Podcasts about Access management

This episode is sponsored by PlainID. Visit plainid.com/idac to learn more.In this sponsored episode, Jim McDonald and Jeff Steadman talk with Gal Helemski, CTO and co-founder of PlainID, about the evolving landscape of authorization. The conversation covers the transition from traditional roles and attributes to a modern policy-based access control (PBAC) approach. Gal explains how PlainID helps organizations centralize authorization logic, improve security posture, and simplify the management of access across complex hybrid and multi-cloud environments. The discussion also touches on the importance of visibility into who has access to what and the role of standards like Cedar and Rego in the future of authorization.Connect with Gal: https://www.linkedin.com/in/gal-helemski-b9542231/Learn more about PlainID: plainid.com/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.comTimestamps:00:00 Introduction to the Sponsor Spotlight02:15 Meet Gal Helemski from PlainID05:30 The shift from RBAC to PBAC10:45 Challenges with traditional authorization methods15:20 How PlainID centralizes authorization logic22:10 Integrating with existing identity providers28:45 The role of visibility and auditing in authorization35:30 Discussion on authorization standards: Cedar and Rego42:15 Future trends in identity and access management50:00 Final thoughts and where to learn moreKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, PlainID, Authorization, Policy-Based Access Control, PBAC, RBAC, Cybersecurity, IAM, Access Management, Gal Helemski, Identity Security

In this episode, hosts Lois Houston and Nikita Abraham take you inside how Oracle brings its industry-leading database technology directly to AWS customers.   Senior Principal OCI Instructor Susan Jang unpacks what the OCI child site is, how Exadata hardware is deployed inside AWS data centers, and how the ODB network enables secure, low-latency connections so your mission-critical workloads can run seamlessly alongside AWS services.   Susan also walks through the differences between Exadata Database Service and Autonomous Database, helping teams choose the right level of control and automation for their cloud databases.   Oracle Database@AWS Architect Professional: https://mylearn.oracle.com/ou/course/oracle-databaseaws-architect-professional/155574 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, Anna Hulkower, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   -------------------------------------------------------------   Episode Transcript:   00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:26 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead: Editorial Services with Oracle University, and with me is Lois Houston, Director of Communications and Adoption with Customer Success Services.  Lois: Hi there! Last week, we talked about multicloud and the partnerships Oracle has with Microsoft Azure, Google Cloud, and Amazon Web Services. If you missed that episode, do listen to it as it sets the foundation for today's discussion, which is going to be about Oracle Database@AWS.  00:59 Nikita: That's right. And we're joined by Susan Jang, a Senior Principal OCI Instructor. Susan, thanks for being here. To start us off, what is Oracle Database@AWS?  Susan: Oracle Database@AWS is a service that allows Oracle Exadata infrastructure that is managed by Oracle Cloud Infrastructure, or OCI, to run directly inside an AWS data center.   01:25 Lois: Susan, can you go through the key architecture components and networking relationships involved in this?    Susan: The AWS Cloud is the Amazon Web Service. It's a cloud computing platform. The AWS region is a distinct, isolated geographic location with multiple physically separated data center, also known as availability zone. The availability zone is really a physically isolated data center with its own independent power, cooling, and network connectivity.  When we speak of the AWS data center, it's a highly secured, specialized physical facility that houses the computing storage, the compute servers, the storage server, and the networking equipment. The VPC, the Virtual Private Cloud, is a logical, isolated virtual network.  The AWS ODB network is a private user-created network that connects the virtual private cloud network of Amazon resources with an Oracle Cloud Infrastructure Exadata system. This is all within an AWS data center. The AWS-ADB peering is really an established private network connection that's between the Oracle VPC, the Virtual Private Cloud, and the Oracle Database@AWS network. And that would be the ODB.  Within the AWS data center, you have something that you see called the child site. Now, an OCI child site is really a physical data center that is managed by Oracle within the AWS data center. It's a seamless extension of the Oracle Cloud Infrastructure. The site is hosting the Exadata infrastructure that's running the Oracle databases.  The Oracle Database@AWS service brings the power as well as the performance of an Oracle Exadata infrastructure that is managed by Oracle Cloud Infrastructure to run directly in an AWS data center.  03:57 Nikita: So essentially, Oracle Database@AWS lets you to run your mission-critical Oracle data load close to your AWS application, while keeping management simple. Susan, what advantages does Oracle Database@AWS bring to the table?  Susan: Oracle Database@AWS offers a powerful and flexible solution for running Oracle workloads natively within AWS. Oracle Database@AWS streamlines the process of moving your existing Oracle Database to AWS, making migration faster as well as easier.  You get direct, low latency connectivity between your application and Oracle databases, ensuring a high performance for your mission-critical workloads.   Billing, resource management, and operational tasks are unified, allowing you to manage everything through similar tools with reduce complexity. And finally, Oracle Database@AWS is designed to integrate smoothly with your AWS environments' workloads, making it so much easier to build, deploy, and scale your solutions.  05:15 Lois: You mentioned the OCI child site earlier. What part does it play in how Oracle Database@AWS works?   Susan: The OCI child site really gives you the capability to combine the physical proximity and resources of AWS with the logical management and the capability of Oracle Cloud Infrastructure. This integrated approach allows us to enable the ability for you to run and manage your Oracle databases seamlessly in your AWS environment while still leveraging the power of OCI, our Oracle Cloud Infrastructure.  06:03 Did you know that Oracle University offers free courses on Oracle Cloud Infrastructure for subscribers! Whether you're interested in multicloud, databases, networking, security, AI, or machine learning, there's something for everyone. So, what are you waiting for? Pick your topic and get started by visiting mylearn.oracle.com.   06:29 Nikita: Welcome back! Susan, I'm curious about the Exadata infrastructure inside AWS. What does that setup look like?  Susan: The Exadata Infrastructure consists of physical database, as well as storage servers. That is deployed-- the database and the storage servers are interconnected using a high-speed, low-latency network fiber, ensuring optimal performance and reliable data transfer.  Each of the database server runs one or more Virtual Machines, or VMs, as we refer to them, providing flexible compute resources for different workloads. You can create, as well as manage your virtual machine, your VM clusters in this infrastructure using various methods. Your AWS console, Command-Line Interface, CLI, or Application Program Interface, that's your API, giving you various options, several options for automating, as well as integrating your existing tools.  When you're creating your Exadata Infrastructure, there are a few things you need to define and set up. You need to define the total number of your database servers, the total number of your storage server, the model of your Exadata system, as well as the availability zone where all these resources will be deployed.  This architecture delivers a high-performance resiliency and flexible management capability for running your Oracle Database on AWS.  08:18 Lois: Susan, can you explain the network architecture for Oracle Database deployments on AWS?   Susan: The ODB network is an isolated network within the AWS that is designed specifically for Exadata deployments. It includes both the client, as well as the backup subnet, which are essential for securing and efficient database operations.  When you create your Exadata Infrastructure, you need to specify the ODB network as you need the connectivity. This network is mapped directly to the corresponding network in the OCI child site. This will enable seamless communication between AWS, as well as the Oracle Cloud Infrastructure.  The ODB network requires two separate CIDR ranges. And in addition, the client subnet is used for the Exadata VM cluster, providing connectivity for database operations. Well, you do also have another subnet. And that subnet is the backup subnet. And it's used to manage database backups of those VM cluster, ensuring not only data protection, but also data recovery.  Within your AWS region and availability zone, the ODB network contains these dedicated client, as well as backup subnet. It basically isolates the Exadata traffic for both the day-to-day access, and that would be for the client, as well as the backup operations, and that would be for the backup subnet. This network design supports secure, high performance, and connectivity in a reliable backup management of the Oracle Database deployments that is running on AWS.  10:23 Nikita: Since we're on the topic of networking, can you tell us about ODB peering within the Oracle Database architecture?  Susan: The ODB peering establishes a secure private connection between your AWS Virtual Private Cloud, your VPC, then the Oracle Database, the ODB network that contains your Exadata Infrastructure.  This connection makes it possible for application servers that's running in your VPC, such as your Amazon EC2 instances to access your Oracle databases that is being hosted on Exadata within your ODB network. You specify the ODB network when you set up your infrastructure, specifically the Exadata Infrastructure. This network includes dedicated client, as well as backup subnets for an efficient and secure connectivity.  If you wish to enable multiple VPCs to connect to the same ODB network and access the Oracle Database@AWS resources, you can leverage AWS Transit Gateways or even an AWS Cloud WAN for scalable and centralized connectivity.   The virtual private cloud contains your application server, and that's securely paired with the Oracle Database network, creating a seamless, high-performance path to your application to interact with your Oracle Database.  ODB peering simplifies the connectivity between the AWS application environments and the Oracle Exadata Infrastructure, thus supporting a flexible, high performance, and secure database access.  12:23 Lois: Now, before we close, can you compare two key databases that are available with Oracle Database@AWS: Oracle Exadata Database Service and Oracle Autonomous Database Service?  Susan: The Exadata Database Service offers a fully managed and dedicated infrastructure with operational monitoring that is handled by you, the customer. In contrast, the Autonomous Database is fully managed by Oracle, taking care of all the operational monitoring.  Exadata provides very high scalability though resources, such as disk and compute, must be sized manually. Where in the Autonomous Database, it offers high scalability through automatic elastic scaling. When we speak of performance, both service deliver strong results. Exadata offers ultra-low latency and Exadata-level performance, while the Autonomous Database delivers optimal performance with automation.  Both services provide high migration capability. Exadata offers full compatibility and the Autonomous Database includes a robust set of migration tools. When it comes to management, Exadata requires manual management and administration. And that's really in a way to provide you the ability to customize it in the manner you desire, making it meets your very specific business needs, especially your database needs.  In contrast, the Autonomous Database is fully managed by Oracle, including automated administration tasks, optimal self-tuning features to further reduce any management overhead. When we speak of the feature sets, the Exadata delivers a full suite of Oracle features, including the RAC application cluster, or the Real Application Cluster, RAC, whereas the Autonomous offers a complete feature set, but specifically that is designed for optimized Autonomous operations.  Finally, when we speak of integration, integration for both of this service integrates seamlessly with AWS service, such as your EC2, your network, the VPC, your policies, the Identity and Access Management, your IAM, the monitoring with your CloudWatch, and of course, your storage, your SC, ensuring a consistent experience within your AWS ecosystem.  15:21 Nikita: So, you could say that the Exadata Database Service is better for customers who want dedicated infrastructure with granular control, while the Autonomous Database is built for customers who want a fully automated experience. Thank you, Susan, for taking the time to talk to us about Oracle Database@AWS.  Lois: That's all we have for today. If you want to learn more about the topics we discussed, head over to mylearn.oracle.com and search for the Oracle Database@AWS Architect Professional course. In our next episode, we'll find out how to get started with the Oracle Database@AWS service. Until then, this is Lois Houston…  Nikita: And Nikita Abraham, signing off!  16:06 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Jim McDonald is joined by Jeff Margolies, Chief Product and Strategy Officer at Saviynt, to discuss the intersection of artificial intelligence and identity security. Jeff shares his decades of experience in the industry, from building the IAM practice at Accenture to his current leadership role at Saviynt. The conversation covers how AI is making manually intensive identity tasks more efficient, the emergence of Identity Security Posture Management (ISPM), and the critical need to govern identities for AI agents. Jeff also provides his perspective on the future of the identity practitioner and why he remains an optimist in a rapidly changing technological landscape.Connect with Jeff Margolies on LinkedIn: https://www.linkedin.com/in/jmargolies/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comTimestamps:00:00:00 - Introduction and Gartner Identity Conference Recap00:02:11 - Jeff Margolies' Career Journey in Identity and Security00:04:36 - Returning to Identity and Joining Saviynt00:06:13 - How AI is Impacting Identity Security and Governance00:09:56 - The Future of Identity Services in an AI World00:13:58 - Will AI Disrupt the SaaS Model for Identity?00:19:50 - The Impact of AI on the Identity Practitioner Job Market00:26:16 - Identity for AI: Governing Agents and Delegated Authority00:32:00 - Combating Deepfakes and Proving What is Real00:34:40 - The Rise of Identity Security Posture Management (ISPM)00:41:46 - Comparing Posture Management and ITDR00:44:17 - Advice for CISOs: Why Posture Should Come First00:49:35 - The Secret to Saviynt's Success and Future Outlook00:52:19 - Lighter Note: Why Jeff Chose a Tesla for His DaughterKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Jeff Margolies, Saviynt, IAM, Identity and Access Management, AI, Artificial Intelligence, ISPM, ITDR, Cybersecurity, Identity Governance, SaaS, IGA

Send us a textA surprising number of security leaders admit they're flying blind on hardware and firmware. We start by exposing how shared BIOS passwords, slow maintenance cycles, and careless e‑waste practices create avoidable risk, then lay out the fixes: privileged vaulting, disciplined asset disposition, and practical ways to repurpose gear without leaking data. That real-world foundation sets the stage for a focused tour through CISSP Domain 5—Identity and Access Management—built for practitioners who want clarity over jargon.We break down least privilege in plain terms and show how to reduce the initial friction with cleanly defined roles and entitlement catalogs. From there, we compare RBAC and ABAC: when baseline roles are enough, and when context-aware attributes like device, location, and data sensitivity should drive policy. Authentication gets the same treatment. Multi-factor authentication, biometrics, and phishing-resistant methods raise the bar, while single sign-on and identity federation streamline access across cloud apps using standards like OAuth, OpenID Connect, and SAML. In modern cloud environments, token-based models win for scalability and security, and we explain why.Governance ties it all together. We walk through identity proofing for solid onboarding, separation of duties to curb fraud, and IGA workflows that make approvals, recertifications, and audits far less painful. Regular access reviews emerge as the unsung hero that prevents privilege creep before it becomes an incident. If you're prepping for the CISSP—or just tightening your IAM program—this episode gives you the why behind the what, with steps you can apply today.Enjoyed the conversation and want more deep dives? Subscribe, share with a teammate who needs a quick IAM refresher, and leave a review to help others find the show.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Discover how identity and access management (IAM) is reshaping cybersecurity in cloud ERP, enabling businesses to be safer, faster, and more compliant with clarity in roles and responsibilities.=====In this insightful episode of the Future of ERP podcast, Aditya Thakurdesai from Infosys dives deep into the vital topic of identity and access management (IAM) in cloud ERP environments. He explains why understanding "who owns what" in IAM is non-negotiable to ensure security, compliance, and operational efficiency amid today's complex hybrid IT infrastructures. Aditya shares compelling customer stories- rom a global pharmaceutical company safeguarding sensitive research data to a large retailer accelerating seasonal workforce onboarding - highlighting how the shared responsibility model brings clarity and confidence in managing cloud security. The discussion further explores how AI is revolutionizing IAM, with intelligent threat detection, adaptive access control, and proactive governance transforming traditional security roles. This episode is a must-listen for any business navigating cloud security risks and looking to leverage AI for smarter, faster, and safer ERP management. Tune in and learn how to stay ahead in the evolving cybersecurity landscape.⁠⁠⁠Download Episode Transcript⁠⁠⁠Useful Links:Learn how the shared responsibility model for SAP Cloud ERP Private defines roles, streamlines operations, and improves security and compliance: Operate your cloud ERP with confidence and control SAP Cloud ERPInfosysFollow Us on Social Media!⁠⁠⁠SAP Cloud ERP - LinkedIn⁠⁠⁠=====Guest: Aditya Thakurdesai, Director – Enterprise Security , InfosysAditya is a seasoned SAP Security and GRC professional, currently serving as Director – Enterprise Security at Infosys. With nearly two decades of experience, he has delivered transformative security solutions that seamlessly integrate deep domain expertise with emerging technologies. In his current role, Aditya heads the Manufacturing and Communications, Media & Technology segments within Infosys' Enterprise Risk Management Services group. He also drives strategic Centre of Excellence initiatives focused on security transformation, intelligent automation, and AI innovation. His current passion lies in Agentic AI, where he has developed pioneering solution that introduce new levels of agility, compliance, and scalability to enterprise security operations.Host 1: Richard Howells, SAPRichard Howells has been working in the Supply Chain Management and Manufacturing space for over 30 years. He is responsible for driving the thought leadership and awareness of SAP's ERP, Finance, and Supply Chain solutions and is an active writer, podcaster, and thought leader on the topics of supply chain, Industry 4.0, digitization, and sustainability.Follow Richard Howell on ⁠⁠⁠LinkedIn⁠⁠⁠ and ⁠⁠⁠X⁠⁠⁠Host 2: Oyku Ilgar, SAPOyku Ilgar is a marketer and thought leader specializing in SAP's digital supply chain and ERP solutions since 2017. As a marketer, blogger, and podcaster, she creates engaging content that highlights innovative SAP technologies and explores key topics including business trends, AI, Industry 4.0, and sustainability.She holds dual bachelor's degrees in Finance & Accounting and English Translation, along with a master's degree in Business Administration and Foreign Trade, specializing in marketing. With her background in digital transformation, Oyku communicates technology trends and industry insights to help professionals navigate the evolving business landscape.Oyku's LinkedIn and SAP Community=====Key Topics: Identity Management, Access Management, Cloud ERP, Shared Responsibility, Compliance, Security, Artificial Intelligence, AI, Threat Detection, Case Studies

Rob Hughes — CISO at RSA and Champion of a Passwordless FutureNo Password Required Season 7:  Episode 1 - Rob HughesRob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and serving as its Chief Technologist during the early days of the internet, to leading security and systems design at Philips Home Monitoring.Jack Clabby of Carlton Fields, P.A. and Kayley Melton welcome Rob for a wide-ranging conversation on identity, leadership, and the realities of modern cybersecurity. Rob currently leads RSA's Security and Risk Office, overseeing cybersecurity, information security governance, and risk across both RSA's products and corporate environment.Rob explains his dream for a passwordless future. He unpacks why passwords remain one of the largest sources of cyber risk, how real-world incidents and password-spraying attacks have accelerated change, and why phishing-resistant technologies like passkeys may finally be reaching a tipping point.  The episode wraps with the Lifestyle Polygraph, where Rob lightens the conversation with stories about gaming with his kids, underrated horror films, and classic cars.Follow Rob on LinkedIn: https://www.linkedin.com/in/robert-hughes-816067a4/Chapters: 00:00 Introduction to No Password Required01:43 Meet Rob Hughes, CISO at RSA02:05 The Role of a CISO in a Security Company05:09 Transitioning to the CISO Role08:00 The Early Days of Geek.com12:14 Launching a Startup During the Dot Com Boom14:30 The Push for a Passwordless Future18:21 Tipping Point for Passwordless Adoption20:20 Ongoing Learning in Cybersecurity26:09 Managing Stress in High-Pressure Environments33:46 The Lifestyle Polygraph Begins34:15 Career Insights in Cybersecurity36:08 Dream Cars and Personal Preferences39:58 Underrated Horror Films41:19 Creating a Cybersecurity Monster

#395 - Sponsor Spotlight - RedblockThis episode is sponsored by Redblock. Visit redblock.ai/idac to learn more.Jeff and Jim come to you live from the Gartner IAM Summit in Grapevine, Texas, for a special Sponsor Spotlight with Redblock. They sit down with CEO Indus Khaitan to discuss how Redblock uses AI and computer vision to solve the "last mile" problem in identity management: disconnected applications.Indus explains how Redblock acts as an "agentic" layer, using screen recordings to learn administrative tasks for apps that lack APIs. The conversation covers the origin of the company name, the urgency of securing the "long tail" of applications, and how they build trust and guardrails around AI execution. They also discuss the "DoorDash" analogy for identity fulfillment and wrap up with a fun chat about Indus's passion for flying planes.Connect with Indus: https://www.linkedin.com/in/khaitan/Learn more: redblock.ai/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at [idacpodcast.com](http://idacpodcast.com)Timestamps00:00 Introduction from Gartner IAM Summit00:46 Guest Introduction: Indus Khaitan of Redblock01:40 Indus's Journey into Identity02:41 The Origin of the Name "Redblock"04:20 The Underserved Market: Services vs. Software07:34 The Urgency of Securing Disconnected Apps09:19 Why Traditional IGA and PAM Aren't Enough11:35 The DoorDash Analogy: Where Redblock Fits14:30 What Makes Redblock Unique? (Agentic Process Automation)16:15 Trusting AI with Security Tasks18:50 Onboarding Apps via Video Recording21:23 Deployment: Running Air-Gapped on Customer Cloud22:17 Handling UI Changes and "Full Self-Driving" Analogy25:40 Integration with SailPoint and Governance Tools27:13 Speed of Integration: Days vs. Years32:00 How the "Headless Browser" Works33:35 Limitations: Web Apps vs. Thick Clients36:58 Redblock's 2025 Milestones and Future Outlook39:48 Call to Action: Solving Disconnected Apps40:27 Impressions of the Gartner IAM Summit44:26 Are We in an AI Bubble?46:46 Indus's Hobby: Flying PlanesKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Redblock, Indus Khaitan, AI, Artificial Intelligence, IAM, Identity and Access Management, Disconnected Apps, Agentic AI, Computer Vision, Gartner IAM Summit, RPA, IGA, Cybersecurity

Every system depends on reliable infrastructure behind the scenes. Oracle Cloud Infrastructure (OCI) delivers that reliability with speed, flexibility, and built-in security.   Join Lois Houston and Nikita Abraham as they speak with Oracle Cloud experts David Mills and Tijo Thomas about what makes OCI different and how it drives real results for businesses of every size.   Cloud Business Jumpstart https://mylearn.oracle.com/ou/course/cloud-business-jumpstart/152957 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   -----------------------------------------------   Episode Transcript:   00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:26 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Communications and Adoption with Customer Success Services, and with me is Nikita Abraham, Team Lead: Editorial Services with Oracle University. Nikita: Hi everyone, and welcome to a brand-new season of the podcast! We're really excited about this one because we'll be diving into how Oracle Cloud Infrastructure is transforming the way businesses innovate, stay secure, and drive results.  00:55 Lois: And to help us with this, we've got two experts who know this space inside out—David Mills, Senior Principal PaaS Instructor, and Tijo Thomas, Principal OCI Instructor, both from Oracle University. Hi David! For those who might not be familiar, could you explain what Oracle Cloud Infrastructure is? David: OCI, as we call it, is Oracle's enterprise grade cloud platform, built from the ground up to run the systems that matter most to business. It provides the infrastructure and platform services businesses need to build, run, and scale applications securely, globally, and cost effectively. To provide more context, all of Oracle's SaaS applications such as NetSuite, Customer Experience, Human Capital Management, Supply Chain Management, as well as Enterprise Resource and Enterprise Performance Management, they all run on OCI. But OCI isn't just for Oracle's own apps. It's a full featured cloud platform used by thousands of customers to run their own applications, data, and services. OCI includes platform services such as databases, integration, analytics, and many others, and of course, the infrastructure services, such as compute, networking, and storage, which comprise the core of OCI. Bottom line, if something is running on Oracle Cloud, OCI is behind it. OCI includes over 100 services across numerous categories like compute, storage, networking, database, containers, AI, developer tools, integration, security, observability, and much more. So, whether you're lifting and shifting legacy workloads or building new apps in the cloud, OCI has the building blocks. 03:02 Lois: David, who was OCI designed for? David: OCI was built from scratch to address the limitations of first-generation clouds. No patchwork of legacy acquisitions, just a clean, modern, high-performance foundation designed for real enterprise workloads. OCI was designed for businesses that can't compromise financial services, health care, retail, governments, customers with strict regulations, global scale, and mission-critical systems. These are the companies choosing OCI not just because it works, but because it works under pressure. 03:42 Nikita: What else makes OCI different from other cloud platforms? David: Oracle's network and storage architecture delivers low latency results consistently. Then there's pricing—simple, predictable, and often much lower than our competitors. OCI was designed with governance and security in every layer. OCI supports all types of cloud strategies: public cloud, hybrid deployments, multi-cloud environments, and even a dedicated cloud we can install inside your own data center. We call all that distributed cloud, and that's where OCI really shines. OCI gives you everything you need to modernize your technology stack, run securely at scale, and build for the future without giving up control or blowing your budget. 04:37 Lois: Now, Tijo, we've covered what OCI is, who it's for, and what makes it unique. Let's switch gears a bit and talk about cloud regions. For anyone who doesn't know, a cloud region is just a specific geographic location where Oracle, or any cloud provider, runs its own data centers. Why does the choice of region matter for businesses, and what should they think about when picking one? Tijo: Many businesses are required by law to keep their data within national borders, whether it is GDPR in Europe or local privacy laws in Australia or Singapore, choosing the right region would help you to stay compliant.  The closer your applications are to your users, the faster they perform. Running in a nearby region means lower latency, faster response times, and better customer experience. Then there is disaster recovery and high availability. Regions are the building blocks for setting up failover strategies. By deploying workloads in multiple regions, businesses can protect themselves from outages and keeping their systems in running state. Some businesses also need to meet industry-specific compliance requirements. Think of sectors like health care, government, or finance. They often require that the infrastructure and the data should stay within the national or regional boundaries. If your business is growing into new markets, regions allow you to deploy apps and services closer to your customers and without having the need to build new data centers. Regions also enable local integrations and partnerships, whether it is connecting with ISPs, local service providers, or complying with in-country partner requirements. Having a region nearby makes that integrations and operations smoother. Regions are not just about geography. They are a critical part of how the businesses would stay compliant, resilient, and responsive across the globe. Oracle runs a fast-growing global network of cloud regions, and each OCI region is fully independent and fully isolated. You choose your regions, and your data stays there. 07:06 Nikita: And are there different types of cloud regions? Tijo: There are several commercial regions, sovereign regions, government regions, and multi-cloud regions. Even with a wide range of cloud regions, some organizations cannot move their workloads and its data to the public cloud. Those workloads may need to stay in their own on-premises data center, but at the same time, they still want to leverage the benefits of OCI. 07:42 Take your cloud skills to the next level with the new Oracle Database@AWS course. Master provisioning, migration, security, and high availability for Oracle Database on AWS. Then validate your experience with an industry-recognized certification. Stand out in the multicloud space and accelerate your career. Visit mylearn.oracle.com for more information. 08:09 Nikita: Welcome back! We were talking about workloads and how some companies may have to keep their workloads on-premises. Why would they need to do that, Tijo? Tijo: First, data sovereignty. Let's say there may not be a list of public cloud region that the organization is looking for, or maybe the business need to set up a disaster recovery strategy within that specific location. Then there is security and control. Some industries have very strict regulations, and they require physical access and oversight of their infrastructure. And finally, there are latency-sensitive workloads. These are applications that cannot afford the delay of going back and forth to a remote cloud region. They need cloud services right next to their physical data center.  08:59 Nikita: So, how does Oracle help with that? Tijo: To address these requirements, Oracle introduces a set of offerings. The first one is called dedicated region, and the second one is called Cloud@Customer services. Through both these offerings, you get OCI services right in your data center and all behind your firewall, while achieving the benefits of flexibility and automation.  09:24 Nikita: So, what's a dedicated region? Tijo: Dedicated region is a completely managed cloud region that brings all the OCI services and Oracle Fusion SaaS applications within your data centers. Along with deploying the full stack OCI, you would receive support for Oracle Fusion SaaS applications and also gain a consistent experience with the same SLAs, APIs, and the tools available in Oracle Cloud. 09:53 Lois: Ok and what about Cloud@Customer? Tijo: While dedicated region is ideal for large scale enterprise needs, with full stack OCI and SaaS, some organizations just require a lighter footprint. And that's where Cloud@Customer comes in. And to begin with, we'll talk about Compute Cloud@Customer. It is a fully managed rack scale infrastructure that allows you to use the core OCI services, like the OCI compute, OCI storage, and OCI networking services at your on-premises. With Compute Cloud@Customer, you can run applications and middleware systems to provide consistent user experience and simplify IT administration across your distributed cloud architecture. We can plan to run the same application stack everywhere and centrally manage them without needing experts in every location.  10:52 Nikita: Is there a way to make running your Oracle databases easier and more cost-effective? Tijo: That's why Oracle offers you Oracle Exadata Cloud@Customer. Oracle Exadata Cloud@Customer combines the performance of Oracle Exadata with the simplicity, flexibility, and affordability of a managed database service delivered through customer data centers. It is the simplest way to move your current Oracle databases to the cloud, because it provides full compatibility with existing Exadata systems and Exadata Database services in Oracle Cloud Infrastructure. You could also run the fully-managed Oracle Autonomous Database on Exadata Cloud@Customer that would combine all the benefits of having Exadata, along with the simplicity of an autonomous cloud service. And when Compute Cloud@Customer is combined with Exadata Cloud@Customer, you can run full stack applications completely in your own data center. Applications will use the same high performance OCI compute and database services you get in the cloud, so you don't have to change the way you architect or deploy them.  12:09 Nikita: So, what you're saying is that Oracle dedicated region and Cloud@Customer bring OCI services into your data center. Tijo: It enables you to run applications faster using the same high-performance capabilities and autonomous operations. You get all of this while maintaining complete control of your data so that you can address data residency, security, and connectivity concerns.  12:35 Lois: Ok. We've talked about where OCI runs. Now David, let's get into what it actually does. David: OCI compute lets you run business applications on demand without buying or managing physical servers. You choose the type and size of the virtual machine you want, and OCI handles the rest. Need more power for peak traffic? OCI can automatically add capacity and scale it back down after. In addition to virtual machines, bare metal servers are also available for ultra high performance jobs like simulations, AI, or high speed trading. Every business stores data, but not all data needs the same kind of storage. OCI gives you options, fast block storage for your compute servers. It works just like a hard drive for your home computer. Shared file storage for applications and microservices. Large scale object storage for backups, videos, or other data, and low-cost long-term storage for object archives. The system even moves rarely used data to cheaper storage automatically.  13:51 Lois: Given Oracle's expertise in databases, what are some of the database options businesses can access with OCI? David: Oracle Autonomous Database automatically patches, tunes, and scales itself. Need raw power? Use Oracle Exadata, or go open source with MySQL HeatWave, which can be used for real time analytics. With these and many other database options, you get high performance automation and reliability all on demand.  14:24 Nikita: With so many database options, how is everything kept connected and running smoothly on OCI? David: Every cloud service relies on a fast, secure network. OCI's Virtual Cloud network acts like your own private data highway. You control how traffic flows between your apps, your people, and your regions. Need private direct connections to your data center or office? Use OCI FastConnect to bypass the public internet. OCI networking provides high speed performance with enterprise grade security designed for global business. 15:05 Lois: And what security service does Oracle provide? David: OCI doesn't treat this as an optional add on. When you sign up for OCI, your environment is isolated, your data is encrypted, and admin actions are logged. And there are so many security services. Identity and Access Management for handling users and permissions, Cloud Guard to detect threats and misconfigurations, OCI Vault for managing your encryption keys, Data Safe to monitor sensitive data access, as well as many others. You can leverage to meet any government or business compliance requirement. All of these are included in OCI, no need to stitch together third-party tools. 15:55 Lois: What if I want to see what's going on in my environment? David: OCI has monitoring services for metrics, logging services for real-time insights, tracing for distributed applications, and alarms to notify you when things go sideways. All of these services are integrated. So you can see what matters when you need it without all the noise. 16:23 Nikita: David, let's say someone wants to build and deploy an app. What services does OCI offer them?  David: OCI provides numerous developer services for your teams to build apps or digital tools. OCI DevOps supports automated builds and deployments. OCI Container Engine for Kubernetes helps run microservices. OCI Functions supports serverless code that runs on demand. All of this works with familiar languages and frameworks. In short, OCI gives developers what they need to build, test, and deliver quickly without having to manage infrastructure. 17:03 Nikita: How does OCI make it easier for companies to bring their apps together and use AI, even if they don't have a dedicated AI team? David: Modern businesses run dozens of apps, and OCI helps you to connect them with Oracle Integration Cloud. With OIC, you can integrate SaaS applications as well as on-premise apps and systems, automate business processes and workflows, route and transform messages, and you can even expose key services as APIs so partners and systems can interact securely. OCI integration is the glue that holds modern IT together. OCI helps you turn data into decisions without needing an AI team. Use ready-made AI tools for language translation, image recognition, document understanding, speech transcription, and more. Or build your own models with data science and data flow services. It's all designed to bring machine learning into reach for every business. 18:10 Lois: Thank you, David and Tijo, for joining us on this episode of the Oracle University Podcast. If you want to learn more about OCI, visit mylearn.oracle.com and search for the Cloud Business Jumpstart course.  Nikita: Next week, we'll look at why businesses choose OCI and how they're using OCI services to create real outcomes. Until then, this is Nikita Abraham… Lois: And Lois Houston signing off! 18:38 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Discover how Customer Identity and Access Management software combines smooth login experiences with strong security, helping businesses build customer trust while managing millions of identities. Learn why CIAM is reshaping online interactions and how leading solutions compare. Read more at https://www.loginradius.com/blog/identity/customer-identity-and-access-management LoginRadius City: Vancouver Address: 450 SW Marine Drive, Floor 18 Website: https://www.loginradius.com/

Join hosts Jeff Steadman and Jim McDonald for a special live episode recorded on location at Identiverse DC! In this interactive session, Jeff and Jim host a game of "Majority Rules," where the audience competes not to answer correctly, but to guess the most popular answer in the room.The game covers a wide range of topics, from the trivial (worst conference swag and the official uniform of an IAM architect) to the technical (securing API keys, the biggest bottlenecks in IGA, and the primary causes of role explosion).Things get intense halfway through with the introduction of the Battle Royale rules, where picking the minority answer sends a player's score back to zero. Watch to see who survives the explosions and takes home the grand prize.Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapter Timestamps00:00 Intro to Identity at the Center Live00:36 Explaining the Rules of Majority Rules04:25 Question 1: The Worst Conference Swag06:00 Question 2: Replying to Access Denied07:05 Question 3: AI in Identity Management08:40 Question 4: Favorite MFA Method10:12 Question 5: Least Favorite Auth Factor11:15 Turning up the Heat: Battle Royale Mode12:10 Question 6: Why RBAC is Difficult at Scale13:30 Question 7: The IAM Architect Uniform14:50 Question 8: Best Place to Hide a Secret16:15 Question 9: Protocols You Secretly Miss17:25 Question 10: Most Hated Specialized Key18:40 Question 11: Conference Responsibilities20:00 Question 12: Securing API Keys21:20 Question 13: Secrets to Surviving Keynotes22:55 Question 14: The Biggest Bottleneck in IGA24:45 Question 15: Causes of Role Explosion25:50 Question 16: What Breaks First After a Schema Update26:40 Final Question: Fastest Way to Confuse a User27:40 Crowning the WinnerKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Identiverse, Identiverse DC, IAM, Identity and Access Management, Cybersecurity, InfoSec Game Show, Live Podcast, Majority Rules, MFA, IGA, API Security, RBAC, Role Explosion, Tech Humor, Cyberrisk Alliance

In this week's episode, Matthew and Mark dive into a shocking wave of new fraud stories that all hit the headlines this week—and every one of them exposes the same weak points: identity, responsibility, and accountability.We break down the latest GAO report revealing massive vulnerabilities in Obamacare Marketplace plans—fake identities getting approved, stolen Social Security numbers used in dozens of applications, brokers making unauthorized changes, and taxpayers footing the bill for millions in bogus subsidies. Then we travel to Minnesota, where Medicaid and COVID-era relief fraud has surged past the $1 billion mark, with new cases showing how nonprofits, brokers, and even ghost companies exploited programs designed to help real families.And yes… in case you missed it, Taylor Swift and Travis Kelce just announced their upcoming wedding. The tabloids call it the love story of the decade—but the Fraud Bros ask: “Is it romance… or the greatest marketing campaign ever conceived?”As always, we connect the thread: fraud happens wherever identity is weak and accountability is missing—whether in healthcare systems, government programs, or even corporate operations. Identity management, internal controls, and segregation of duties aren't just audit words… they're the guardrails that keep taxpayer dollars, patient data, and entire programs from going off the rails.Support the showFind us on all streaming platforms! Check out our sponsor 1Trooper on LinkedIn @1Trooper And don't forget to subscribe!

What if the biggest threat to your brand's agility and security isn't a competitor, but the welcome mat you lay out for your own partners? Agility requires not just the ability to move quickly, but the confidence to do so securely. It's about building a foundation of trust that enables seamless collaboration without introducing unnecessary risk. Today, we're going to talk about a critical, yet often overlooked, aspect of brand agility: the digital experience we provide to our third-party partners. From marketing agencies to technology vendors, these relationships are essential, but the very processes meant to enable them—like onboarding and system access—can often be the source of massive friction, security risks, and a fundamental breakdown of trust. To help me discuss this topic, I'd like to welcome, Haider Iqbal, Director, Identity & Access Management at Thales. About Haider Iqbal Haider is a technology leader and strategist with a career that spans consulting, sales, acquisitions, and product marketing across multiple regions. He has guided multimillion-dollar sales efforts, played a key role in a $100 million identity-sector acquisition, and now leads product marketing for Thales's IAM business. With roots in management consulting and a track record of translating complex technology into business growth, Haider brings both breadth and depth of expertise. Driven by a mindset of constant learning and unlearning, he is passionate about building technology that is inclusive, trustworthy, and safe for future generations. Outside of work, Haider can often be found on a cricket pitch, volleyball court, or golf course, with very occasional success. Haider Iqbal on LinkedIn: https://www.linkedin.com/in/haideriqbal/ Resources Thales: https://www.thales.com The Agile Brand podcast is brought to you by TEKsystems. Learn more here: https://www.teksystems.com/versionnextnow Catch the future of e-commerce at eTail Palm Springs, Feb 23-26 in Palm Springs, CA. Go here for more details: https://etailwest.wbresearch.com/ Connect with Greg on LinkedIn: https://www.linkedin.com/in/gregkihlstromDon't miss a thing: get the latest episodes, sign up for our newsletter and more: https://www.theagilebrand.showCheck out The Agile Brand Guide website with articles, insights, and Martechipedia, the wiki for marketing technology: https://www.agilebrandguide.com The Agile Brand is produced by Missing Link—a Latina-owned strategy-driven, creatively fueled production co-op. From ideation to creation, they craft human connections through intelligent, engaging and informative content. https://www.missinglink.company

What if the biggest threat to your brand's agility and security isn't a competitor, but the welcome mat you lay out for your own partners? Agility requires not just the ability to move quickly, but the confidence to do so securely. It's about building a foundation of trust that enables seamless collaboration without introducing unnecessary risk. Today, we're going to talk about a critical, yet often overlooked, aspect of brand agility: the digital experience we provide to our third-party partners. From marketing agencies to technology vendors, these relationships are essential, but the very processes meant to enable them—like onboarding and system access—can often be the source of massive friction, security risks, and a fundamental breakdown of trust. To help me discuss this topic, I'd like to welcome, Haider Iqbal, Director, Identity & Access Management at Thales. About Haider Iqbal Haider is a technology leader and strategist with a career that spans consulting, sales, acquisitions, and product marketing across multiple regions. He has guided multimillion-dollar sales efforts, played a key role in a $100 million identity-sector acquisition, and now leads product marketing for Thales's IAM business. With roots in management consulting and a track record of translating complex technology into business growth, Haider brings both breadth and depth of expertise. Driven by a mindset of constant learning and unlearning, he is passionate about building technology that is inclusive, trustworthy, and safe for future generations. Outside of work, Haider can often be found on a cricket pitch, volleyball court, or golf course, with very occasional success. Haider Iqbal on LinkedIn: https://www.linkedin.com/in/haideriqbal/ Resources Thales: https://www.thales.com The Agile Brand podcast is brought to you by TEKsystems. Learn more here: https://www.teksystems.com/versionnextnow Catch the future of e-commerce at eTail Palm Springs, Feb 23-26 in Palm Springs, CA. Go here for more details: https://etailwest.wbresearch.com/ Connect with Greg on LinkedIn: https://www.linkedin.com/in/gregkihlstromDon't miss a thing: get the latest episodes, sign up for our newsletter and more: https://www.theagilebrand.showCheck out The Agile Brand Guide website with articles, insights, and Martechipedia, the wiki for marketing technology: https://www.agilebrandguide.com The Agile Brand is produced by Missing Link—a Latina-owned strategy-driven, creatively fueled production co-op. From ideation to creation, they craft human connections through intelligent, engaging and informative content. https://www.missinglink.company

Curious about AI identity and MCP servers? Join us as Tobin South breaks down securing agents, fine-grained access, and the future of AI identity. Share your thoughts below!https://codingcat.dev/podcast/identity-access-management-for-agents-with-tobin-south00:00 Meet Tobin South06:11 MCP Security Challenges13:28 Agent to Agent Future24:28 MCP Server Setup33:12 Real-World Orchestration40:53 MCP Protocol Updates42:15 Closing Thoughts

How do all your devices connect and stay safe in the cloud? In this episode, Lois Houston and Nikita Abraham talk with OCI instructors Sergio Castro and Orlando Gentil about the basics of how networks work and the simple steps that help protect them.   You'll learn how information gets from one place to another, why tools like switches, routers, and firewalls are important, and what goes into keeping access secure.   The discussion also covers how organizations decide who can enter their systems and how they keep track of activity.   Cloud Tech Jumpstart: https://mylearn.oracle.com/ou/course/cloud-tech-jumpstart/152992 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode. -------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services. Nikita: Hi everyone! In the last episode, we spoke about local area networks and domain name systems. Today, we'll continue our conversation on the fundamentals of networking, covering a variety of important topics.  00:50 Lois: That's right, Niki. And before we close, we'll also touch on the basics of security. Joining us today are two OCI instructors from Oracle University: Sergio Castro and Orlando Gentil. So glad to have you both with us guys. Sergio, with so many users and devices connecting to the internet, how do we make sure everyone can get online? Can you break down what Network Address Translation, or NAT, does to help with this? Sergio: The world population is bigger than 4.3 billion people. That means that if we were to interconnect every single human into the internet, we will not have enough addresses. And not all of us are connected to the internet, but those of us who are, you know that we have more than one device at our disposal. We might have a computer, a laptop, mobile phones, you name it. And all of them need IP addresses. So that's why Network Address Translation exists because it translates your communication from a private IP to a public IP address. That's the main purpose: translate. 02:05 Nikita: Okay, so with NAT handling the IP translation, how do we ensure that the right data reaches the right device within a network? Or to put it differently, what directs external traffic to specific devices inside a network? Sergio: Port forwarding works in a reverse way to Network Address Translation. So, let's assume that this PC here, you want to turn it into a web server. So, people from the outside, customers from the outside of your local area network, will access your PC web server. Let's say that it's an online store. Now all of these devices are using the same public IP address. So how would the traffic be routed specifically to this PC and not to the camera or to the laptop, which is not a web server, or to your IP TV? So, this is where port forwarding comes into play. Basically, whenever it detects a request coming to port, it will route it and forward that request to your PC. It will allow anybody, any external device that wants to access this particular one, this particular web server, for the session to be established. So, it's a permission that you're allowing to this PC and only to this PC. The other devices will still be isolated from that list. That's what port forwarding is. 03:36 Lois: Sergio, let's talk about networking devices. What are some of the key ones, and what role do they play in connecting everything together? Sergio: There's plenty of devices for interconnectivity. These are devices that are different from the actual compute instances, virtual machines, cameras, and IPTV. These are for interconnecting networks. And they have several functionalities. 03:59 Nikita: Yeah, I often hear about a default gateway. Could you explain what that is and why it's essential for a network to function smoothly? Sergio: A gateway is basically where a web browser goes and asks a service from a web server. We have a gateway in the middle that will take us to that web server. So that's basically is the router. A gateway doesn't necessarily have to be a router. It depends on what device you're addressing at a particular configuration. So, a gateway is a connectivity device that connects two different networks. That's basically the functionality.  04:34 Lois: Ok. And when does one use a default gateway? Sergio: When you do not have a specific route that is targeting a specific router. You might have more than one router in your network, connecting to different other local area networks. You might have a route that will take you to local area network B. And then you might have another router that is connecting you to the internet. So, if you don't have a specific route that will take you to local area network B, then it's going to be utilizing the default gateway. It directs data packets to other networks when no specific route is known. In general terms, the default gateway, again, it doesn't have to be a router. It can be any devices. 05:22 Nikita: Could you give us a real-world example, maybe comparing a few of these devices in action, so we can see how they work together in a typical network? Sergio: For example, we have the hub. And the hub operates at the physical layer or layer 1. And then we have the switch. And the switch operates at layer 2. And we also have the router. And the router operates at layer 3. So, what's the big difference between these devices and the layers that they operate in? So, hubs work in the physical layer of the OSI model. And basically, it is for connecting multiple devices and making them act as a single network segment. Now, the switch operates at the data link layer and is basically a repeater, and is used for filtering content by reading the addresses of the source and destination. And these are the MAC addresses that I'm talking about. So, it reads where the packet is coming from and where is it going to at the local area network level. It connects multiple network segments. And each port is connected to a different segment. And the router is used for routing outside of your local area network, performs traffic directing functions on the internet. A data packet is typically forwarded from one router to another through different networks until it reaches its destination node. The switch connects multiple network segments. And each port of the switch is connected to a different segment. And the router performs traffic directing functions on the internet. It takes data from one router to another, and it works at the TCP/IP network layer or internet layer. 07:22 Lois: Sergio, what kind of devices help secure a network from external threats? Sergio: The network firewall is used as a security device that acts as a barrier between a trusted internal network and an untrusted external network, such as the internet. The network firewall is the first line of defense for traffic that passes in and out of your network. The firewall examines traffic to ensure that it meets the security requirements set by your organization, or allowing, or blocking traffic based on set criteria. And the main benefit is that it improves security for access management and network visibility. 08:10 Are you keen to stay ahead in today's fast-paced world? We've got your back! Each quarter, Oracle rolls out game-changing updates to its Fusion Cloud Applications. And to make sure you're always in the know, we offer New Features courses that give you an insider's look at all of the latest advancements. Don't miss out! Head over to mylearn.oracle.com to get started.  08:36 Nikita: Welcome back! Sergio, how do networks manage who can and can't enter based on certain permissions and criteria? Sergio: The access control list is like the gatekeeper into your local area network. Think about the access control list as the visa on your passport, assuming that the country is your local area network. Now, when you have a passport, you might get a visa that allows you to go into a certain country. So the access control list is a list of rules that defines which users, groups, or systems have permissions to access specific resources on your networks.  It is a gatekeeper, that is going to specify who's allowed and who's denied. If you don't have a visa to go into a specific country, then you are denied. Similar here, if you are not part of the rule, if the service that you're trying to access is not part of the rules, then you cannot get in. 09:37 Lois: That's a great analogy, Sergio. Now, let's turn our attention to one of the core elements of network security: authentication and authorization. Orlando, can you explain why authentication and authorization are such crucial aspects of a secure cloud network? Orlando: Security is one of the most critical pillars in modern IT systems. Whether you are running a small web app or managing global infrastructure, every secure system starts by answering two key questions. Who are you, and what are you allowed to do? This is the essence of authentication and authorization. Authentication is the first step in access control. It's how a system verifies that you are who you claim to be. Think of it like showing your driver's license at a security checkpoint. The guard checks your photo and personal details to confirm your identity. In IT systems, the same process happens using one or more of these factors. It will ask you for something you know, like a password. It will ask you for something that you have, like a security token, or it will ask you for something that you are, like a fingerprint. An identity does not refer to just a person. It's any actor, human or not, that interacts with your systems. Users are straightforward, think employees logging into a dashboard. But services and machines are equally important. A backend API may need to read data from a database, or a virtual machine may need to download updates. Treating these non-human identities with the same rigor as human ones helps prevent unauthorized access and improves visibility and security. After confirming your identity, can the system move on to deciding what you're allowed to access? That's where authorization comes in. Once authentication confirms who you are, authorization determines what you are allowed to do. Sticking with the driver's license analogy, you've shown your license and proven your identity, but that doesn't mean that you can drive anything anywhere. Your license class might let you drive a car, not a motorcycle or a truck. It might be valid in your country, but not in others. Similarly, in IT systems, authorization defines what actions you can take and on which resources. This is usually controlled by policies and roles assigned to your identity. It ensures that users or services only get access to the things they are explicitly allowed to interact with. 12:34 Nikita: How can organizations ensure secure access across their systems, especially when managing multiple users and resources?  Orlando: Identity and Access Management governs who can do what in our systems. Individually, authentication verifies identity and authorization grants access. However, managing these processes at scale across countless users and resources becomes a complex challenge. That's where Identity and Access Management, or IAM, comes in. IAM is an overarching framework that centralizes and orchestrates both authentication and authorization, along with other critical functions, to ensure secure and efficient access to resources.  13:23 Lois: And what are the key components and methods that make up a robust IAM system? Orlando: User management, a core component of IAM, provides a centralized Identity Management system for all user accounts and their attributes, ensuring consistency across applications. Key functions include user provisioning and deprovisioning, automating account creation for new users, and timely removal upon departure or role changes. It also covers the full user account lifecycle management, including password policies and account recovery. Lastly, user management often involves directory services integration to unify user information. Access management is about defining access permissions, specifically what actions users can perform and which resources they can access. A common approach is role-based access control, or RBAC, where permissions are assigned to roles and users inherit those permissions by being assigned to roles. For more granular control, policy-based access control allows for rules based on specific attributes. Crucially, access management enforces the principle of least privilege, granting only the minimum necessary access, and supports segregation of duties to prevent conflicts of interest. For authentication, IAM systems support various methods. Single-factor authentication, relying on just one piece of evidence like a password, offers basic security. However, multi-factor authentication significantly boosts security by requiring two or more distinct verification types, such as a password, plus a one-time code. We also have biometric authentication, using unique physical traits and token-based authentication, common for API and web services. 15:33 Lois: Orlando, when it comes to security, it's not just about who can access what, but also about keeping track of it all. How does auditing and reporting maintain compliance? Orlando: Auditing and reporting are essential for security and compliance. This involves tracking user activities, logging all access attempts and permission changes. It's vital for meeting compliance and regulatory requirements, allowing you to generate reports for audits. Auditing also aids in security incident detection by identifying unusual activities and providing data for forensic analysis after an incident. Lastly, it offers performance and usage analytics to help optimize your IAM system.  16:22 Nikita: That was an incredibly informative conversation. Thank you, Sergio and Orlando, for sharing your expertise with us. If you'd like to dive deeper into these concepts, head over to mylearn.oracle.com and search for the Cloud Tech Jumpstart course. Lois: I agree! This was such a great conversation! Don't miss next week's episode, where we'll continue exploring key security concepts to help organizations operate in a scalable, secure, and auditable way. Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 16:56 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.  

Live from Authenticate 2025, Jeff Steadman and Jim McDonald sit down with Dr. Tina Srivastava, an IDPro board member and co-founder of Badge Inc., for a crucial discussion on the rapidly evolving landscape of identity and authentication.Tina shares her insights on the conference, the evolution from physical hacks to sophisticated AI-driven threats like supercharged phishing, and the current challenges facing the industry. The conversation delves into the complexities of synced Passkeys, the critical vulnerability of account recovery processes, and the slow pace of regulation in keeping up with technology.As a board member for IDPro, Tina highlights the immense value of the practitioner-focused community, the supportive culture within its Slack channels, and makes an exciting announcement about the creation of new member-driven committees to shape the future of the organization. They explore the concept of the "AI arms race" and why identity professionals cannot afford to wait for the next big thing, emphasizing that collaboration and information sharing through communities like IDPro are essential to staying ahead of adversaries.Connect with Tina: https://www.linkedin.com/in/tina-s-8291438a/Find out more about IDPro: https://www.idpro.org/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapters00:00 Introduction and Greetings00:16 Highlights from Authenticate 202501:39 FIDO Feud Rematch Discussion03:17 Guest Introduction: Tina Srivastava03:46 Conference Insights and AI Challenges06:16 Regulatory Environment and Passkeys09:11 Phishing and AI Supercharged Attacks12:28 QR Codes and Accessibility Issues13:09 The Importance of Phishing Resistant Authentication22:24 IDPro Community and Practitioner Support25:18 Community Support and Engagement26:26 IDPro's Role in Identity Events27:48 Future Directions for IDPro29:19 Introducing Committees in IDPro30:39 AI and Identity Verification37:07 The Importance of Information Sharing45:35 Public Speaking and Personal Growth50:58 Conclusion and Final ThoughtsKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Tina Srivastava, IDPro, Authenticate 2025, Passkeys, AI, Artificial Intelligence, Cybersecurity, Phishing, Deepfakes, Authentication, Account Recovery, Biometrics, Identity and Access Management, IAM, NIST, Regulation, Identity Verification, Synced Passkeys, FIDO Alliance

This episode is sponsored by HYPR. Visit hypr.com/idac to learn more.In this episode from Authenticate 2025, Jim McDonald and Jeff Steadman are joined by Bojan Simic, Co-Founder and CEO of HYPR, for a sponsored discussion on the evolving landscape of identity and security.Bojan shares his journey from software engineer to cybersecurity leader and dives into the core mission of HYPR: providing fast, consistent, and secure identity controls that complement existing investments. The conversation explores the major themes from the conference, including the push for passkey adoption at scale and the challenge of securely authenticating AI agents.A key focus of the discussion is the concept of "Know Your Employee" (KYE) in a continuous manner, a critical strategy for today's remote and hybrid workforces. Bojan explains how the old paradigm of one-time verification is failing, especially in the face of sophisticated, AI-powered social engineering attacks like those used by Scattered Spider. They discuss the issue of "identity sprawl" across multiple IDPs and why consolidation isn't always the answer. Instead, Bojan advocates for a flexible, best-of-breed approach that provides a consistent authentication experience and leverages existing security tools.Connect with Bojan: https://www.linkedin.com/in/bojansimic/Learn more about HYPR: https://www.hypr.com/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.comChapter Timestamps:00:00 - Introduction at Authenticate 202500:23 - Sponsored Episode Welcome: Bojan Simic, CEO of HYPR01:11 - How Bojan Simic Got into Identity and Cybersecurity02:10 - The Elevator Pitch for HYPR04:03 - The Buzz at Authenticate 2025: Passkeys and Securing AI Agents05:29 - The Trend of Continuous "Know Your Employee" (KYE)07:33 - Is Your MFA Program Enough Anymore?09:44 - Hackers Don't Break In, They Log In: The Scattered Spider Threat11:19 - How AI is Scaling Social Engineering Attacks Globally13:08 - When a Breach Happens, Who's on the Hook? IT, Security, or HR?16:23 - What is the Right Solution for Identity Practitioners?17:05 - The Critical Role of Internal Marketing for Technology Adoption22:27 - The Problem with Identity Sprawl and the Fallacy of IDP Consolidation25:47 - When is it Time to Move On From Your Existing Identity Tools?28:16 - The Role of Document-Based Identity Verification in the Enterprise32:31 - What Makes HYPR's Approach Unique?35:33 - How Do You Measure the Success of an Identity Solution?36:39 - HYPR's Philosophy: Never Leave a User Stranded39:00 - Authentication as a Tier Zero, Always-On Capability40:05 - Is Identity Part of Your Disaster Recovery Plan?41:36 - From the Ring to the C-Suite: Bojan's Past as a Competitive Boxer47:03 - How to Learn More About HYPRKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Bojan Simic, HYPR, Passkeys, Know Your Employee, KYE, Continuous Identity, Identity Verification, Authenticate 2025, Phishing Resistant, Social Engineering, Scattered Spider, AI Security, Identity Sprawl, Passwordless Authentication, FIDO, MFA, IDP Consolidation, Zero Trust, Cybersecurity, IAM, Identity and Access Management, Enterprise Security

In this episode, Jim McDonald and Jeff Steadman are joined by Steve Rennick, Senior Leader for IAM Architecture at Ciena, for a wide-ranging discussion on the most pressing topics in identity today.The conversation kicks off with a practical look at vendor demos, sharing best practices for cutting through the slideware and getting to the heart of a product's capabilities. From there, they dive deep into the complex world of Non-Human Identities (NHI). Steve shares his practitioner's perspective on why NHIs are such a hot topic, the challenges of managing them, and the risks they pose when left unchecked.The discussion covers:Why traditional IAM approaches fail for non-human identities.The importance of visibility and creating a standardized process for NHI creation.The debate around terminology: NHI vs. machine identity vs. service accounts.The reasons for NHI's current prominence, including threat actors shifting focus away from MFA-protected human accounts.Practical, actionable advice for getting a handle on legacy service accounts.The emerging challenge of IAM for AI and the complexities of managing agentic AI.The critical role of authorization and the future of policy-based access control.Whether you're struggling with service account sprawl, preparing for an AI-driven future, or just want to run more effective vendor demos, this episode is packed with valuable insights.Connect with Steve: https://www.linkedin.com/in/steven-rennick/ARIA (Agent Relationship-Based Identity & Authorization) LinkedIn Post from Patrick Parker: https://www.linkedin.com/posts/patrickparker_ai-agent-authorization-activity-7335265428774031360-braE/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comCHAPTER TIMESTAMPS:00:00:10 - Introduction & The Art of the Vendor Demo00:08:02 - Steve Rennick's Take on Vendor Demos00:12:39 - Formal Introduction: Steve Rennick00:14:45 - Recapping the Identiverse Squabble Game Show00:17:22 - The Hot Topic of Non-Human Identities (NHI)00:22:22 - Is NHI a Joke or a Serious Framework?00:26:41 - The Controversy Around the Term "NHI"00:30:24 - How to Simplify NHI for Practitioners00:34:06 - First Steps for Getting a Handle on NHI00:37:20 - Can Active Directory Be a System of Record for NHI?00:45:08 - Why is NHI a Hot Topic Right Now?00:51:19 - The Challenge of Cleaning Up Legacy NHIs00:58:00 - IAM for AI: Managing a New Breed of Identity01:03:33 - The Future is Authorization01:06:22 - The Zero Standing Privilege Debate01:10:39 - Favorite Dinosaurs and OutroKEYWORDS:NHI, Non-Human Identity, Machine Identity, Service Accounts, Vendor Demos, IAM for AI, Agentic AI, Authorization, Zero Trust, Zero Standing Privilege, Secrets Management, IAM Strategy, Cybersecurity, Identity and Access Management, Steve Rennick, Ciena, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

In 2025 identity has become the new (security) perimeter, making identity security attacks a primary threat vector for organisations throughout the region. Threat actors are targeting user credentials and privileged access pathways, moving beyond traditional network-based assaults to exploit identities as the weakest link. This is forcing CISOs to re-evaluate their defence-in-depth strategies, with a pronounced focus on securing privileged access management (PAM) as a critical control point. As organisations adopt zero trust architectures, we are seeing just-in-time and just-enough-access privileges becoming standard practice. But what about the use of AI in identity management?In this PodChats for FutureCISO, we are joined by Nigel Tan, Delinea's director of sales engineering in APAC, shares his views on how is AI altering identity and access management strategies?1.       Before we start, give us the 30-second elevator pitch of who Delinea is.2.       How is AI Redefining Identity and Access Management?3.       Please identify emerging AI-driven IAM use cases in Southeast Asia and Hong Kong? 4.       How do you see Agentic AI potentially changing Privileged Access Management (PAM)?5.       We may have covered this in the earlier questions, what are the cybersecurity risks of AI-Enhanced IAM? Please cite 2025 incidents on the same topic.6.       Efforts are underway to come up with regional regulations around AI use. Can we expect something similar around AI in IAM?7.       Can AI improve IAM for hybrid workforces?8.       You mentioned earlier about identity access rights that have become dormant. What role would GenAI/Agentic AI play in identity lifecycle management?9.       Deepfake cases are growing in Asia. How should CISOs prepare for AI-enabled identity fraud?10.   What skills will security teams need for AI-driven IAM? How about endusers?11.   What is the future of AI in IAM for Southeast Asia and Hong Kong?

In this episode of Security Matters, Chris Schueler, CEO of Cyderes, joins host David Puner for a dive into the evolving challenges of enterprise security. The conversation explores the dangers of privilege creep, the explosion of machine identities, and why accountability at every point of interaction is essential for building resilient teams and systems. Chris shares insights on the risks of unmanaged access, the impact of AI and automation on both defense and attack strategies, and practical advice for CISOs and boards on managing identity risk while enabling business transformation. Whether you're a security leader, practitioner, or simply interested in the future of cybersecurity, this episode delivers actionable guidance and fresh perspectives on safeguarding your organization's reputation, continuity, and trust.

Send us a textArt Poghosyan shares his journey from IT security consultant to CEO of Britive, a cloud-native identity and access management company. His experience during economic downturns shaped his understanding of how cybersecurity services remain resilient through various market cycles.• Started in IT security right after completing a master's in technology risk management• Worked with early IAM solutions including LDAP directories, SSO, and authentication systems• Founded Advanced Technology Solutions focusing on IAM implementation services• Identified growing challenges with traditional IAM solutions in cloud environments• Created Britive to address cloud-native identity management challenges• Witnessed explosion of machine identities in cloud environments creating security risks• Now focused on securing new identity types including AI and agentic identities• Cybersecurity consulting proves relatively recession-proof as security needs persist in both growth and contraction• Capital One AWS breach highlighted risks of excessive privileges in cloud environments• Current focus includes securing agent-to-agent interactions in AI systemsConnect with Art on LinkedIn or email him at art@britive.com to learn more about Britive's solutions for cloud and AI identity challenges. 

Send us a textReady to master the critical domain of Identity and Access Management for your CISSP exam? This comprehensive rapid review demystifies Domain 5, which accounts for 13% of all exam questions—knowledge you absolutely cannot skip.Dive deep into the fundamentals as we explore controlling physical and logical access to assets—from information systems to facilities. Discover how properly implemented controls protect your most sensitive data through classification, encryption, and permissions. As one cybersecurity veteran wisely notes, "It's all about the data," and this episode equips you with the frameworks to protect it.The podcast meticulously unpacks identity management implementation, breaking down authentication types, session management, and credential systems. You'll grasp the differences between single-factor and multi-factor authentication and understand why accountability through proper logging and auditing is non-negotiable in today's security landscape.We explore deployment models that fit various organizational needs—from on-premise solutions offering complete control to cloud-based options providing scalability, along with the increasingly popular hybrid approach. The episode clarifies authorization mechanisms including role-based access control (RBAC), rule-based access control, mandatory access controls (MAC), and discretionary access controls (DAC)—essential knowledge for implementing proper security boundaries.Particularly valuable is our breakdown of authentication systems and protocols—OAuth, OpenID Connect, SAML, Kerberos, RADIUS, and TACACS+—demystifying their purposes and applications in real-world scenarios. Whether you're a seasoned security professional or preparing for your certification, this episode delivers the practical knowledge you need.Ready to accelerate your CISSP journey? Visit CISSPcybertraining.com for free resources including podcasts, study plans, and 360 practice questions—plus premium content with over 50 hours of focused training. This episode isn't just exam prep; it's a masterclass in identity and access management principles you'll apply throughout your cybersecurity career.Support the showGain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

In the near future, less than 10% of access will come from humans, the rest will be agents? What happens when your next user isn't human? In this episode of the #ZeroToInfinity podcast, Pranay Desai sits down with Satya Devarakonda and Ravi Madabhushi, founders of ScaleKit, to decode a fundamental shift in software: the rise of agents as first-class users. Humans log in and out with predictable patterns. Agents are transient, transactional, and unpredictable, hitting systems hundreds of times a minute. ScaleKit's modular approach is built for this new reality, where AI agents, not humans, dominate usage. Satya and Ravi bring rare scar tissue and foresight. From PipeMog in 2013, to FreshID at Freshworks, to now ScaleKit, they've spent a decade solving identity and access at scale, and are rethinking it for an agent-first world. The duo also shares what it means to build again as second-time founders: why distribution matters more than product, what they've unlearned from Freshworks, and how agents are evolving from assistants into colleagues who accelerate productivity.

This episode is sponsored by P0 Security. Visit p0.dev/idac to learn why P0 is the easiest and fastest way to implement just-in-time, short-lived, and auditable access to your entire infrastructure stack, like servers, databases, Kubernetes clusters, cloud consoles, and cloud services, for users as well as non-human identities.In this sponsor spotlight episode, Jim and Jeff are joined by Shashwat Sehgal, CEO and founder of P0 Security, to discuss the evolving challenges of privileged access management in modern, cloud-native environments. Shashwat explains how traditional PAM solutions often create friction for developers, leading to over-provisioning and security risks, and how P0 is tackling this problem with a developer-first, just in time (JIT) access model. The conversation covers the core problems with developer productivity, how P0's use of technologies like eBPF provides deep visibility and control without agents, the "Priority Zero" philosophy, and how a JIT approach simplifies audits and compliance. They also discuss the competitive landscape and what sets P0 Security apart from traditional and open-source solutions.Learn more about P0: https://www.p0.dev/idacConnect with Shashwat: https://www.linkedin.com/in/shashwatsehgal/Chapter Timestamps:00:00 - Podcast Intro00:29 - Sponsor Introduction: P0 Security01:38 - What is the problem P0 Security is trying to solve?03:52 - Defining "Just-in-Time" (JIT) Access06:21 - The challenge with traditional PAM for developers08:23 - How P0 provides access without agents using eBPF12:15 - What does the user experience look like?15:58 - Supporting various infrastructure and access protocols19:15 - How does P0 handle session recording and auditing?22:20 - Is this a replacement for Privileged Access Management (PAM)?26:40 - The story behind the name P0 Security29:20 - Who is the ideal customer for P0?33:15 - Handling break-glass scenarios36:04 - Discussing the competitive landscape42:30 - How is P0 deployed? (Cloud vs. On-prem)46:50 - The future of P0 and the "Priority Zero" philosophy50:32 - Final thoughts: "Access is our priority zero."Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:P0 Security, Shashwat Sagal, Privileged Access Management, PAM, Just-in-Time Access, JIT, Developer Security, Cloud-Native Security, Hybrid Cloud, eBPF, Kubernetes, IAM, Identity and Access Management, Cybersecurity, Zero Trust, Ephemeral Access, Developer Experience, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

At Black Hat 2025, Sean Martin sits down with Ofir Stein, CTO and Co-Founder of Apono, to discuss the pressing challenges of identity and access management in today's hybrid, AI-driven environments. Stein's background in technology infrastructure and DevOps, paired with his co-founder's deep cybersecurity expertise, positions the company to address one of the most common yet critical problems in enterprise security: how to secure permissions without slowing the pace of business.Organizations often face a tug-of-war between security teams seeking to minimize risk and engineering or business units pushing for rapid access to systems. Stein explains that traditional approaches to access control — where permissions are either always on or granted through manual processes — create friction and risk. Over-provisioned accounts become prime targets for attackers, while delayed access slows innovation.Apono addresses this through a Zero Standing Privilege approach, where no user — human or non-human — retains permanent permissions. Instead, access is dynamically granted based on business context and automatically revoked when no longer needed. This ensures engineers and systems get the right access at the right time, without exposing unnecessary attack surfaces.The platform integrates seamlessly with existing identity providers, governance systems, and IT workflows, allowing organizations to centralize visibility and control without replacing existing tools. Dynamic, context-based policies replace static rules, enabling access that adapts to changing conditions, including the unpredictable needs of AI agents and automated workflows.Stein also highlights continuous discovery and anomaly detection capabilities, enabling organizations to see and act on changes in privilege usage in real time. By coupling visibility with automated policy enforcement, organizations can not only identify over-privileged accounts but also remediate them immediately — avoiding the cycle of one-off audits followed by privilege creep.The result is a solution that scales with modern enterprise needs, reduces risk, and empowers both security teams and end users. As Stein notes, giving engineers control over their own access — including the ability to revoke it — fosters a culture of shared responsibility for security, rather than one of gatekeeping.Learn more about Apono: https://itspm.ag/apono-1034Note: This story contains promotional content. Learn more.Guest:Ofir Stein, CTO and Co-Founder of Apono | On LinkedIn: https://www.linkedin.com/in/ofir-stein/ResourcesLearn more and catch more stories from Apono: https://www.itspmagazine.com/directory/aponoLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, ofir stein, apono, zero standing privilege, access management, identity security, privilege creep, just in time access, ai security, governance, cloud security, black hat, black hat usa 2025, cybersecurity, permissions

Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple. In this episode of Apple @ Work, Sergio Sousa and Alcyr Araujo join the show to discuss the challenges small businesses face with access control and management for apps and services, and why they launched AccessMule. Show Notes SMB Survey on Access Management Listen and subscribe Apple Podcasts Overcast Spotify Pocket Casts Castro RSS Listen to Past Episodes

This episode is sponsored by Natoma. Visit https://www.natoma.id/ to learn more.Join Jeff from the IDAC Podcast as he dives into a deep conversation with Paresh Bhaya, the co-founder of Natoma. In this sponsored episode, Paresh shares his journey into the identity space, discusses how Natoma helps enterprises accelerate AI adoption without compromising security, and provides insights into the rising importance of MCP and A2A protocols. Learn about the challenges and opportunities at the intersection of AI and security, the importance of dynamic access controls, and the significance of ensuring proper authentication and authorization in the growing world of agentic AI. Paresh also delights us with his memorable hike up Mount Whitney. Don't miss out!00:00 Introduction and Sponsor Announcement00:34 Guest Introduction: Paresh Bhaya from Natoma01:14 Paresh's Journey into Identity04:04 Natoma's Mission and AI Security06:25 The Story Behind Natoma's Name09:29 Natoma's Unique Approach to AI Security18:32 Understanding MCP and A2A Protocols25:20 Community Development and Adoption25:56 Agent Interactions and Security Challenges27:19 Navigating Product Development29:17 Ensuring Secure Connections36:10 Deploying and Managing MCP Servers42:40 Shadow AI and Governance44:17 Personal Anecdotes and ConclusionConnect with Paresh: https://www.linkedin.com/in/paresh-bhaya/Learn more about Natoma: https://www.natoma.id/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Natoma, Paresh Bhaya, Artificial Intelligence, AI, AI Security, Identity and Access Management, IAM, Enterprise Security, AI Adoption, Technology, Innovation, Cybersecurity, Machine Learning, AI Risks, Secure AI, #idac

In this episode of Identity at the Center, recorded live from Identiverse 2025 in Las Vegas, Jim McDonald and Jeff Steadman are joined by special guests Diane Vicezar and Arynn Crow. Diane is a recent recipient of the Digital Identity Advancement Foundation's (DIAF) prestigious Kim Cameron Award, and Arynn is the Director of Governance and Transparency for DIAF.Join us for a conversation about breaking into the identity and access management (IAM) industry. Diane shares her journey from a college intern at Microsoft to a full-time employee in the identity space, and what her experience has been like as a first-time attendee at Identiverse. Arynn provides valuable insights into the mission of DIAF, which aims to make professional development in identity more accessible through merit-based awards like the Kim Cameron Award for newcomers and the Victoria O'Connor Award for established professionals.The group discusses the critical question of how the industry can attract new talent. Do people choose a career in identity, or does it choose them? They explore the importance of outreach to universities, the power of social media, and reframing the narrative around identity to focus on its mission-driven impact on society. From career ceilings and the role of AI to favorite conference sessions and hallway conversations, this episode is packed with insights for both seasoned professionals and those just starting their identity journey.Chapter Timestamps00:00:10 - Welcome to Identiverse 202500:02:21 - Introducing Diane Vicezar and Arynn Crow00:03:00 - What is the Digital Identity Advancement Foundation (DIAF)?00:05:33 - Diane's Experience as a Kim Cameron Award Winner00:07:26 - The Legacy of Kim Cameron and Vittorio Bertocci00:10:17 - How Did You Get Into Identity?00:12:08 - How to Attract New Talent to the Identity Industry00:16:51 - Reframing the Conversation Around Identity's Mission00:20:27 - Is There a Career Ceiling in Identity?00:22:34 - Advice for Those Starting Their Career in Identity00:27:10 - The Future of AI in the Identity Industry00:28:32 - Favorite Sessions at Identiverse 202500:34:15 - If You Were a Potato, How Would You Be Prepared?00:36:20 - Closing RemarksConnect with Diana: https://www.linkedin.com/in/dianavicezar/Connect with Arynn: https://www.linkedin.com/in/arynn-crow-821761103/Learn more about the Digital Identity Advancement Foundation: https://digitalidadvancement.org/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Diane Vicezar, Arynn Crow, Digital Identity Advancement Foundation, DIAF, Kim Cameron Award, Identiverse 2025, Identity and Access Management, IAM, Career in Identity, Cybersecurity, Professional Development, Women in Identity, Identity Industry, Microsoft, AI in Identity, FIDO, Passkeys, Verifiable CredentialsHashtags#idac #Identiverse #DigitalIdentity #IAM #Cybersecurity #CareerDevelopment #WomenInTech #DIAF #KimCameronAward

RKON Chief Revenue Officer, Brian Jeffords, sits down with Chief Information Security Officer, Gerard Onorato, and Director of IAM & Zero Trust, Duane Clouse, to unpack how organizations are navigating the growing complexity of Identity and Access Management. Together, they explore the challenges of managing identities across hybrid environments, diverse tools, and expanding user types—while addressing mounting regulatory pressure, evolving cyber threats, and the accelerating pace of technology.

This episode is sponsored by Trusona. Visit trusona.com/idac to learn more.In this episode of the Identity of the Center podcast, Jeff and Jim discuss identity verification challenges with Ori Eisen, the founder and CEO of Trusona. The conversation explores the problems surrounding help desk authentication and how Trusona's new product, ATO Protect, aims to address these issues by confirming caller identities, even in scenarios involving social engineering and advanced AI threats. Ori explains the technology behind document scanning, data triangulation, and geolocation to validate identities. The episode also includes an intriguing hack challenge for listeners to test the robustness of Trusona's solutions. Check out the detailed demo on Trusona's website and join the challenge!Timestamps00:00 Introduction and Episode Excitement01:16 Introducing the Guest: Ori Eisen from Trusona02:11 The Problem with Passwordless Authentication03:53 The Rise of Gen AI and Its Impact on Security04:51 Understanding ATO Protect and Its Importance16:10 How ATO Protect Works: A Step-by-Step Guide27:51 The Puppeteering Scam Unveiled28:24 Fingerprinting the Fraudsters29:11 Real-Time Fraud Detection Demo29:42 Challenges in Penetration Testing30:08 Combating Man-in-the-Middle Attacks30:41 The Ultimate Security Challenge33:44 Verifying Caller Identity41:24 Future Threats in Cybersecurity42:10 AI: The Double-Edged Sword49:08 Issuing the Hack Challenge52:45 Conclusion and Final ThoughtsConnect with Ori: https://www.linkedin.com/in/orieisen/Learn more about Trusona: https://www.trusona.com/idacConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Trusona, Ori Eisen, Identity Verification, Help Desk Security, Service Desk, Passwordless, Authentication, KBA, Knowledge-Based Authentication, Cybersecurity, Identity and Access Management, IAM, Multi-Factor Authentication, MFA, Zero Trust, Identity Proofing#IDAC #Trusona #Passwordless #Cybersecurity #IdentityManagement #HelpDesk #ZeroTrust

Andrej Safundzic, Gründer von Lumos, spricht mit Mike Mahlkow über seinen beeindruckenden Weg von Social Enterprises in Uganda über die deutsche Bundesregierung bis hin zum Silicon Valley. Mit 65 Millionen Dollar Funding baut er heute eine der innovativsten Cyber-Security-Lösungen. Andrej teilt tiefe Einblicke in die Zukunft der Cyber-Security, die Bedeutung von AI-Agents und warum Deutschland der beste zweite Standort für Tech-Unternehmen werden sollte. Was du lernst: Von Deutschland in die Welt: Wie Andrej erst Social Enterprises in Uganda gründete Warum er Tech4Germany aufbaute und vom Bundeskanzleramt übernommen wurde Cyber-Security und AI: Warum Identity & Access Management durch AI-Agents wichtiger wird Wie sich Cyber-Angriffe durch Voice-AI und Social Engineering verändern Deutschland vs. Silicon Valley: Warum Deutschland der beste zweite Standort für Tech-Unternehmen werden sollte Die Bedeutung von Qualität und Nachhaltigkeit im deutschen Markt Story-Led Companies: Wie Lumos durch eine klare Vision und Story Mitarbeiter begeistert Warum Cyber-Security der neue "Polizist" der digitalen Welt ist AI-Transformation: Wie Unternehmen sich auf die AI-Revolution vorbereiten sollten Die Bedeutung von frühem Experimentieren mit neuen Technologien ALLES ZU UNICORN BAKERY: https://zez.am/unicornbakery  Mehr zu Andrej: LinkedIn: https://www.linkedin.com/in/andrejsafundzic/  Website: https://www.lumos.com/  Mehr zum Co-Host Mike: LinkedIn: https://www.linkedin.com/in/mikemahlkow/  Website: https://fastgen.com Join our Founder Tactics Newsletter: 2x die Woche bekommst du die Taktiken der besten Gründer der Welt direkt ins Postfach: https://www.tactics.unicornbakery.de/  Kapitel: (00:00:00) Wer ist Andrej Safundzic? (00:01:17) Warum gründet man ein Startup in Uganda? (00:03:36) Vom Bundeskanzleramt gekauft (00:11:27) Von Deutschland in die USA: Warum San Francisco? (00:21:30) Die Gefahr von Voice-Agents & Cyber-Angriffen (00:29:52) Bis zu welcher Gefahr deckt Lumos die Sicherheit ab? (00:36:00) Die nächste Stufe der Sicherheit (00:40:33) Lumos als Story-led Company

Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple. In this episode of Apple @ Work, I talk with David Faugno from 1Password about the company's recent announcements at RSAC. Links 1Password Introduces Agentic AI Security for the Next Era of Enterprise Automation 1Password and Drata's Strategic Partnership Closes the Access-Trust Gap with Unified Security and Compliance 1Password Delivers the Next Generation of Access Security with New Extended Access Management Platform Capabilities Listen and subscribe Apple Podcasts Overcast Spotify Pocket Casts Castro RSS Listen to Past Episodes

AI is reshaping cybersecurity as we know it. From sophisticated AI-driven phishing attacks to the amplified risk of insider threats using tools like Copilot, the landscape is shifting at an unprecedented pace. How can security leaders and practitioners adapt?Join Ashish Rajan and Matthew Radolec (Varonis) as they explore the critical challenges and opportunities AI presents. Learn why 86% of attacks involve credential misuse and how AI agents are making it easier than ever for non-technical insiders to exfiltrate data.In this episode, you'll learn about:The "Blast Radius": How AI tools can dramatically increase data exposure.From "Breaking In" to "Logging In": The dominance of credential-based attacks.AI-Powered Social Engineering: The rise of "conversational bait".Copilot Use Cases & "Aha!" MomentsData Integrity in AI: The critical, overlooked pillar of AI security.The Enduring Importance of Access Management in an AI World.Transforming Security Operations: AI for incident response, playbooks, and forensics.Guest Socials - ⁠Matt's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Cybersecurity PodcastQuestions asked:(00:00) Introduction(01:57) New Threat Landscape in Cloud & AI(08:08) Use cases for regulated industries(10:03) Impact of Agentic AI in the cybersecurity space(12:22) Blind spots of going into AI(18:06) Shared responsibility for LLM providers(20:56) Lifting up security programs for AI(27:82) How is incident response changing with AI?(29:30) Cybersecurity areas that will be most impacted by AI(34:43) The Fun SectionThank you to our episode sponsor Varonis

Wer darf eigentlich was? Und sollten wir alle wirklich alles dürfen?Jedes Tech-Projekt beginnt mit einer simplen Frage: Wer darf eigentlich was? Doch spätestens wenn das Startup wächst, Kunden Compliance fordern oder der erste Praktikant an die Produktionsdatenbank rührt, wird Role Based Access Control (RBAC) plötzlich zur Überlebensfrage – und wer das Thema unterschätzt, hat schnell die Rechtehölle am Hals.In dieser Folge nehmen wir das altbekannte Konzept der rollenbasierten Zugriffskontrolle auseinander. wir klären, welches Problem RBAC eigentlich ganz konkret löst, warum sich hinter den harmlosen Checkboxen viel technische Tiefe und organisatorisches Drama verbirgt und weshalb RBAC nicht gleich RBAC ist.Dabei liefern wir dir Praxis-Insights: Wie setzen Grafana, Sentry, Elasticsearch, OpenSearch oder Tracing-Tools wie Jäger dieses Rechtekonzept um? Wo liegen die Fallstricke in komplexen, mehrmandantenfähigen Systemen?Ob du endlich verstehen willst, warum RBAC, ABAC (Attribute-Based), ReBAC (Relationship-Based) und Policy Engines mehr als nur Buzzwords sind oder wissen möchtest, wie du Policies, Edge Cases und Constraints in den Griff bekommst, darum geht es in diesem Deep Dives.Auch mit dabei: Open Source-Highlights wie Casbin, SpiceDB, OpenFGA und OPA und echte Projekt- und Startup-Tipps für pragmatischen Start und spätere Skalierung.Bonus: Ein Märchen mit Kevin und Max, wo auch manchmal der Praktikant trotzdem gegen den Admin gewinnt

In this episode of Identity at the Center, Jeff Steadman and Jim McDonald are joined by Alejandro Leal, Senior Analyst at KuppingerCole, live from the EIC 2025 stage in Berlin, Germany.Alejandro delves into the critical distinctions between misinformation and disinformation, exploring their historical context and how they manifest in today's technological landscape, particularly within social media and legacy media. He discusses the intent behind disinformation, often aimed at creating chaos or confusion, versus misinformation, which can be an unintentional spread of false or inaccurate information.Chapters:00:00:00 Defining Misinformation vs. Disinformation & Historical Context00:02:00 Introduction at EIC 2025 & Guest Welcome00:06:14 The Role of Intent, Generative AI, and Countermeasures00:12:15 Impact of Mis/Disinformation on Business, Politics, and Philosophy00:16:02 How Mis/Disinformation Intersects with Identity Management00:18:07 Balancing Anonymity, Privacy, and Truthful Content Online00:23:09 Connecting to Digital Identity, Verification, and Potential Solutions (AI Labeling, VCs)00:26:45 AI Guardrails, Free Speech vs. Hate Speech, and Authenticity00:29:24 Worst-Case Scenarios and the Global Impact of Mis/Disinformation00:31:24 Actionable Advice: Responsibility and Critical Thinking00:35:38 Book Recommendation: "The Question Concerning Technology"00:39:31 Wrapping Up and Final ThoughtsConnect with Alejandro: https://www.linkedin.com/in/alejandro-leal-a127bb153/The Question Concerning Technology (essay): https://bpb-us-e2.wpmucdn.com/sites.uci.edu/dist/a/3282/files/2018/01/Heidegger_TheQuestionConcerningTechnology.pdfConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Alejandro Leal, KuppingerCole, EIC 2025, Misinformation, Disinformation, Identity and Access Management, IAM, Digital Identity, Cybersecurity, Tech Podcast, Technology Ethics, Generative AI, AI Ethics, Truth in Media, Social Media Responsibility, Privacy Rights, Verifiable Credentials, Critical Thinking Skills, Fake News, Online Safety, Political Disinformation, Business Reputation, Philosophical Tech Discussions, Martin Heidegger, The Question Concerning Technology.

In this episode of Identity at the Center, hosts Jeff Steadman and Jim McDonald are joined by Jerome Thorstenson, IAM Architect with Salling Group, live from EIC 2025 in Berlin! Jerome shares his insights on B2B identity, the challenges of managing access for a complex supply chain, and the importance of an identity-first approach.Discover how Salling Group, operating major labels like Target and Starbucks, handles identity for thousands of employees and external partners. Jerome dives into the complexities of balancing security, user experience, and the practicalities of implementing IGA and ABAC.From navigating the challenges of data quality and high employee turnover to the nuances of transitioning between IGA systems, this episode offers valuable insights for identity practitioners.Chapter Timestamps:00:00:00 - B2B Identity Challenges00:02:14 - Welcome to Identity at the Center from EIC 202500:04:14 - Jerome's Journey into Identity00:05:19 - Salling Group Overview00:06:57 - Securing B2B - Jerome's Presentation00:10:54 - Controlling Access in B2B00:11:41 - Identity as a Product00:14:51 - The Role of the IAM Practitioner00:16:31 - ABAC as a Game Changer00:21:00 - Language Considerations in a European Context00:22:33 - Employee Turnover Challenges00:25:07 - IGA Implementation Insights00:29:28 - Identity Fabric Discussion00:31:21 - Jerome's Caribbean Background00:34:06 - Wrap-up and Contact InformationConnect with Jerome: https://www.linkedin.com/in/jetdk/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, EIC 2025, B2B Identity, Identity First Security, IAM, Identity and Access Management, Supply Chain Security, IGA, ABAC, Attribute-Based Access Control, Role-Based Access Control, Identity Fabric, Digital Identity, Cybersecurity, Data Quality, Employee Turnover, Caribbean

Azure AD is one of the most versatile directory services on the market. To help organizations maximize its capabilities, Azure IAM is offering Azure AD system design consulting for both private and public entities. Learn more at https://azureiam.com/ Azure IAM, LLC City: Sterling Address: P. O. Box 650685 Website: https://azureiam.com

As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how employees access sensitive business data. In this episode of Security Weekly, Jeff Shiner, CEO of 1Password, joins us to discuss the future of access management and how organizations must move beyond traditional IAM and MDM solutions. He'll explore the need for Extended Access Management, a modern approach that ensures every identity is authentic, every device is healthy, and every application sign-in is secure, including the unmanaged ones. Tune in to learn how security teams can bridge the Access-Trust Gap while empowering employees with frictionless security. In this topic segment, we discuss the most interesting insights from the 2025 edition of Verizon's DBIR. You can grab your own copy of the report at https://verizon.com/dbir In this week's enterprise security news, Lots of funding announcements as we approach RSA New products The M-Trends also rudely dropped their report the same day as Verizon Supply chain threats Windows Recall is making another attempt MCP server challenges Non-human identities A startup post mortem Remember that Zoom outage a week or two ago? The cause is VERY interesting All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-404

As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how employees access sensitive business data. In this episode of Security Weekly, Jeff Shiner, CEO of 1Password, joins us to discuss the future of access management and how organizations must move beyond traditional IAM and MDM solutions. He'll explore the need for Extended Access Management, a modern approach that ensures every identity is authentic, every device is healthy, and every application sign-in is secure, including the unmanaged ones. Tune in to learn how security teams can bridge the Access-Trust Gap while empowering employees with frictionless security. In this topic segment, we discuss the most interesting insights from the 2025 edition of Verizon's DBIR. You can grab your own copy of the report at https://verizon.com/dbir In this week's enterprise security news, Lots of funding announcements as we approach RSA New products The M-Trends also rudely dropped their report the same day as Verizon Supply chain threats Windows Recall is making another attempt MCP server challenges Non-human identities A startup post mortem Remember that Zoom outage a week or two ago? The cause is VERY interesting All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-404

As organizations embrace hybrid work, SaaS sprawl, and employee-owned devices, traditional Identity and Access Management (IAM) tools are failing to keep up. The rise of shadow IT, unmanaged applications, and evolving cyber threats have created an "Access-Trust Gap", a critical security challenge where IT lacks visibility and control over how employees access sensitive business data. In this episode of Security Weekly, Jeff Shiner, CEO of 1Password, joins us to discuss the future of access management and how organizations must move beyond traditional IAM and MDM solutions. He'll explore the need for Extended Access Management, a modern approach that ensures every identity is authentic, every device is healthy, and every application sign-in is secure, including the unmanaged ones. Tune in to learn how security teams can bridge the Access-Trust Gap while empowering employees with frictionless security. Show Notes: https://securityweekly.com/esw-404

Join AI Jeff and AI Jim on 'Identity at the Center' as they explore the most outrageous and entertaining innovations in identity and access management (IAM) for this special April Fools' episode. From 'Identity at the Center - After Dark' on Diz-Prime-flix to the rise of 'Carrier Pigeon Authentication,' this episode promises a wild ride through the absurdities of digital identity. Don't miss highlights like toaster authentication challenges, karaoke biometric logins, and the surreal 'Session_Expired' club experience. Stay secure and get ready to laugh out loud with the most bizarre IAM content you've ever seen!Chapters00:00:00 Welcome & Introduction00:01:00 Special Announcement: 'Identity at the Center - After Dark' on Diz-Prime-flix00:02:00 News: Biometric Authentication Requires Singing Karaoke00:03:00 Sponsor: SonataSecure - Musical Authentication00:04:00 Sponsor: WhisperGuard - Secure Messaging with AuraScan00:05:00 News: Identity Management Replaced by Carrier Pigeons & Caffeine Level Access Control00:06:00 Sponsor: Fortress of Fabulousness Firewall00:07:00 Sponsor: Zeus's Zero Trust Zenith00:08:00 News: Digital Certificates Require Imaginary Friend Permission & Interpretive Dance Passphrases00:09:00 Sponsor: EgoSphere - Decentralized Identity Platform00:10:00 Sponsor: RoleRescue - Rehabilitate RBAC Systems00:11:00 News: Sentient Corporate Directory 'Dirk' Playing Matchmaker00:12:00 Sponsor: Omni-Identity Nexus - Transdimensional Identity00:13:00 Sponsor: Packet Politeness Protocol00:14:00 News: Principle of Extreme Least Privilege (PELP) & Spirit Animal Check Authentication00:15:00 Sponsor: The Sentient Security Snail00:16:00 News: Quantum Entanglement Authentication & PAM Crowns00:17:00 News: Mandatory Offboarding Serenades00:18:00 Sponsor: AccessStream & Permission Patrol00:19:00 Sponsor: The Great Identity Governance Swamp Romp Webinar00:20:00 News: Fortune Cookie Authentication & Jim's Consciousness Theory00:21:00 City Correspondent Tyler: Session_Expired Club Entry Requirements00:22:00 City Correspondent Tyler: Explaining Human SAML Assertions00:23:00 City Correspondent Tyler: Human SAML Assertions & Club Details00:24:00 City Correspondent Tyler: Session_Expired Club Summary00:25:00 Closing Remarks & OutroConnect with us on LinkedIn:Real Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Real Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords: Identity and Access Management, digital identity, cybersecurity, AI Jeff, AI Jim, alternative realities, IAM news, April Fool's.

In this interview, we feature some research from Geoff Cairns, an analyst at Forrester Research. This is a preview to the talk he'll be giving at Identiverse 2025 in a few months. We won't have time to cover all the trends, but there are several here that I'm excited to discuss! Deepfake Detection Difficult Zero Trust Agentic AI Phishing resistant MFA adoption Identity Verification Machine Identity Decentralized Identity Post Quantum Shared Signals Segment Resources: The Top Trends Shaping Identity And Access Management In 2025 - (Forrester subscription required) Show Notes: https://securityweekly.com/esw-400

This week, we discuss Apple's AI struggles, the never-ending access management puzzle, and the latest Kubernetes vulnerability. Plus, let's not kill the fun of Vibe Coding. Watch the YouTube Live Recording of Episode (https://www.youtube.com/watch?v=dWt6XwV18v4) 512 (https://www.youtube.com/watch?v=dWt6XwV18v4) Runner-up Titles It's either this or Chips Break glass I'm just making the worst soup Everybody loves a quokka They shipped the product, nobody used it We're at 95% of setting timers Enterprise software fixes everything Vibecoding for Dummies is already in print (not really) Keep Vibe Coding Pure By making it better, you are making it worse I sold high, bought low and it's still low Rundown Apple Media “clutching their pearls” Apple puts the Vision Pro guy in charge of Siri (https://www.theverge.com/news/633358/apple-replace-siri-leader-john-giannandrea) Something Is Rotten in the State of Cupertino (https://daringfireball.net/2025/03/something_is_rotten_in_the_state_of_cupertino?ref=sidebar) Access Management has taken over The Trump Administration Accidentally Texted Me Its War Plans (https://www.theatlantic.com/politics/archive/2025/03/trump-administration-accidentally-texted-me-its-war-plans/682151/) Hegseth Disclosed Secret War Plans in a Group Chat (https://www.nytimes.com/2025/03/24/us/politics/hegseth-classified-war-plans-group-chat.html) Remote Code Execution Vulnerabilities in Ingress NGINX (https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities) Nvidia Nvidia CEO stops by Denny's food truck to eat and serve Nvidia Breakfast Bytes (https://www.tomshardware.com/tech-industry/nvidia-ceo-stops-by-dennys-food-truck-to-eat-and-serve-nvidia-breakfast-bytes-before-gtc-2025) GTC AI Conference 2025 (https://www.nvidia.com/gtc/) Vibe Coding Not all AI-assisted programming is vibe coding (but vibe coding rocks) (https://simonwillison.net/2025/Mar/19/vibe-coding/) The Vibe Coding Handbook (https://itrevolution.com/product/vibe-coding-handbook/) Relevant to your Interests Tech worker found guilty of sabotaging company's systems (https://ia.acs.org.au/article/2025/tech-worker-found-guilty-of-sabotaging-company-s-systems.html?ref=newsletter&deliveryName=DM25608) SoftBank Group to Acquire Ampere Computing (https://group.softbank/en/news/press/20250320) Backstage is dominating the developer portal market (https://newsletter.getdx.com/p/backstage-and-the-developer-portal-market) Clouded Judgement 3.21.25 - M&A Roars Back (https://cloudedjudgement.substack.com/p/clouded-judgement-32125-m-and-a-roars?utm_source=post-email-title&publication_id=56878&post_id=159514016&utm_campaign=email-post-title&isFreemail=true&r=2l9&triedRedirect=true&utm_medium=email) ‘Forced Joy' Is a Miserable Corporate Trend (https://www.bloomberg.com/opinion/articles/2025-03-12/starbucks-tiffany-and-alphabet-make-forced-fun-part-of-the-job) Nonsense Office Space - Joanna - Your Flair (https://www.youtube.com/watch?v=_ChQK8j6so8) 'I made the world's worst keyboard': This YouTuber's homemade board has over 1,000 keys and types in words, not letters (https://www.pcgamer.com/hardware/gaming-keyboards/i-made-the-worlds-worst-keyboard-this-youtubers-homemade-board-has-over-1-000-keys-and-types-in-words-not-letters/) Mac - Lumon Terminal Pro (https://www.apple.com/mac/lumon-terminal-pro/) Conferences KubeCon EU (https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/), April 1-4, London. DevOps Days Atlanta (https://devopsdays.org/events/2025-atlanta/welcome/), April 29-30 Cloud Foundry Day US (https://events.linuxfoundation.org/cloud-foundry-day-north-america/), May 14th, Palo Alto, CA NDC Oslo (https://ndcoslo.com/), May 21-23, Coté speaking. SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: Perform quick actions on iPhone (https://support.apple.com/guide/iphone/perform-quick-actions-iphcc8f419db/ios) Matt: Audio Hijack Transcribe (https://rogueamoeba.com/support/manuals/audiohijack/?page=transcribe) Photo Credits Header (https://unsplash.com/photos/a-couple-of-skunks-that-are-standing-in-the-dirt-C22fvvBcCBY) Artwork (https://unsplash.com/photos/green-and-black-digital-device-yqLrqIsl294)

In this episode of Behind the Deal, Imprivata CEO Fran Rosch shares how the company is revolutionizing access to critical healthcare systems with its cutting-edge security solutions. As a leader in cybersecurity for hospitals and health systems, Imprivata specializes in Access Management for shared device ecosystems, as well as streamlining and securing access for professionals in critical environments (like Healthcare). Thoma Bravo Managing Partner Scott Crabill and Imprivata CEO Fran Rosch delve into the challenges in the cybersecurity space, future milestones Imprivata has its eyes on, and its mission to enhance protection for its customers worldwide — making access to critical information simple, secure, and seamless. For more information on Thoma Bravo's Behind the Deal, visit https://www.thomabravo.com/behindthedeal Learn more about Thoma Bravo: https://www.thomabravo.com/ Visit Imprivata's website: https://www.imprivata.com/  To learn more about listener data and our privacy practices visit: https://www.audacyinc.com/privacy-policy Learn more about your ad choices. Visit https://podcastchoices.com/adchoices

Arthur Bigeard shares his journey from a passion project to a thriving business, turning a side hustle into a full-time venture. He discusses the long-term mindset behind building scalable software, the lessons learned from working at Morgan Stanley, and the strategic decisions that helped shape g.v, a graph database client. Tune in for insights on entrepreneurship, tech evolution, and making the leap into the unknown!About our speaker: Arthur Bigeard is the founder at gdotv, a universal, plug-and-play graph database client to simplify & accelerate the day-to-day tasks of graph database users. He started this project following a 10 years long cyber security career, specialising in Identity & Access Management and cryptographic solutions.

In this episode of the Identity as a Center podcast, Jeff and Jim interview Andrew Cameron, Technical Fellow in Identity and Access Management at General Motors. The discussion covers the importance of speed and security in mission-critical automotive applications, the evolution and impact of identity standards, and the integration of modern identity solutions in vehicles. Andrew also shares insights on the challenges of customer identity management, the complexity of B2B environments, and the role of AI in the future of identity. The conversation touches on GM's move towards passkeys, the centralized management of customer profiles, and the rise of car accounts.Chapters00:00 Introduction to Mission-Critical Identity02:03 Welcome to the Identity as a Center Podcast02:20 The Value of IDPro Membership06:18 Upcoming Conferences and Discount Codes11:39 Introducing Andrew Cameron from General Motors12:26 Andrew Cameron's Journey in Identity17:22 The Evolution of Identity Standards19:09 Adopting Passwordless Authentication at GM23:10 Challenges and Benefits of Passwordless Adoption24:55 Role and Responsibilities of a Technical Fellow28:32 Customer Identity Management at GM30:00 Establishing a Scalable Authentication Platform31:09 Centralizing Profile Information32:05 Challenges and Benefits of Centralized Profiles33:18 Mentorship and Collaboration in Tech34:50 Complexities of B2B Identity Management38:56 Global Privacy and Language Challenges41:32 Enhancing Vehicle User Experience with Identity46:50 Speed and Security in Vehicle Identity Systems53:52 Future of AI in Automotive Industry57:28 Detroit Pride and Personal Insights01:02:20 Conclusion and Final ThoughtsConnect with Andrew: https://www.linkedin.com/in/kandrewcameron/Conference Discounts!Gartner IAM Summit - Code IDAC425 saves 425€: https://www.gartner.com/en/conferences/emea/identity-access-management-ukEuropean Identity and Cloud Conference 2025 - Use code idac25mko for 25% off: https://www.kuppingercole.com/events/eic2025?ref=partneridacIdentiverse 2025 - Use code IDV25-IDAC25 for 25% off: https://identiverse.com/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.com

IT and security teams are under constant pressure to streamline operations while maintaining strong security and compliance. In this Brand Story episode, Chase Doelling, Principal Strategist at JumpCloud, shares insights from the company's latest SME IT Trends Report. The discussion highlights key trends, challenges, and opportunities that IT teams face, particularly in small and medium-sized businesses (SMBs).The Role of IT in Business OperationsDoelling emphasizes the increasing responsibility placed on IT teams. Historically seen as cost centers, IT and security functions are now recognized as critical to business success. More organizations are merging IT and security efforts, ensuring that security considerations are built into every decision rather than being addressed reactively.A major takeaway from the report is the shift toward decentralization in IT decision-making. Departments are increasingly adopting tools independently, leading to an explosion of software-as-a-service (SaaS) applications. While this autonomy can boost efficiency, it also creates risks. Shadow IT—where employees use unauthorized tools—has become a top concern, with 88% of organizations identifying it as a risk.AI, Security, and IT InvestmentThe report also reveals a growing divide in AI adoption. Organizations are either moving aggressively into AI initiatives or staying completely on the sidelines. Those embracing AI often integrate it into security and IT operations, balancing innovation with risk management.Budget trends indicate that IT spending is rising, with security tools accounting for a significant portion. The need for robust cybersecurity measures has pushed organizations to prioritize visibility, access management, and compliance. A notable shift is occurring in remote and hybrid work models. While remote work surged in previous years, only 9% of organizations now report being fully remote. This return to office environments introduces new IT challenges, particularly in managing networks and devices across hybrid workplaces.How JumpCloud Supports IT TeamsJumpCloud's platform simplifies IT and security operations by unifying identity and access management, device management, and security policies. One key challenge IT teams face is visibility—knowing who has access to what systems and ensuring compliance with security policies. JumpCloud's approach allows organizations to manage users and devices from a single platform, reducing complexity and improving security posture.An example of JumpCloud's impact is its ability to detect and manage SaaS usage. If an employee tries to use an unauthorized tool, JumpCloud can guide them toward an approved alternative, preventing security risks without stifling productivity. This balance between security and efficiency is essential, particularly for SMBs that lack dedicated security teams.Looking Ahead: IT and Security ConvergenceDoelling teases upcoming research that will explore the relationship between IT and security teams. With these functions blending more than ever, organizations need insights into how to align strategies, resources, and budgets effectively.For IT and security professionals navigating a landscape of increased threats, shifting work environments, and AI-driven innovation, the insights from JumpCloud's research provide a valuable benchmark. To gain a deeper understanding of these trends and their implications, listen to the full episode and explore the latest SME IT Trends Report.Note: This story contains promotional content. Learn more. Guest: Chase Doelling, Principal Strategist, JumpCloud [@JumpCloud], On LinkedIn | https://www.linkedin.com/in/chasedoelling/ResourcesLearn more about JumpCloud and their offering: https://itspm.ag/jumpcloud-pg7zTo download the SME IT Trends Report: https://itspm.ag/jumpcljqywCatch more stories from JumpCloud at https://www.itspmagazine.com/directory/jumpcloudAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Welcome to the Identity at the Center podcast! In this episode, hosts Jeff and Jim dive deep into modern identity architecture with guest Ian Glazer. They discuss topics such as the importance of policy, data orchestration, and the evolving landscape of identity and access management (IAM). Ian shares his thoughts on the future of IAM, the integration of various data sources, the role of events in IAM, and the potential for real-time identity solutions. They also touch on upcoming conferences, the European Identity and Cloud Conference 2025, and the significance of engaging with the identity community. Tune in for a thought-provoking discussion on the advancements and future directions of digital identity! Chapters 00:00 Introduction and Podcast Overview 00:11 Upcoming Plans and Challenges 01:03 Guest Invitation and Podcast Dynamics 03:31 Conference Announcements and Discounts 06:05 Welcoming the Guest: Ian Glazer 06:46 Fido Feud and Conference Experiences 16:29 Identity Market Trends and Innovations 19:19 Modern Identity Architectures 33:51 Identity First Security: A New Approach 34:50 Unified Data Tiers: Breaking Down Silos 36:14 Modern IAM: Opportunities and Challenges 37:02 Ephemeral Access and Zero Standing Privilege 39:18 Understanding Identity Data 41:30 Workforce Identity Data Platforms 47:14 Orchestration and Execution in IAM 51:09 Real-Time Event-Based Identity Systems 54:45 Future Directions and Community Engagement 59:03 Teaching and Sharing Knowledge 01:05:33 Closing Thoughts and Recommendations Connect with Ian: https://www.linkedin.com/in/iglazer/ Notional architecture for modern IAM: Part 3 of 4 (blog): https://weaveidentity.com/blog/notional-architecture-for-modern-iam/ 2025: The year we free our IAM data: https://weaveidentity.com/blog/2025-the-year-we-free-our-iam-data/ Learn more about Weave Identity: https://weaveidentity.com/ Digital Identity Advancement Foundation: https://digitalidadvancement.org/ Avoid the Noid! - https://en.wikipedia.org/wiki/The_Noid Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Ian Glazer, Weave Identity, Identity and Access Management, IAM, Modern Identity Architectures, Modern IAM, Data Tier, Events, Orchestration, Zero Trust, ZTNA, Shared Signals Framework, EIC, Gartner, Black Hat, RSA, Identibeer, Data Lake, OIDs, IANS

Join Sean Rabbitt, Senior Consulting Engineer for Identity and Access Management, as he explores Apple's Platform Single Sign-On (PSSO) and how Microsoft Entra ID enhances identity security with Jamf Pro. Learn about PSSO's architecture, Conditional Access best practices, scalable configurations, and new features like authentication strengths. This session will also debunk common PSSO misconceptions and show how easy it is to deploy secure credentials with Jamf Pro.   ---------------------------------------------------   Sign up to get notified for future LaunchPad Meetups here: https://www.rocketman.tech/launchpad   ---------------------------------------------------   For more information about Rocketman Tech, or to schedule a meeting with one of our Jamf Experts, visit our website: https://www.rocketman.tech

Authentication is a key requirement for any B2B software application, especially if software vendors are selling to enterprise clients who are likely to have strict authentication requirements for the vendors they use. However, building authentication for a B2B application is typically complex and resource-intensive due to the data models required, the provisioning and managing accounts, The post Identity and Access Management with Julianna Lamb appeared first on Software Engineering Daily.