing. With a passion for harnessing the power of data for actionable insights, Alexa plays a crucial role in driving Okta's security, growth, and scale, helping the organization leverage data to execute on their market opportunity. Connect with Alexa on LinkedIn. All views and opinions expressed are those of the individuals and do not necessarily reflect their employers or anyone else.  Join the conversation on LinkedIn.  Apply to be a guest or nominate someone that you know.  Do you love what you're listening to? Please rate and review the podcast, and share it with fellow practitioners you know. Your support helps us reach more listeners and continue providing valuable insights! 

Season 1 Episode 29: Navigating Trade-Offs and Balancing Priorities The Data Product Management In Action podcast, brought to you by executive producer Scott Hirleman, is a platform for data product management practitioners to share insights and experiences. In this episode of Data Product Management in Action, host Alexa Westlake talks with Anita Chen, diving into the complexities of managing data products. Anita, a product manager at PagerDuty, shares her approach to defining data products, prioritizing work, and balancing project work with interrupt-driven tasks. They discuss the critical roles of governance, security, and user enablement while emphasizing the importance of transparency and communication. The conversation also explores the transformative potential of generative AI in data product interactions and the build-vs-buy decision-making process. Gain insights into how data product management uniquely differs from traditional software product management and learn actionable strategies for success. Meet our Host Alexa Westlake: Alexa is a Data Analytics Leader in the Identity and Access Management space with a proven track record scaling high-growth SaaS companies. As a Staff Data Analyst at Okta, she brings a wealth of expertise in enterprise data, business intelligence, and strategic decision-making from the various industries she's worked in including telecommunications, strategy execution, and cloud computing. With a passion for harnessing the power of data for actionable insights, Alexa plays a crucial role in driving Okta's security, growth, and scale, helping the organization leverage data to execute on their market opportunity. Connect with Alexa on LinkedIn. Meet our guest Anita Chen:  Anita is a Data Product Manager at PagerDuty, a digital operations company helping teams resolve issues faster, eliminate alert fatigue, and build more reliable services! Her background is mainly in the People Analytics space which has now expanded to data at scale with our Enterprise Data Team. She currently helps build data products that enable our teams to deliver the best possible customer experience. Anita is most passionate about how data can impact someone's lived experience and endeavor to democratize data in everything she builds. Connect with Anita on LinkedIn. All views and opinions expressed are those of the individuals and do not necessarily reflect their employers or anyone else.  Join the conversation on LinkedIn.  Apply to be a guest or nominate someone that you know.  Do you love what you're listening to? Please rate and review the podcast, and share it with fellow practitioners you know. Your support helps us reach more listeners and continue providing valuable insights! 

Stay updated on the future of CIAM: Learn about integrating privacy management, fraud intelligence platforms, and CDPs to enhance security and customer experience. Read the original blog post here: https://www.kuppingercole.com/blog/tolbert/whats-next-in-customer-identity-and-access-management

In this episode, David Dominy and Cameron Boone (two appraisers with JLL) discuss property access issues, and how changes in either the quality or quantity of access can impact valuation in eminent domain proceedings.  Throughout, they distinguish control of access from circuity of travel issues, discuss a few of the key Texas legal principles and cases that define the scope of permitted access damages in condemnation cases, discuss the challenges of valuing a loss of access in the market, and provide examples from their experience.    Links: David Dominy at JLL: https://www.us.jll.com/en/people/david-dominy Cameron Boone at JLL: https://www.us.jll.com/en/people/cameron-boone  Episode 108: Mayor Steve Adler on the ED Podcast: https://podcasts.apple.com/us/podcast/special-joint-episode-with-the-infrastructure/id1437306753?i=1000599502892  State v. Schmidt (SCOTX, 1994): https://casetext.com/case/state-v-schmidt  Interstate Northborough v. State (SCOTX, 2001): https://casetext.com/case/interstate-northborough-v-state TXDOT Manual on Access Management: https://onlinemanuals.txdot.gov/TxDOTOnlineManuals/TxDOTManuals/acm/manual_notice.htm 

Welcome to the Identity at the Center podcast! In this episode, hosts Jeff and Jim dive deep into modern identity architecture with guest Ian Glazer. They discuss topics such as the importance of policy, data orchestration, and the evolving landscape of identity and access management (IAM). Ian shares his thoughts on the future of IAM, the integration of various data sources, the role of events in IAM, and the potential for real-time identity solutions. They also touch on upcoming conferences, the European Identity and Cloud Conference 2025, and the significance of engaging with the identity community. Tune in for a thought-provoking discussion on the advancements and future directions of digital identity! Chapters 00:00 Introduction and Podcast Overview 00:11 Upcoming Plans and Challenges 01:03 Guest Invitation and Podcast Dynamics 03:31 Conference Announcements and Discounts 06:05 Welcoming the Guest: Ian Glazer 06:46 Fido Feud and Conference Experiences 16:29 Identity Market Trends and Innovations 19:19 Modern Identity Architectures 33:51 Identity First Security: A New Approach 34:50 Unified Data Tiers: Breaking Down Silos 36:14 Modern IAM: Opportunities and Challenges 37:02 Ephemeral Access and Zero Standing Privilege 39:18 Understanding Identity Data 41:30 Workforce Identity Data Platforms 47:14 Orchestration and Execution in IAM 51:09 Real-Time Event-Based Identity Systems 54:45 Future Directions and Community Engagement 59:03 Teaching and Sharing Knowledge 01:05:33 Closing Thoughts and Recommendations Connect with Ian: https://www.linkedin.com/in/iglazer/ Notional architecture for modern IAM: Part 3 of 4 (blog): https://weaveidentity.com/blog/notional-architecture-for-modern-iam/ 2025: The year we free our IAM data: https://weaveidentity.com/blog/2025-the-year-we-free-our-iam-data/ Learn more about Weave Identity: https://weaveidentity.com/ Digital Identity Advancement Foundation: https://digitalidadvancement.org/ Avoid the Noid! - https://en.wikipedia.org/wiki/The_Noid Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Ian Glazer, Weave Identity, Identity and Access Management, IAM, Modern Identity Architectures, Modern IAM, Data Tier, Events, Orchestration, Zero Trust, ZTNA, Shared Signals Framework, EIC, Gartner, Black Hat, RSA, Identibeer, Data Lake, OIDs, IANS

Join Sean Rabbitt, Senior Consulting Engineer for Identity and Access Management, as he explores Apple's Platform Single Sign-On (PSSO) and how Microsoft Entra ID enhances identity security with Jamf Pro. Learn about PSSO's architecture, Conditional Access best practices, scalable configurations, and new features like authentication strengths. This session will also debunk common PSSO misconceptions and show how easy it is to deploy secure credentials with Jamf Pro.   ---------------------------------------------------   Sign up to get notified for future LaunchPad Meetups here: https://www.rocketman.tech/launchpad   ---------------------------------------------------   For more information about Rocketman Tech, or to schedule a meeting with one of our Jamf Experts, visit our website: https://www.rocketman.tech

In this episode of the Innovation and the Digital Enterprise, Shelli and Patrick chat about industry advancements and leadership with Deepak Kaimal, Chief Technology Officer at COMPLY. He was previously CTO at Exostar, and held that role when this episode was recorded.Exostar, founded in 2000 by industry leaders like Boeing, Raytheon, and Lockheed Martin, provides secure collaboration and risk management solutions to the defense and life sciences sectors. Deepak shares his journey from an engineering student in Mumbai to becoming the CTO of this pivotal player in secure technology.We discuss Exostar's mission, the balance between secure collaboration and innovation, and trends in identity and access management. Deepak emphasizes the importance of curiosity, dealing with change, and leading teams in ways that foster a culture that balances trust, security, and innovation.(00:25) Meet Deepak Kaimal(02:49) Deepak's Early Education and Career Journey(07:05) The Founding and Mission of Exostar(10:40) Balancing Security and Innovation at Exostar(16:11) Trends in Identity and Access Management(18:17) Leadership and Technological (22:35) The Excitement of New Tech Advancements(29:13 Final Thoughts and Advice for LeadersDeepak Kaimal is currently the Chief Technology Officer at COMPLY, a compliance solution provider for global financial services firms. Previously, at Exostar, he oversaw the design, development, operations and evolution of The Exostar Platform. Prior to Exostar, Deepak served as CTO at ArrowStream and VP of Engineering at Flexera. Earlier in his career, Deepak held roles at Cars.com, JPMorgan Chase, Rolls-Royce, Capgemini, and Intiqua International. He earned a degree in Engineering from the University of Mumbai.If you'd like to receive new episodes as they're published, please subscribe to Innovation and the Digital Enterprise in Apple Podcasts, Spotify, or wherever you get your podcasts. If you enjoyed this episode, please consider leaving a review in Apple Podcasts. It really helps others find the show.Podcast episode production by Dante32.

In this special episode of Identity at the Center, hosts Jim McDonald and Jeff Steadman kick off the inaugural FIDO Feud—a game show packed with fun and informative challenges about digital identity. Team Glitterati, led by Megan Shamas, and Team Identifriends, led by Jim, face off in a series of rounds centered around common passwords, identity trends, and future threats to IAM. Enjoy witty banter, audience interaction, and a spirited competition, all while diving deep into the world of Identity and Access Management. Special thanks to the FIDO Alliance and RSM US LLP for making this special event possible! 00:00 Introduction to Identity at the Center 00:20 Welcome to FIDO Feud 01:18 Meet the Team Captains 01:47 Team Names and Random Members 02:46 Game Rules and Setup 04:22 Round 1: Easy-to-Guess Passwords 07:37 Round 2: Tired Trends in IAM 11:44 IAM Metrics Showdown 12:22 Successful Logins and Password Resets 13:04 User Satisfaction and Breaches 13:44 Enrollment and Abandon Rate 14:33 Final IAM Metrics 15:45 Biggest Future Threats to IAM 17:29 Unexpected Answers and Final Round 21:16 Winners and Closing Remarks Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

What motivated you to focus on Workforce Identity and Access Management with AKAIdentity, and what specific challenges are you aiming to address in this space? Can you share some key insights or lessons learned from your journey of starting,incubating, and investing in successful cybersecurity organizations? How did your experience at Forgepoint Capital shape your approach to identifying and growing the next generation of cybersecurity leaders? What inspired you to co-create the Security Tinkerers, and how do you see this organization evolving to further support current and future cybersecurity practitioners? As someone who has authored a book, invested in startups, and now leads AKA Identity, how do you manage to balance these diverse roles, and what drives your passion for problem-solving across different domains?

Minimize risks that come with oversharing and potential data loss. Use Microsoft Purview and its new Data Security Posture Management (DSPM) for AI insights, along with new Data Loss Prevention policies for Microsoft 365 Copilot, and SharePoint Advanced Management, which is now included with Microsoft 365 Copilot. Automate site access reviews at scale and add controls to restrict access to sites if they contain highly sensitive information. Erica Toelle, Microsoft Purview Senior PM, shows how to control data visibility, automate site access reviews, and fine-tune permissions with Pilot, Deploy, Optimize phases. ► QUICK LINKS: 00:00 — Minimize risk of oversharing 01:24 — Oversharing scenarios 04:03 — How oversharing can occur 05:38 — Restrict discovery & limit access 06:36 — Scope sites 07:15 — Pilot phase 08:16 — Deploy phase 09:17 — Site access reviews 10:00 — Optimize phase 10:54 — Wrap up ► Link References Check out https://aka.ms/DeployM365Copilot  Watch our show on the basics of oversharing at https://aka.ms/SMBoversharing ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Authentication is a key requirement for any B2B software application, especially if software vendors are selling to enterprise clients who are likely to have strict authentication requirements for the vendors they use. However, building authentication for a B2B application is typically complex and resource-intensive due to the data models required, the provisioning and managing accounts, The post Identity and Access Management with Julianna Lamb appeared first on Software Engineering Daily.

Authentication is a key requirement for any B2B software application, especially if software vendors are selling to enterprise clients who are likely to have strict authentication requirements for the vendors they use. However, building authentication for a B2B application is typically complex and resource-intensive due to the data models required, the provisioning and managing accounts, The post Identity and Access Management with Julianna Lamb appeared first on Software Engineering Daily.

Growth always brings challenges. In today's episode, we talk about how the DoD can manage the challenge of development in several aspects of identity management. Like most federal agencies, the DoD has made a move to the hybrid cloud; this alone adds to the complexity of the identification process. However, in addition to the 1.3 million active-duty service members, they must contend with reserves, DoD civilians, veterans, and many more. Oh, did we mention mobile? The official designation of the process of validating identity is called Identity Credentialing and Access Management, or ICAM. During this interview, experts from Akamai suggest: >> Consider applying AI/ML to help analyze identity data. >>> Fast Identity Online (FIDO) FIDO standards exist, and one can consider applying FIDO to simplify identity. Akamai has worked with both Defense and Civilian agencies to enable technologies like CAC/PIV and YUBIkey. Further, their well-known enterprise access management gives them the ability to protect web applications as well as mobile devices. Many organizations are tasked with managing millions of individuals. Very few are associated with capabilities that can have as serious consequences as the DoD.

AWS Morning Brief for the week of September 3rd, with Mike Julian. Links:Amazon Braket adds support for Rigetti's 84-Qubit Ankaa™-2 system, our largest gate-based superconducting deviceAnnouncing general availability of Amazon EC2 G6e instancesAmazon EC2 status checks now support reachability health of attached EBS volumesAmazon EMR support prioritized and capacity-optimized-prioritized allocation strategies for EC2 instancesAmazon OpenSearch Service now supports Graviton3 (C7g, M7g, R7g, R7gd) instances AWS announces Amazon-provided contiguous IPv4 blocksAmazon S3 now supports conditional writesAmazon S3 adds additional context to HTTP 403 Access Denied error messagesAmazon S3 no longer charges for several HTTP error codesAWS CodeBuild now supports Mac buildsAWS Identity and Access Management now supports AWS PrivateLink in all commercial RegionsAWS Network Firewall introduces GeoIP Filtering to inspect traffic based on geographic locationAnnouncing AWS Parallel Computing ServiceNow open — AWS Asia Pacific (Malaysia) RegionAWS Lambda introduces recursive loop detection APIsAnnouncing AWS KMS Elliptic Curve Diffie-Hellman (ECDH) support

A Novel Approach to Test Access Workflows Mayo Clinic recognized the necessity of moving beyond traditional telephone-based appointment intake processes to embrace a more digital-centric approach to patient access. The health system's Enterprise Office of Access Management opened the Innovation Contact Center in 2022. The goal is to test software, refine workflows, and optimize system integration and automation in order to mitigate risks and minimize disruptions of new access initiatives. Serving as a testing ground, the Innovation Contact Center reduces the impact on more than 4,000 agents – and millions of patients - by confining initial trials to a single unit. Join us for Episode XX of the Patient Access Collaborative's All-Access Pass podcast to learn about the new tools and technologies that Mayo Clinic is testing within this small, dedicated team, thereby laying the groundwork to effectively translate insights and improve access across the health system. Hear from Mayo Clinic's Elissa Nelson, Senior Director, Systems Transformation and Courtnie Garteski Bergler, Director of the Scheduling Innovation Contact Center.

240 Miles of DiscomfortJonathan Edwards. CEO - Americas at iC Consult, shares the unexpected lesson he uncovered through grit and endurance. This distance is like running 9 marathons consecutively and let's just the say there is a lot of learn about leadership of yourself and others when you put yourself through this kind of extreme conditions.His message is incredible and no doubt you'll be engaged and Jonathan shares his stories from the trail and his interesting career.iC Consult is the world's leading independent consultancy, systems integrator, and managed services provider for Identity & Access Management with more than 850 employees worldwide.Jonathan has lived and led teams across Europe, Asia, and North America.His core guiding principle is “live a life of discomfort”...as you might imagine from a endurance racing CEO!Jonathan on LinkedIn: https://www.linkedin.com/in/jonedwards79/ Learn more about iC Consult: https://ic-consult.com/en/ You'll also discover:A strategy to foster growth in your team.How to create a culture of openness and transparency.A tip that empowers your team to take more ownership.-----Connect with the Host, #1 bestselling author Ben FanningSpeaking and Training inquiresSubscribe to my Youtube channelLinkedInInstagramTwitter

How does a childhood curiosity turn into a groundbreaking career in identity and access management? Join us for an engaging conversation with David Lee, the Identity Jedi, as he recounts his fascinating journey from tinkering with computers as a child to becoming a sought-after expert in IAM. Lee shares the pivotal moments and unexpected opportunities that transformed his career, providing invaluable insights for anyone looking to break into the cybersecurity field. We explore the essential technical and soft skills that have propelled Lee to the forefront of his industry, along with his unique strategies for navigating complex IAM landscapes.0:00 - Identity Access Management (IAM)3:04 - First interest in cybersecurity 8:32 - Identity and access management cybersecurity 13:38 - Computer science and higher education 18:00 - Necessary soft and hard skills for IAM22:16 - Larger organizations and IAM24:21 - Defining identity in cybersecurity29:18 - Variety of identity ideas33:03 - African American representation in cybersecurity 38:28 - Cybersecurity equity41:33 - Financial inequity and working in cybersecurity48:35 - Cybersecurity solutions for more equitable hiring53:22 - Less racism in the tech industry 57:51 - Best piece of cybersecurity career advice59:13 - What is identity Jedi?1:00:04 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.

In this episode of Trust Issues, Daniel Schwartzer, CyberArk's Chief Product Technologist and leader of the company's Artificial Intelligence (AI) Center of Excellence, joins host David Puner for a conversation that explores AI's transformative impact on identity and access management (IAM). Schwartzer discusses how CyberArk's AI Center of Excellence is equipping the R&D team to innovate continuously and stay ahead of AI-enabled threats. Learn about the future of AI in IAM, the role of AI in shaping new business models and the importance of an experimentation culture in driving user experience (UX) improvements. Gain insights into the methodical, data-driven approaches to monetization strategies and the significance of learning from on-the-job experiences. This episode is a must-listen for anyone interested in the intersection of AI and IAM, and the opportunities it presents for leading the transition in the industry. Tune in to uncover what's coming down the AI pike and how it will influence the future of IAM.For more from Daniel on this subject, check out his recent blog, "Predicting the Future of AI in Identity and Access Management." 

In this episode, Hosts Ron Eddings, and Jen Langdon share takeaways from Ron's RSA conversation with Colin Constable, Co-Founder and CTO at Atsign On this show, they'll break down Networking 2.0 and how it can serve as the next evolution for data ownership and access control. Colin and his team at Atsign have built the atProtocol®, a new open-source internet protocol that makes private and secure data sharing simple and intuitive, enabling any person, entity or thing to implement NIST Zero Trust principles into their solution. Impactful Moments: 00:00 - Welcome 02:17 - Introducing, Colin Constable 03:42 - The Problem with the Current Internet 08:02 - The Catalyst Behind atProtocol® 11:12 - Nexus of Networking, Identity & Privacy 14:19 - From our Sponsor, Atsign 15:23 - What's Networking 2.0? 18:54 - Internet Anonymity & Accountability 24:31 - Unique Solutions using atProtocol®   Links: Connect with Colin Constable: https://www.linkedin.com/in/colinconstable/ Check out Atsign: https://atsign.com/ Read the atProtocol Whitepaper here: https://atsign.com/resources/white-papers/the-atprotocol/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Some say Microsoft's Recall should be. A breach of a Texas healthcare provided affects over four hundred thousand. Police in the Philippines shut down services following a breach. Ivanti patches multiple products. GitHub fixes a critical authentication bypass vulnerability. Researchers discover critical vulnerabilities in Honeywell's ControlEdge Unit Operations Controller. The DoD releases their Cybersecurity Reciprocity Playbook. Hackers leak a database with millions of Americans' criminal records. Mastercard speeds fraud detection with AI. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey, diving into Domain 5: Identity and Access Management. Remembering a computing visionary.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K's comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Joe and Sam dive into Domain 5: Identity and Access Management (IAM) and tackle a question together about biometric configuration. Try the question yourself before listening to the discussion! You are configuring a biometric hand scanner to secure your data center. Which of the following practices is BEST to follow? Decrease the reader sensitivity Increase the FAR Decrease the FRR Increase the reader sensitivity Selected Reading UK watchdog looking into Microsoft AI taking screenshots (BBC) How the new Microsoft Recall feature fundamentally undermines Windows security (DoublePulsar) CentroMed Confirms Data Breach Affecting an Estimated 400k | Console and Associates, P.C. (JDSupra) PNP suspends online services amid data breach probe (Philippine News Agency) Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager (SecurityWeek) Critical SAML Auth Bypass Vulnerability Found in GitHub Enterprise Server (Heimdal Security) Critical Vulnerability in Honeywell Virtual Controller Allows Remote Code Execution (SecurityWeek) DoD CIO debuts cybersecurity reciprocity playbook to streamline system authorizations, boost cybersecurity efficiency (Industrial Cyber) Criminal record database of millions of Americans dumped online (Malwarebytes) Mastercard Doubles Speed of Fraud Detection with Generative AI (Infosecurity Magazine) Gordon Bell, Legendary Designer of Computers, Dies at 89 (Gizmodo)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.