This is identity at the center. If it has anything to do with I am this is the go-to podcast. So if you're a beginner or an expert or anyone in between you've found your new home welcome to Identity at the center now your host Jim McDonald and Jeff Steadman, welcome to the entity of the center podcast I'm Jeff and that's Jim. Hey Joe Jim. Hey Jeff. How are you? Good, you seemed a little bit like like slightly delayed there for a second.
Well, you know, my deal like this is bad allergy season them, a bad allergy. Sufferer. By the time this episode goes live though, it should be all better here. It'll be April. Will be the beginning of Stress Awareness Month and I don't know. Do you have any plans for Stress, Awareness Month? How are you going to Handle stress better starting in April. You know, I'll be honest. I feel like I handle stress extremely well.
Like I just don't feel stressed. Generally speaking, I think the most stressful like job I ever had was working at Chili's of five table section on a Friday night that has prepared me for life. Like, there's no job harder than that. I'll tell you right now. So shout out to all my food service peeps. I am totally there. I'd I totally get it. I feel like I'm, you know, I got through that and like, okay, so I missed a period on a sentence somewhere.
I'm good. Well, you gotta you gotta remember that this episode is broadcasting to thousands of people who are like, what's this dude, talking about my life is stress, you know, everybody's dealing with Stratus when he handles it differently. Yeah. Maybe I just internalize it, I don't know. Maybe I just, maybe it's just my laissez-faire attitude.
I don't know. I mean, I certainly, you know, have You know, convictions to get things done and want to do a good job and stuff like that, and obviously don't want to make mistakes anything, but I don't know. I feel like stress or things that if I can't control it, that it immediately gets flushed out of my Ram and goes into a hard disk somewhere, a tape archive, and don't even worry about it. Yeah, I did, I did hear somebody say, one time like stress is not
actually something real. Like you can't have a bucket full of stress, it doesn't exist in the real world. It's all something that we Create in our mind. However, I've got plenty of it in my mind, my plan for the beginning of April's. I'm going to take a nice long vacation happens to be spring break here. Yeah, I take a little time off that usually helps me reset. The, the stress counter Troy quite a bit, but more on the
identity management topic. I've been thinking a lot about, you know, from a strategy perspective, when you're building your IM strategy or your see, I am strategy. She a customer. I am strategy is one of the things that you have to do. We still go through this battle is to define the scope of identity. What's identity data? And what is not?
Because I think there are some things that are clearly in the realm of identity and identity data is things like your username and password are, you know, as black-and-white that's you know, credential data clearly falls into the scope of Access management, but then there's some, you know, metadata and other areas of, you know, things that are about you that belong in your business applications, right? And the reason I'm bringing this up, is they feel like when
you're developing your? I am strategy. The Challenge questions that you're going to get are, you know. So, are you taking on this? Are you taking on that? So like one of the things I think from an IM strategy, Perspective, that's changed over
time. Is that, you know, it's like centralization is just taken for granted, it's like you're moving towards centralizing the management of identity, just like, you know, it's taken for granted anymore that you don't even hardly ever look at Bill versus by you just assumed by. So now, it's like, what are you going to buyer? You know, you're not going to build your own identity management system, you're not going to build your own authentication system, but 10 15.
Junior's ago, those serious question. Should we just build this ourselves? So I think that the same kind of question now. Okay. Well how far are you going to take centralization and you know, the bigger the environment you have it comes into okay like Master data management and, you know, coming up with a kind of a golden record of what that person is or what that identity is is that in your scope and I don't know From my perspective, it's not a black-and-white.
Like, here's the best practice, it's this. It's kind of what your organization has to come up. With is like, yeah, our identity management team is going to take that. That's part of our strategy. We're going to do whatever draw the line wherever you want. I think that's really based on your organization. What you think it should be centralized? What is clearly a part of identity and access management for you? And then Be able to communicate that out. So what are your thoughts?
Well, I mean thoughts on what that was a lot, I guess really its scope, right? That's it. Is that a I guess that's the fundamental part that I picked out of there is what is the scope here? I am program, what is the scope of your strategy? What are you trying to solve for? If you don't have that understood up front that you're going to go off and start solving problems that maybe you don't need to solve for shouldn't be self-solving pool?
Yeah, I guess I mean I see your point and I guess that you're right and maybe I'm overthinking some of these things. But it seems to me that when you get into, we're going to draw up our identity management strategy. There's always going to be people on the other side who don't want parts of their applications.
For example, put into a centralized system taken out of their applications management of profiles, for example, and so I think that you have to be if to step into that area very thoughtfully and do it in very intentionally and really think through those issues. Is like, okay, does this belong as part of this? You know Central, I am strategy for us. Well, that's all. Let me. So let me I sold it as a scope question because the I am program manager in me or the
Cecil and me would say yes. Every application is in scope for identity and access management to what level or you know what the integration pattern looks like, can be a discussion with there shouldn't be a you know wild card out there some at that we don't know about. So whether the application is or is integrated for Go with rij platform or are privileged access platform or single sign or MFA, whatever it may be. But I think that's, I think.
There are certain things that are non negotiables. It will be managed, it will be governed, the level of the government's, the level of the management is something that the organization will come to an agreement with and say, okay, we are going to take that one over because we want to make sure that it adheres these things, or maybe it's more decentralized, but there are still rules that that application still has the
following. So for me, that's the way I look at it is everything is in Scope for management at least or governance. And you can Define what that means. The rest of it. Yeah, glass that comes back later. I think I guess that is. That's kind of the Black and White Version, right? That's the stuff that. Yeah. Okay, I agree. Authentication should be centralized. Usually you don't run into any battles except for where it's like, that's going to be a very difficult integration for us.
But when it gets into authorization, entitlements roles like, oh, is your centralized? I am system that doesn't even exist today. Going to take that over from our application, which is so freaking complicated that, you know, even if you could land. Somebody on the moon, you can't figure out how our application works. Is that what you're saying? So that and then die again. You didn't like all this data that were collecting about the person. Like how much of this are you taking over?
Are you going to start sending us the address for the person to our application? So I think that you have to go into that very consciously and first off you have to understand your environment and and kind of how far you're taking it. But you know, you have to think through those things before you just threw your strategy out there. Unless you have a very Receptive group that's going to help you brainstorm and work your way through it.
But at that case, I'd say you're not in the final strategy but I think that you need to think through those things. Especially around identity data around authorization, how far you're going to take your. I am strategy or I am system tools and processes that you're going to be implementing. Are you going to do registration for all users? Okay, you're going to do registration. Are you just going to create the assignment? Union account or you going to take over everything?
Are you going to run registration for all the pieces of data that we need to collect? Yeah, I think that's me and that goes back to the school questions. What's the level of integration? The scope is everything. Should be managed at some level. The management might be none, or the manager might be full, right. We're going to take it over directly out of your hands and not even doing it, you know, let you touch it anymore.
And the truth is I think most organizations fall somewhere in between of all those different options, so be some apps. Are disconnected, but they're still known and govern, and have, you know, compliance things they have to adhere to and security, whatever it may be. And then you've got the other ones, of course, you want to pull into a single sign-on or MFA and simplify the environment right now. I don't think there's any, there's many IM programs out there.
They're like, no. We don't want to put, you know, any of I, all of our apps on Tessa. So I think that should be like the default standpoint and then from there, you decide, okay, what are the exceptions that come out of it rather than trying to approach it from the other side of it? Yeah, and I think this is an area where, you know, Enterprise I am Workforce. I am kind of falls into much more predictable patterns, when you get into the customer, I am side of the house.
It's really looking at, okay? Like what are the problems that you're trying to solve and really having to build an approach that has to be flexible? Based on, you know, what is the environment that you're building
into? Yeah, well customer I am is is a totally different beast and I think, I think you and I talked about that before where there's clearly a difference between the two and for those that are in the know, I think they get it but they think there's still a lot of organizations. Maybe you aren't a similar to I am they just see. I am as I am and not Enterprise Workforce consumer vendor partner customer right whatever might look like for them.
There's there are very clear differentiations between the two especially then when you start getting into the global aspect of Right? You got, you know, gdpr versus HIPAA versus, you know, regulations all around the world that throw, wrenches, and into things, and makes it even that much more difficult. Absolutely. And that's where it's like, you can't be an expert in
everything. But, you know, when you start to, I could pretend to be when you build that industry knowledge on top of subject matter. Expertise, you know, I was actually thinking we could shift the conversation into Converse space because I think this is This is the kind of conversations. I love to have over a beer or coffee and just, you know, the or the Hulk little bit more than small talk is like when you get into talking to people about, okay, what are the kind of
problems that you're solving? That's what I love doing at conferences, and I'm so glad they're face-to-face.
Again, obviously, sitting in sessions hearing people talk, that's fantastic, but it says one-on-one conversations or even small group conversations over a beer that can't be beat and I know you and I are planning on attending the identifiers conference and kind of bringing the the full force of the identity of the center podcast to identify verse broadcasting, would dozens of megabits per second, depending on where we happen to be. Yeah.
Will be an identity versus I'm not sure yet what that was going to look like. I think we're still sort of in the process of getting that figured out, I think we're going to have some sort of if it's not already live. I think people here this some sort of discount code maybe even for people to be able to take advantage Age of. So maybe we'll you know let's kick down a fourth wall. I recording us it's March 8th identity versus told you a few months out of this point. Still cross the game.
Things set up, maybe there will be like some pre-roll ad type thing that we do ahead of time before this part errors, and then we'll just like, oh go point back to that, right? Whatever that code was. And then you just, you know, overwrite it with whatever I'm saying right now. Yeah. And like most things on this podcast, you know, the discount code is meant for the people. We're not going to make any money from it. Just like the podcast. We don't make any money from it.
We actually lose money on it because we buy fancy microphones and headsets all the time out of our own pocket. Yeah. Is purely for those. This is very cool that Dennis has partnered up with it on a to so definitely it's tongue-in-cheek but yeah definitely something that hopefully our listeners can benefit from you know discounts a discount which is great especially if you folks are on the fence you know, haven't haven't. Registered yet.
It doesn't retroactively apply as my minor settings. So, if you haven't registered yet, find out our discount code and then use it and then save yourself. We'll get money and then and then what do we do with that extra money? Jim that 20% What would what would we do in terms of? Like if we had, you tell your company, Oh, it's going to be this and then just kind of. Yeah, well, look, you know, I battled hard to get these
savings for the company. I'm flying the flag of the good corporate citizen, there's a Twitter joke in there about the recent kerfuffle, the guy Elon Musk was talking with saving money, but we'll get in that. All right. I think we're getting off the rails here but yeah, hopefully people are Denver's. It'll be May 30th to June 2nd at the Aria Hotel and Casino in Las Vegas. Fighter discount code wherever it is.
Maybe I'll put something on the website, I'll probably sure, whole blasted all over Twitter and Macedon and Lincoln said like that one's got it ready to go. So should we talk about today's topic? Because I feel like this has been as kind of a long intro to get to identity management day 2023. What do you think? I was going to say maybe that's another episode maybe just cut it here. Start a new episode. Yeah we could do that.
Well it's not because we've got a couple folks here that I have been very gracious to join us. We've got actually We're going to be talking about identity management day 2023 and that is part of what we've been helping out with the past as well. We've got identity to find security alliance members here. Idsa we've got Julie Smith. She's the founding executive director. This is her sixth appearance on
the show. We don't have jackets or t-shirts that we hand out for that many guests but maybe we'll send a sticker or something like that out and she's smiling here. So. Hello Julie. Tim Jeff, good to see you. Is always Aureus speak to you guys. Well, we got the slide. The cat has yet to make an appearance in any of your appearances, so she's always on the lap. Okay, so maybe we'll hear purring at some point or, maybe not. But we're happy to have both of
you guys back on the show. We've also want to introduce a new member of the team. His name is Jeff Rich, he's the executive director for idea. Say welcome to the show. Jeff, thank you very much, Jeff. It's a pleasure to be here. I really appreciate it and look forward to Ocean with both Jim and you? Yeah. Well, other than having, you know, the most excellent Name. What we like to do is find out really about identity, origin stories for people. So how do they get into the
identity World? Julie has been on again. This is our sixth appearance. I will Point people back to episode 52. I think it was a 57, actually, that's what it was. That was your first episode, so you can go back and listen to Julie's origin story. But Jeff, it's your first time being on the show. How did you get into identity and access management? Is that something that You chose or did it choose you? It was really a combination of both vectors there.
I've been in security, both physical security doing a little work for law enforcement and then focusing mainly and information security that alone for over 45 years and identity, and identity management has been part of security from the beginning. I think there are many people that are just now beginning to recognize that that security has to have. I Identity within it, you can't
separate the two. So I've always had identity attack or what I'm doing with security and over the past few years, I've recognized more and more.
When you look at data breaches ransomware and everything else, it's going on that hits the news, all I get are two related so identity at did that only its found me all along but now it's calling me. I feel like we've been shouting it from the rooftops people who are been sort of like a Daniel a Firs. I feel like for most of my professional career Jim's as well as I couid. I know how important it is but it seems like spend the last couple of years that that message is really started.
Taking hold and I don't know if I want to credit zero trust or not Julie's playing yourself is like it was all the idea say baby identity management days. Yeah it's definitely definitely has I think growing in importance? Speaking of the idea of say Julie for folks who aren't familiar with that organization, give us like the 30m. And we've talked about the past that. Yeah, give us the kind of the overview of what the idsa is.
Yeah, I think you guys just touched on exactly why we why we exist and it's all about helping Security leaders and organizations be identity smart and and it really is bringing together this identity and seek the to Identity or the identity and security domains and putting a focus there. So the idsa identity to find security Lyons is a non-profit. We provide thought, leadership, expertise, and practical
guidance. On securing digital identities and we do that through vendor-neutral research, education through webinars and big events like identity management day. What we're going to talk about today and then best practices perspectives recommendations on how Security leaders can be identities are. So I, when I was introducing you, I mention that your the founding executive director, so my understanding is you're going to be retiring getting the drains. Over to Jeff. What is, you know?
What's that like, right? Being kind of the first in that role and seeing this Rose for your organization of the last couple years, you know, what do you think? You're, you know, you're I guess what? Your favorite accomplishment during that time? That's a good one. It has been an incredibly rewarding. Well, I'll call it really 6 years. So I've been involved in the idsa going back to my time at Optive. I kind of think of Optive is incubating.
The eye. Entity to find security Alliance. It was started by Ping. Identity optic, got involved, we sort of grew it underneath the optimum Briella but then spun it out as a standalone entity about four years ago. So there's a lot of accomplishments 2.2 kind of going from this, you know, small somewhat unknown to hopefully, a much bigger and and more well-known organization. But I think the thing that has put us on the, on the map is identity management day, which
is coming up here on this. Second Tuesday of April, happens every year this will be the third annual and this year to have happens to be April 11th. So I'm excited to talk more about that. But I would say, you know, just the fact that our organization, our research is getting picked up in quoted and referenced. In ways that I don't even know about it. Just happens to pop onto my radar every day. I think that's one of the biggest accomplishments. Is that we have gotten to that
point? It's always fun when you go viral, right? I guess we're going to reasons or are good things Trail. What's next for you? Get question. I think I my plan right now is take some time off between now and the end of the year, spend some time as we've talked about before, right?
I like golf, I like the cycle. I like to enjoy everything that is the Colorado Mountain. So spend time with friends and family and Significant other and travel and you know, just kind of enjoy life for a while and then figure out what the next chapter holds for me. I'm not exactly sure what that is. And I don't want to don't want to Define it while I'm still in the process of kind of wrapping up this part of, for this chapter in my life.
So, I'll spend the next six months or eight months or so, trying to figure that out and it starts off to find exactly. It starts off with a week in Hawaii, where I've never been. So, I'm super excited about that. So as soon as identity management day wraps up, I'm on a plane. And out of here, I feel like running out, right? It's like, all right, well, you know, leave leave the meeting or the webinar, right?
And on the 11th and the next thing you know, it's like all you see is like a puff of smoke and Julie's gone. She's like, you're in a black car on her way to the airport. Exactly was very cool. Yeah, I've never been, it's gonna be. Yeah. It's going to be awesome. Well and where I was going to go deaf I admitted that to cut you off there, where I was gonna go, is, I'm able to do that. And I'm able to leave in a, you know, puff of smoke because I'm super excited about Jeff.
Rich taking over the reins and leading us into the future. And I've every every confidence that he's going to do great things for the idsa going forward. So just in the time that he and I have spent together in the transition mode over the last month or so, yeah, I'm ready to run and and and hand it off to Jeff. And I've Every confidence that he's gonna do an amazing job. So Jeff, what is, I guess, what is Julie leaving you with, you
know? Is there like a to-do list is there is the autoresponder already on? You know, please. You know, please forward to Jeff, you know, all questions about this. Yeah, whatever. Maybe like, let's pretend she's not here, right? Everything's going to be her fault for the next year or so, right, all things, I think that's tradition whenever you leave my business always stuff. Yes. All is the last person's fault that we got to spend some Fixing it.
Not that Julie, you know, we love Julie but what are the things that, you know, do you see on your plate coming up here in the next like, out of the Chute? Friday, I say, well, first of all, I want to say two things one. My number one objective is living up to the expectation. She just said in that transitional introduction, left me here. And no, she's not leaving it to do list. That, that doesn't mean there aren't things to do here without
question. My list is overflowing, I Have to hand it to Julie. I'm going to take this public opportunity. He won't be the last time I do it. I do not know how she's done this for the past few years. I've been here a month working with her and with two of us, I'm thinking we can't get this all done. Then I realize a month ago, she was doing it herself. So amazing job by Julia to to build this up and get it to where it is.
I think we are at a point now where idsa has grown from a core of identity providers and security providers to benefit the the community at large. I think now it's time to start expanding into the community large and getting more contributions from those not only that create identities and provide them and tools for them. But also the custodians of identities, which are a lot of the large Enterprises that may
or may not have a good. I am program in place yet as an example and can benefit from learning about what the Professionals in idsa have to offer and thought leadership and start providing some of their own. Let me pad Julie on the back now. So, I think that one thing she brought to the table was amazing organizational skills or Grew idsa From nothing to where it is today and what, whatever it becomes would have never been
had she not done that. but what I also always thought about Julie was that She's an identity person, she gets it. And I'm sure you would not be in this role if you didn't get it. So, Jeff as your inauguration into the identity at the center podcast, I'm going to ask you one of the tough questions that we've we've repeated on this podcast many times which is, you know, getting into the subject matter.
What's the difference between I am and digital identity because Let me Give a Little Bit of background on that question. To me it almost felt like digital identity as a term was replacing identity and access management. We're talking about this industry of digital identity and so we we posed that question 2nd handle who is the organizer of they didn't reverse conference and was the president of the ID
Pro that very question. You said that that's going to take me more than what we can fitted to this episode. So what Jeff and I Did was we put together an episode is one of our most downloaded popular episodes. And we asked a bunch of identity gurus. What's the difference between digital identity and identity and access management? I'm not as a test to you but to
you, what is the difference? We could spend the next month talking about this, but but I think I have what I consider the difference because I am is more of the overall umbrella. Ella that has a combination of whether it's a tools you use or your policies or procedures and everything around. Obtaining identity, issuing identity, access controls.
And managing that whole sphere together to me, digital identity is different because a digital identity is something that every one of us creates, whenever we do something in a digital Realm, And that includes actions access and in some cases, like, what websites, you visit, whatever Trails you leave. That becomes in my mind, part of your digital identity and it's not traditionally in my mind part of what has been accepted as identity and X identity access management.
I am So, how different is that from? What you've been hearing from all the a? No I think that's a good. We've heard the exact opposite. We've heard exactly what you just said, you know, there's I can be convinced as your identity is the thumbprint. You know, you go and the crime scene has these fingerprints all over it and as the digital identities, right?
That you leave behind, I think that was its kind of the analogy for you the trail, but I've also heard people say, digital identity is the umbrella identity access management is one of The the functions within that I am umbrella. So I mean I think everybody ultimately I think it's Did you just terms right? And what, what those terms, ultimately become our, how people intended for them to be understood when they use those terms?
And so I kind of think the pissed definition that we got was from Alec fry goes by the the moniker for identity. Who said it's it's like football. Football is a ball but it's also this concept of a sport. That's an international phenomenon and it all depends on what you meant when you when you use the term football, what did you mean? And that's digital identity. Jeff, you have any thoughts? Are you talking to your Jeff? Yes, I'm gonna give it to me or not enough to many gifs.
Well, Jeff and I have already decided, we're going to start our own podcast is me. Just just Jeff's talking to each other and you can only be on the show if your name is Jeff. So that's how that's going to roll. Maybe one of the younger, two year of study area. I'm with Alec on this one, you know, I think this is I think that's how I let off my my description as well as I think the context of the question matters, who were you talking to in what context? Because digital identity?
Access management? All four words mean different things to different people spending all your talking to and when you combine them now you've got a bunch of different options. Where Jim you might say, okay, well, it means this to you. Jim and what I meant when I talk to someone else, you know, my wife or my daughter Dog. Right? It means different things to them or doesn't mean anything at all, right, could be that as
well. So I think I think this, it's whatever it needs to be, but I think you have to recognize that and tailor your question and your conversation to poor, you're talking to and what is the context that that those terms mean to them? And make sure that you're you're speaking the language in a common in a common vernacular. Julie do you have your own take on this or you with Alex fry as
well? We talked about it may be the last time I was on and I'm with Alex, I think digital identity is the thing and identity and access management is, you know, the broader umbrella of how you manage it, what's the life cycle? What are all the attributes that need to be defined about it but digital identity is the thing that we care the most about because it's the thing that's getting compromised, the most. So Jeff Ridge. Where is identity and access management heading.
Well, it's heading at high speed right down the road, right down the middle of the road. And, and I say that, because for those, that don't know yet. If you haven't heard about, you know, data, breaches ransomware, anything else going on that bad on the internet? You know the dark web all of those things end up having or result in identity compromises. So because of all that I think identity and access Management is heading towards a little more standardization.
I believe we, probably as much as I get the, it's all about context. I think we need to start to finding the context and saying, here's what identity means. And here's a value, we can start associating with it. I'm going to give you a real quick example. If you take a look at payment card information, there is an identity aspect to that. And when it's compromised, even though it may take a while, There is a remedy to it
Healthcare information. If you have a given diagnosis for a disease, when that's compromised, how do you remedy that? You can't. So the value of that Healthcare information, on the big scale is probably a little more value than a little higher rather than the value of the payment card information. And if you expand that to all scopes of digital identity and identity and access management, I think it becomes a matter of defining the East stratifying different levels of value of
identities. And because of that and associating that with value of resources, they may be accessing. You get into concept of things at the highest value. Maybe that's a really good opportunity to implement something like zero trust. When you're down at the lower end of value, maybe it's not worth the effort and time to do something like zero trust, but you still need some form of identification of the vacation.
You know, those really good point and I think talk to your you're referencing kind of a risk based model as well. Jeff and I Jeff Stedman and I like to talk about this podcast has kind of a time capsule for the I am industry. We've had a lot of people who've been in this industry for a long time on the Podcast. Those episodes will always be out there for people to enjoy and to research.
What would, what were they thinking back in the early, you know, back in 2019 or 2020. So what I'm going to ask you for is any bold predictions that you want to throw into the time capsule. So I have a prediction that some people may think of his bold. Some people may think it's impossible, but I believe that we have a future coming Forest where each of us are going to be in complete control of our own identity. Now, that doesn't mean it's controlled the way you want it to be.
Because each of us, our control are in control of their own health, our own weight, and everything else, but that doesn't always work out the way we want. However, more and more in you're seeing privacy legislation start to drive. Rises towards this identity information from me should be controlled by me.
I may give you access to it and I may determine how you can use it and I may revoke that access to it but it's still my identity and I'm going to control it in the u.s. especially that's not happening right now. We're nowhere near it and I believe my Bowl prediction is down the road, that is what we're going to have to do. Otherwise individuals will have no control over being able to say who they are, how they get.
Credit, how they get access to anything, how they go to the movies, all of that going to be potentially compromised when they don't have appropriate control over their identity. So given that line of thinking I would expect at some point, we'll start to see some things along those lines and idsa content, will we see a thing like that? Maybe I got a management day or there any sessions that kind of touch on that cell Sovereign or decentralised?
Are things coming up or is that still in the? So the Q because they know it's a it's a very meaty topic and I think there's a lot of confusion still in the space. Of blockchain For Better or Worse. Haven't been equated with decentralized identity again, for better or worse. Where do you think? Where do you see idsa? Tackling some of those, those topics? Well, I think you're going to see topics that that touch on privacy and privacy ends up,
being the driver right now. For how that level of self control comes up now, you did ask for a bold prediction and I'm assuming you were thinking more than a month from now which is why I don't think you're necessarily going to see the solutions, right? A way for it. But I do believe you're going to see discussions about it because when you discuss privacy and importance of that and what happens when a leak occurs, you're going to see some solutions that are not talking that.
Start talking about how an individual can exercise more control. However, I think that's going to have to happen in concert with governments, whether it's with the local state, or federal level. And dare, say even International standard. That's very bold at some point for that. And that is a slow move that part too slow moving train. So this I am that's going at high speed on this end of the
road in the future. It's going to crash into that slow-moving train that our government regulations. And I would like to think what comes out of that is a good Common Sense approach to allowing individuals to be able to take control of their identity. Do I think it's going to happen this year? No, but I do think you'll see some topics that can At least touch on it at idea at and identity management day. I think it's interesting because it is something that seems to
come up almost every conference. I've been to for the last year and every conference that I'm attending this year has some sort of track or topic, right? Even multiple kind of presentations on this concept of self Sovereign status and being able to part and parcel out portions of of your personal data out and how it should be used. And I think it's Sure if it will be solved in the next 5 years or 10 years because they think there's a lot of questions of
where will this be built? Who's going to administrate it? You know how easy is going to be used forever to use? This is going to create a second class experience for other people who aren't on you know that platform right? Those sorts of things. So be interesting to see how it kind of plays out. You mentioned identity management date. I know Julie this is sort of been your baby for the last couple of years now and I guess from a Attendee perspective, what should I be expecting on
that day? And again, it's April 11th, the second Tuesday of April and we'll have a link on our show notes as well for people to check out and get more information for it. But I guess who is that? Who is identity management de designed for? Yeah, good question. So I would say it's designed for everybody. You know, when we started it three years ago, the idea came from one of my member companies at the time or Our member companies at the time.
And with the idea that, you know, we need to put, we need to have a day just focused on this topic of securing, digital identities. And, and identity security is everybody's responsibility, right? Whether you're an organization protecting the identities of your customers and consumers, or whether you're an individual who has an employee identity, you need to protect, maybe you're
working as a consultant. So you're a partner to an organization, you need to protect that digital Identity, or even your own personal digital. Leti right there. So everybody, everybody needs to be involved and do things that help to protect your identity.
So individuals, you know, using strong passwords not reusing passwords, you know, not doing some of the, the silly things that I think that we all do that, you know, have a tendency to cause problems with our own personal dual identities but also helping organizations. Focus on the thing, the action items that they can the actions they can. Take to protect the digital identities, they have underneath their responsibility. So I'd say it's everybody.
We partnered with the national cyber security Alliance to focus on the individual side and the small business side and the idsa is very much focused on the Enterprise, in the organization, bigger organization side of things. So, it's for everybody and what, you know, you mentioned there are asked the question about what to expect. I would say there's really two two main aspects Stu identity management day April 11th and one is the participation online.
So the sharing of best practices amongst organizations we have hashtags, ID MGMT day 2023, as one be identities. Part is another and we're encouraging organizations and individuals to share best practices online through Twitter. Through Linkedin, sending out emails, writing blogs, Those kind of things and just sort of that online presence is one main aspect of identity management
day. And then the second big element of identity management day is a virtual conference, which this is the second year and it's bigger than it was last year. So that's that's always good. It happens from 9 a.m. till 4:30 eastern time. So I know the for the folks on the on the East Coast or 9:00 a.m. to 4:30 I guess it on the on the He's on the west coast, it's a little bit early but hopefully we'll have all the sessions recorded so they can go
back and watch the sessions. They might have missed, but registration is free. Will have some raffle prizes. We've got six sessions that are presented by industry organizations. The national cyber security Alliance ID Pro open ID Foundation, Fido and sisya. We have five sponsored sessions presented by sponsor organizations. We'll have opportunities to engage with the exhibitors but also engage with each other
through one-on-one. Networking tortoise is kind of similar to speed dating and then have a lounge for people to hang out during breaks where they can engage with other participants in the conference. So, you know, one one way to get involved right out of the gate. It's become a champion. You can go to our website, identity management, day.org and sign up as a champion, I know, Jeff and Jenn you guys are listed there. And then we'll list you on the
website. You get an exclusive Champion tool kit with all kinds of resources that you can use to engage with and educate customers employees and communities. And so the champion program is not just for individuals but also for organization as well, who are focused on this topic of securing digital identity. So hopefully that kind of gives you a range of things and ways to get involved in what to expect. It's almost like you've done this before and you've been That
question before. Very well, presented, April 11th, it's an all-day Affair. I love the fact that it's on, you know, on demand afterwards because I think like, most people writing, you have a virtual conference. Sometimes, you do end up multitasking and get pulled away and everything's, and being able to go back and look at stuff that you were that you were able to get to during the day. Makes it super flexible. So, I'm super excited for it.
I typically engage in some of the conversations that are out there, so don't be surprised. You see me poking? My head in and out of different things and throwing comments out there. The identity management champions list is impressive. I'm looking at it right now and it's, it's a who's who of, you know, Heavy Hitters in the identities. They see, these are all just individuals that are, you know, behind this.
This is this isn't really a, you know, pay-for-play type thing from from their perspective, right? I didn't pay anything to get list is like, hey, I support this obviously Jim and I have been supporting us for a few years. Now, right, since Inception stuff like that, I think it's a great opportunity to get the identity management. The street together and have conversations and drive awareness and really hear from folks out there and be part of the conversation, which is
great. Because I did a lot of times you get conferences or other webinars and things like that, you're a, you're a watcher, you're not a participant and I think that's, that's one of things. I think it really kind of sets apart from other ones that are out there. Okay? So I know you guys have been super generous with your time and I want to make sure that, you know, we let you get on with your days and Evenings, I'm sure.
Julie. You're probably thinking about like, you know, what am I going to pack for Hawaii? Jeff your pipe, looking at your laundry list of things like, I want to get this done but what I want to leave us with is a lighter note and we're kind of talking before the show here. And I think the one that we settled on was this is a question that we're going to ask for all for everyone's answer. On is what's an underrated TV show or movie that more people
should be checking out. So, for example, if I hear Game of Thrones, I'm going to veto that and say everybody, all right? Knows about Game of Thrones whether you like it or not, is irrelevant people have heard about it. So what I'm looking for are one things that I can add to what am I streaming cues?
Because I'm always on the hunt for something new but maybe some folks are, you know, they like hey I really enjoyed this and I wish more people knew about it so that I can have more conversations about it with other people. Jim, I'm going to start with you and then we'll go to Jeff and to Julie And your start with me and I'm going to like, give the alternate answer because I really don't. Nothing came to mind, our podcast guy or ebooks.
And so what I'm going to do is throw a pod cast out there. Hope that doesn't offend anybody. But the podcast I've been listening to lately is called hidden brain. It's a, I think it was an NPR show. I think is how I picked up on it. Anyway, this guy Shankar he it's, it's like the psychology of the human. My mind and how the human mind works.
And for example there's a whole series on happiness research that they've done, they called it happiness 2.0 which is like what are the things that we do in our lives or happen in our lives? That make us more joyful, going through life and there's two reasons why those do it. One is like I think this is true for anybody. Like if you listen to his podcast you will enjoy it. I'm you've got my personal guarantee on that, enjoy it.
You'll enjoy it. If you don't listen to it, you will enjoy it. But, you know, that's number one. Number two is like, I'll listen to it. This kite Shankar. You know, he's super well-spoken and I feel like after I listened to his show, if I go into a meeting my vocabulary, expands temporarily. So, I mean, that's part of the reason why I listen to it is like he's so well-spoken.
I feel like that kind of rubs off on me a little bit and take me from like three on a scale of 1 to 10 to maybe a 4. So there you go. My answer is hidden rain podcast, it's a 33 percent Improvement, that's that's what number is that. Anybody would stay you gotta on a market that right? Jeff, what about yourself? What is an underrated TV show or movie? Or I guess podcast, or something that more, I'm not going to go with podcast but I do support the hidden brain.
That's a great show. So the underrated show that I have in mind, it's streaming on Prime's called 3 pie. Ines and it's something. I think not enough people know about if you are into a good murder detective, but it's not a either. A gruesome or real bloody or every episode murder solved in 44 minutes.
It's not that kind of show it's more slow-paced and it takes place in Quebec Canada. And I didn't know if they were to. So I had to say that and it deals more with the eccentricities of a town and they're somewhat rural. So they all know each other, maybe a bit too well. But there are some deaths that occur and everything kind of intertwined. And I think it's great. I'm really hoping it gets picked up for a second season. What's it called?
Again, three Pines, three Pines, three Pines, I video Amazon Prime video. Okay, yep. Julie about yourself. I think this is a little bit obscure but maybe not so if anybody that's a front of a fan of Bryan Cranston of that Breaking Bad. Same there's a it's in season 2 now but there's a TV show on Showtime called your honor and it is fantastic. I am you know sitting on the edge of my seat, every Friday, just waiting for it to drop the next episode.
Drop So it's set in New Orleans which you don't usually see very often and he's a judge that has some issues and had some challenges in his life. And yeah, I've really I really enjoyed it. So I know you guys are shaking your head, so maybe it's something that you've watched. But yeah, that's my. That's my favorite right now. My wife is into it and I haven't seen any of them yet, but I love Bryan, Cranston. I think he's a so talented and
so good at what he does. I mean, he's got such range to between comedy and drama and sort of everything in between a just I'm in on that one. That's that's got to go on my list for sure. You know, I'm sitting here struggling because I actually have three that's that I was want to bring up. This is so there's one. I'll go real quickly. First one is a show called God's favorite idiot. It's on Netflix, and it's a comedy with Ben Falcone, and Melissa McCarthy.
I just discovered this, like, literally last weekend's Doom scrolling for Netflix. Trying to find something that my wife and I could agree on to watch and flipped it on its, I guess 30 minutes stupid comedy about basically, the guy gets struck by lightning and he supposed to be sort of the messenger of God and deliver the world, and it's funny and it's stupid. And it's just a good solid, 30 minutes. So that's that's one I think that people should probably check out.
I love the Bennington Show on Sirius XM radio. So for folks who know me, I will reference them every once in a while but they do a Daily Show on the satellite radio. Now streaming kind of platform but I totally think it's such a great show father-daughter and just essentially gifted comedian and just so fun to kind of listen to its, I always have a good time. Listen to those guys. I if I ever did a personal podcast, it would probably be
Something like that show. I don't think I can do it as good for sure. But will be that sort of approach. Should I do my third or just leave it there? Yeah. I see the three. The other one is, this is something I've gotten into recently, is it streaming Network called Dropout? It's by college humor and they do a lot of, like, sketch comedy and things like that.
It's super cheap. It's like 50 bucks for a year, and they have this show called a lot of cop shows, but one is called Game Changer, which basically the rules of the game change every time every episode and the player is have to figure out what the rules of the game are to win.
So they're throwing to a bunch of different scenarios and things you can find on YouTube as well, if you want to find clips and stuff like that but they don't know what the rules are when the game starts and they have to figure out along the way and it just it's just a weird fun show or you can easily spend, you know, half an hour is, as a Time killer. So there's I cheated and went with three so it's hopefully that would hopefully isn't quite as as intense, as well as it
does squid game, right? Was that? Well, we know yesterday was great. Rules of the game you either but the consequences were pretty dire. Yeah. Consequences definitely not as dire but very entertaining and fun and stupid at all. The same time, right up my alley. So, I enjoy it. If you've checked it out, feel free to drop. But you know what? A LinkedIn. I'd love to chat about it. I just don't know anybody else has seen it, and I enjoy it, so that's me.
All right, let's go ahead and leave it there for this week. Jeff Julie, you know, always. She ate the time you spent Julie. Congratulations on everything really that you've accomplished over the last several years. With idea, say congratulations on. Going to Hawaii. And you know, I'm going to be living vicariously through you when you get back.
I would love to understand how it went for you because that's on my bucket list is to get out to Hawaii at some point and in recent data will help me plan that trip Jeff. I'm looking forward to maybe having more conversations with you as things kind of progressed with idsa and You both are. I don'ti management Day this year.
So, and if we see each other at conferences, fist-bumps, Julie, and I met at a conference, it was RSA, I think last year it was here before it was like on the corner in San Francisco. There is hope. Yeah, so hopefully you Jeff. You and I will get you the same thing here at an upcoming conference, and you can Tory, official identity of Center fist
bump. We'll have links in our show notes for both Jeff and Julie can connect with them on LinkedIn. You can find out more about the identity defying security, Alliance the ideas, Say, IDs Alliance dot-org. Also have links to identity management day, identity management data org.
And of course you can find us on the web idac podcast.com we're on Twitter at ideas, the podcast run, Mastodon even idac podcast at infosec got exchanged and of course you can always connect with Jim and I we began actually get a lot of really cool messages and comments and individually to us through listeners and stuff like that. So feel free to drop a note. Always happy to engage in talking, it gives us ideas. Four things we want to bring up on future shows.
So don't forget that like And subscribe button. That's the best way that you can help us out and I'm going to leave it there. Thanks everyone for listening and we'll talk with everyone in the next one. You've been listening to Identity at the center.
We hope you've enjoyed the show, make sure to like rate and review and we'll be back soon, but in the meantime, hit the website at identity at the center.com and find us on Twitter at idac podcast, see you next time on identity at the center idac podcast, see you next time on identity at the center