This is identity at the center. If it has anything to do with IAM, this is the go to podcast now your hosts Jim McDonald and Jeff Stedman. Welcome to the Identity at the Center podcast. I'm Jeff and that's Jim. Hey, Jim. Hey, Jeff, how are you? Oh, not so bad yourself. Doing great.
I've been looking forward to this episode for a long time and I don't want to make this all about me right, but my entry into the Identity space was in B to B User Management and Access Management, and essentially I didn't even know what Identity Management was when I got into it.
Like most people, Identity chose me, but I just happened into this B to B space and there's a tremendously complex use case and you know how we manage our B2B dealer and in my specific case was dealerships, how we manage those relationships came back very much to how we did it at that company. And you know, in terms of where the space was at the time, for sure, there were no commercial solutions that solve that
problem. So we had to develop our own application and I pretty much spent the next 20 years keeping my finger on the pulse of that space and looking for solutions that you know, hey, there has to be a commercial solution that solves this complex B to B identity management case. And I never found one. I mean I literally never found one. And as you know, I do identity
advisory. I've been doing that for the past 12 years and this question comes up a lot from different clients who have AB to B use case to solve. They say who has this? I say no one, no one does this. You have to pretty much write your own program. Now you can, you can get a platform, you can get a lot of tools that are going to save you time. But at the end of the day, you're still developing your own
custom application. Now rewind or Fast forward to about a year ago and then I became aware of the people that were going to speak to you today and looked at their product and I was absolutely blown away. And I said to you, Jeff, you have to see this and we have to get these gentlemen on the podcast to talk about this a little bit. And so I don't want to oversell it, but that's essentially the genesis story of this episode. So I'm very excited. I think I'm excited is an understatement.
You have been straight up fanboy since this kind of came about. I guess you know, for those not familiar, before we get kind of things started, you know Jim's been going back and forth about this thing for for a while now. So you know he has a little spring extra spring in his stuff I think for this conversation. But today's episode is a sponsor spotlight episode.
So that's one of the things that we do every from time to time gives us an opportunity to talk with, you know, the movers and shakers, really dive deep into products and that's what we're going to do today. These are special episodes that we actually create in collaboration with our sponsors to make sure that we're able to really get to the details of things. So it's fully sponsored.
Just making that crystal clear. We're going to get right into it. Today's sponsor is Tallis 1, Welcome, Identity Platform. You can find them on the web at Cpl. tallisgroup.com. That's Cpl. Dot THAL esgroup.com For those not familiar with the, the solution and the and the group that we're going to be talking to today, The tallest one welcome.
Identity Platform offers a comprehensive solution for managing digital identities, providing seamless and secure access to applications and services across various devices and platforms, ensuring a user friendly and protected digital experience. Again, straight up fanboy Jim is going to be very excited to have this conversation. I am as well. We've got Marco Venuti, Director of I am Business Acceleration for Tallis. Welcome to the show, Marco. Thank you, Jeff, and great to be
here. Thank you so much. Jason Keenehan, Director of I Am Product Management for Tallis, Welcome to the show. Thanks for having us, Jeff. Thanks for taking the time guys. You know we're we're, I'm probably going to say the word fanboy a lot because Jim is straight up fanboy right now. But before we get to that and the and sort of the product and the and so the solutions that you guys offer, let's talk a little bit about your identity
backgrounds. I think that's one thing that a lot of people like to understand just you know the the viewpoints that we're expressing here is what is that based on of right, what's been our experience in the identity space marker, Let's start with you. How did you get into the world of identity and access management? Yeah, well, it was, it wasn't deliberate decision.
I used to work for a consulting company actually US1 Cambridge technology partner which acquired the startup I was working at. So I was now working for AUS company. The literally two months after acquiring us was itself acquired by Novell. OK, this was year 2001. For those of you old enough, they probably remember that brand NFL is still to these days with different brands and player in the identity in the identity space. So that's how my journey
started. So I had a few years there delivering identity solutions, then selling identity solutions, then cooperating with product management or identity solution before leaving and transitioning to a governance startup, this time Italian in case there is any doubt left around where they do come from. OK, so we had a small company that we built the governance solutions for three years before again being acquired again, this time by IBM.
OK. And again, so is to say there's a longer story, which brings me to 1 welcome later on. Maybe too long to be fully, fully, fully fleshed out. So I'm technically my third decade in the identity space. That's not a way to say. That's that's a lot of experience. We'll say. That's a diplomatic way to say that you've been doing this for a long time, Jason. How about your background? How did you get into the identity space? Yes, my my background's not quite as long as Marco's I think
at this point. I've been in the IM space for about 12 years now. So the 1st 25 years of my career I was actually working at IBM, doing more product engineering, product architecture, working on mainframes actually. And I had a career shift and in about you know 1213 years ago I got into product management and I was working in the this is the time of Service Oriented architecture, SOA and I was working in IBM Web sphere product line there.
And then, you know, fate jumped in and I met two of the leaders for IBMI AM business, Ravi Srinivasan and Sridhar Mupidi. So Ravi is now like the CEO at Voltero and Sridhar's an IBM fellow and they kind of brainwashed me and brought me into the IAM space and asked me to be the product manager for their active management portfolio there. Then time just happened to go on and I ended up getting experience with other parts of the IBM portfolio. That's where I actually met Marco.
First was at IBM, I had a brief hiatus away from the IAM space and then last year got brought back into it here at Palace. So happy to be back into the the IAM discipline. You thought you could get away, and identity has this habit of pulling people back into it. Yeah, you can never actually get away. Marco, for people who aren't familiar with Talus and the One Welcome story, can you talk a little bit about that and how it has evolved since Warm Welcome
has joined the Tallis group? Absolutely, absolutely, yes. So Tallis acquired 1 Welcome back in May the 2022 and 1 Welcome has been there before though for 11 years before being
acquired, right. Actually one Welcome is itself a combination of 2 Dutch based identity company, one Genie and one and I Welcome that is being competing for a few years and then merging up and becoming the fact that the largest identity player in Europe, which was an early mover in many ways in the science space, in the consent infused within the science
space. And even in the B2B domain that we're about to talk about today on both sides, there were flavors, so to speak, of B2B solutions being created. So when the acquisition came along, of course, there is a very nice match because Stylus historically had a very solid and very well known solutions in the authentication space. But was to complete the picture, to expand the portfolio to have a broader coverage of the identity spectrum with what I welcome, one welcome provided, right.
So it was a very good match with literally 0 overlap. And so it was July 2022, OK, since the acquisition happened and which which means that we are basically now 1 1/2 year into into the joint journey. For those not familiar with Tallis, it's a very large organization, right? It's it seems like at least maybe people in the US aren't as familiar with Tallis, but very large in in Europe and Asia and things like that I guess. Can you talk a little bit the size of Tallis group? Oh yeah.
Talus is indeed a very large company that spans multiple domains including aerospace, transportation, defense and one of them is what we call DIS digital identity and security, which is a very large part of the entire, the entire business. We have presence in 80 countries roughly, OK. And we are about 80,000 people overall.
Indeed we're having this conversation with you which you are in the US and for historical reasons maybe the US is not the country where we have strong brand awareness yet.
I would, I would add, OK, well in Europe, in Asia we have, we're coming from different again standpoints in terms of number of customers but most importantly awareness of where the what does Brandy's OK, I'm talking security here to these days Europe is slightly larger than US which is again just a reflection of the recent acquisition, OK, probably going
to be reverted very, very soon. Yeah, and despite my fanboy statuses, as Jeff pointed out, you know, the more I interact with folks from Talos, the more accents you hear. So you got Marco. He mentioned the Dutch, You know, start for one, welcome. You know, obviously Talos's heavy in France. I mean I've I've watched videos where I hear German accents and I mean it's all over the board. But we also have Jason clearly got the US accent right and I'm just trying to set this up as an excuse.
Again, I've been telling people you need to code your own and I came across this is how I found out about 1 Malcolm was. I came across a Cooper or Cole report on CIAM and they talked about this company. 1 welcome. And in my defense, I mean you look at these reports and there are a lot of companies listed. A lot of them are very regionally focused solutions. And if it's not the region that you know you spend most of your
time in, maybe you gloss over. So you may have been there for multiple years and I missed it, but going through that report, I was like I'm going to do some further research and then the more I dove in. So I guess the lesson learned is when you see organizations sometimes listed in those, it makes sense to do further research. But certainly I'm glad I learned about this because I really feel like this B to B space has been underserved.
I mean we hear about CIAM customer, I am and in a lot of the B to B scenarios, the business to business that that second B is the customer to that organization, it's their distribution network, it's their channel for how they get their products to market. But B to B could be more. And I also think that the term B to B can also have specific connotations based on the vendors using it. For example, you know Microsoft has AB to B platform.
That's not typically how I thought of B to B because of my background. And like B to B was really about channel. But before again not making this podcast about me and my experience me, ask Marco, could you just for the audience define B to BIM and explain how it's different from B to C&B to E? Absolutely happy to do that. It's indeed it. It requires a definition because different people mean different thing.
Is a bit of an overloaded term. So for us, B2B means of course a byproduct of the digital transformation. So let's set the stage first in terms of context. You have an organization. The organizations of course have relationships with other organizations, which might be customers, meaning B2B customers.
That's one type but in my will be that is a go to market intermediary is a good example for instance is just thinking for for a second around insurance is brokers, brokers are independent company which are companies made of people, OK. And they're not customers, they are in the middle before reaching customers, right. And so that's already second type of B to B organization.
So you are not B to B customers, B to B intermediaries, but you can even stretch it on the opposite side, meaning the procurement side, OK, or the of the flow. You might have AB2B suppliers, you might, you usually have B2B suppliers. They're never people, right? They're always companies, but all those kind of constituents now suppliers go to market intermediaries or customers vary
depending on the vertical. So for instance, I just mentioned insurance company and in the middle you find brokers. If you're talking of a manufacturing company that will be distributors. For instance if you're talking of a grocery company, you have that suppliers are the one that produce food that is going to be sold in the in the grocery store. So what I mean with that, it
changed the way you call them. It might be a supplier, it might be a go to market intermediary, might be a customer, but they all have in common that they are organization that with a high degree of volatility they keep coming and going or at least you need to factor in that you have some volatility and most importantly the people in there keeps coming and going again.
So you have two degrees of volatility, the number of companies and the people belonging to that company that are defining the boundaries of the B2B domain that you need to deal with from an identity standpoint. It's so fascinating when you bring up those examples. Those are real world examples of how identity fits into the
business. I know early in my career is like I I craved wanting to be close to the business and an important cog in what made the business work and understand how the business work and being kind of security and IT focused. It was I felt like it was hard to do until I found the space of the B2B I AM because really what you're talking about is like this is how we go to market. You're talking about a grocery chain, You're talking about this is how we get product on the
shelves, right? Absolutely. Indeed is is really part more and more of the way you operate to run your business, right. You really depend and rely on those third party. And the reason why we're having this conversation is because more frequently now than before, as an organization, you centrally operate some applications which are instrumental for the way you
operate your business. And those applications need to be delivered access to people which are not belonging to your application but rather to another one. OK. So this is in a way an extension from the traditional B2, E approach where you had people coming from the HR system and now being required to deliver fine grain access to some applications.
You now have that typically in a larger number of people belonging to a significant number of external organization that you don't know, they come in with an identity which is not as trusted as the one coming from the HR system. OK. So again, there are implications in terms of onboarding implication in terms of access granularity delivered, OK, which are specific of the B2B domain.
Yeah, you know, I think the other thing is even like from AI am a practitioner perspective, it's how do I build an ROI, how do I build a business case for making investment in my IM project. Well it's you increase revenue, you decrease costs, you decrease risk. So most security projects decrease risk. A lot of times you can decrease cost by things like reducing your password resets, doing more self-service.
Certainly everything we talked about reduces risk and you know by doing better security tools and reduces cost. But it also can be an increase in revenue. It can be an enabler of new business and certainly customer satisfaction. So what I found is like even in times where maybe money isn't flowing and you can't just spin off a bunch of expensive identity projects, B2B is still an area that you know CEOs are willing to invest.
And and this is Jason. I wanted to to bring this to you because you know, I, I feel like I just found out about 1 welcome recently and to me this is like a solution is the totally different than anything else I've seen in the market, right. This is an area I study again. So there's got to be a lot of
folks who miss this boat. Now, if you're a company that's doing business through B2B, if you're that grocery chain, if you're that dealership, a company with a dealership network or insurance company with brokers around the world or around the country, what it however it works, you've already built a solution, right? You're not, you're waiting for something to come along so that you could conduct business,
right? So if you've done that, does that mean that you don't need one welcome, Or you know how? How should people look at it? But it's an interesting point today as you pointed out when we talk about some of the B2B models that exist especially with kind of that intermediary, those business models have existed for decades, right. So yeah, they they already have a solution in place because they needed to build something in order to you know run, run their
business. But with anything that you do that become that may maybe starts from a roll your own type of solution that always comes with certain kinds of constraints that are associated with it. There's there's ongoing maintenance cost. Usually it becomes more difficult to update and adjust as your business priorities change or you need to adapt to new use cases. Not that it's impossible, but it it it comes with, you know, significant levels of
investment. And I think just kind of in the age that we're in now, you know as much as possible organizations want, want to use off the shelf tools where they can, right. It just it helps drive your focus on your business's core competency. And allowing others to specialize where they specialize and you can, you can take advantage of that.
So that's kind of the mentality that we actually take to on the one welcome side is listen, you've probably got some solutions that are already in place as a part of your identity and access management without how you're looking to, you know, manage users in your partner organizations. So OK, keep keep those in plate if they're working well with you and you know where where we can come in and maybe augment and add some additional capabilities to sit alongside those
solutions. That's what that's what we're looking to do as well. Basically you know kind of looking at the overall B2B landscape, it's a multi faceted problem that we're trying to solve. But you know we look to see from the the Italicide, you know how can we augment where you might already have solutions and adjust pain point that you're not able to address today.
You know one of those that we see most often is around the delegated user management part of the B2B problem where we haven't seen you know a lot of good kind of off the shelf solution for that. And you know, that's an area that we think we can definitely bring additional value in
ourselves as well. Yeah, that delegated management use cases you need to me that's the one that sticks out with a blinking light and you know you you can't ignore it when it comes to B. To B, it's for the most part everything else is. I think maybe the small gap, but it's that delegated administration. It's such a critical use case because it's foundational to how B to B works, especially the larger when you have larger organizations on the other end of that B to B transaction.
But you know, I think everybody starts their journey. No one just says we're going to build, right. They do their build versus buy analysis or they start out with we just want to buy something and the go to I think has been all right, This is people kind of get B to E&B to C, right. They're different. And I think people generally start down the B to C route, right, because they think B to B. Those people are outside of my company. So they're kind of like
customers. This customer I am, let me look at, you know, the authors of the world, the the forge rocks of the world. What's different about what you do than than those solutions? That's a very good question because indeed you, you you already touched on that, right? So B2B is slightly different and you can approach that coming from the B2 E angle or the Siam angle.
The the to me or to us, the answer is that actually is a combination of the two It cut across and as commonality with those two domains, Let me be a bit more specific. We assisted 2 customers which were now coming to us because they tried to approach the B to B problem assuming that as they already were running a governance solution, so they already had what they needed to manage the delegation process
for those external users. Well, it was the case though, it was completely lacking the onboarding part. So they found out the odd way that it was not enough. OK, they need something more and it was the other way around. Customers running already a science solution. So while we're good for the onboarding we can manage, we can build a user journey to onboard with the right level of assurance of users which are now belonging to our employees ecosystem. They are externals and then we
need to manage them. Wow. But now that means that we are managing that ourselves rather than being able to offload that burden on them on that organization one at a time, right, Delegating. So on both sides you miss something. OK. So it feels like the taxonomy that we are operating under in terms of identity industry since 20 years now, OK, is built around pillars, the governance pillar, the access pillars, now splitting the Siam. OK. Well, B to B is kind of cutting
across. It requires a flavor of multiple of those and that's why we are talking B to B here. But in a way it's a combination so to speak. Allow me of governance capability, light governance capability for what we call delegation management, that's where it's closer to, OK, very, very light, but still closer to governance than to Axis, OK. And you still need onboarding, so you need the two of them to do the job and hardly ever you find them combining single integrated solutions.
So back to your point, to reduce the need for integrations to renew the need for custom development, there are not that many products around which are already designed for this sort of use cases which are uniquely featuring that combination of capabilities. Yeah, I want to go back to this delegated administration because like I said, it's the the blinking red bulb of B2B and want to understand how you approach it. But at first I went throughout
an example. So this is a client that I recently worked with who had AB2B scenario where they were doing business with a large grocery chain in fact, and to do the delegated administration, they created an organization for each grocery store, right? And then if they had people who spanned that organization, they manually added that person to have entitlements over that specific organization. So there was no hierarchy, as I guess what I'm saying. And there's no dynamism to it, right?
If that person left, they'd have to be removed from each one of those organizations. The new person would have to be added in their place. That's not how you guys would have handled that problem, right? So, So Marco, do you want to kind of get into contrasting, you know, take that scenario and kind of go at it, if you would? Absolutely, with pleasure indeed.
It is at risk to become a bit too technical, but let me just make sorry, it's not going to be a technical in the end, no, but thanks for the example is indeed very close to what we really assist in terms of average case. Meaning you always have the need to split the ownership, the authority, so to speak, the scope of visibility of those delegated manager. That's one of the foundational need of B2B.
You need to allow somebody which is not in your companies in another company to be entitled to manage by himself the onboarding and the access delivered to people belonging to his own company. Though the company is not big bucket, single unqualified can be itself structured. So that's where the notion of hierarchy my kick in. So you need delegates and sub delegates which are splitting the task OK among them still belonging only to that specific
master company. Or maybe it's more complex, you have a combination of different business dimensions, so to speak. One is the organizational dimension, another could be a geographical dimension. So you might need to have a delegate which can manage people as soon as they belong to that company and are in Europe. And I'm just making a simple example, Your reality tend to be
more complex than that. That's why what defines a proper B2B friendly capability in a product is also the ability to win a point and click fashion model those different dimension to slice and dice the responsibility across different people. But doing that without creating a separate tenant for each organization, without even involving the AT to make it happen. If a new company, if a new B2B entity joins tomorrow, I don't want to involve the ATI, want a business user to be the one
onboarding that organization. That's the key thing. Who is the persona that you involve, not just to be deliver access, but to maintain the life cycle, the coming and going, not just of the people but also of the organization, the B2B organization in the first place? Yeah, I think what I wanted to make this one point and this might sound minor to people, but it's kind of a big deal because they, I think when folks look at solutions, sometimes they say oh you call you know, our
customers, organizations, right. And we don't use that term around here. Reject. In other words, your product can't do what we want because you call things things differently than we call them. And I'm not saying that's right, but it is how the human mind seems to work. One of the things that I noticed in seeing a demo of the product was that you can even change
field labels. You don't have to use the out-of-the-box terminology for things like organizations or really very many of the fields at all. You can call them what you want to call them. And I think part of that also is that you know you've got some language capabilities within the product. So I did want to point that out. Feel free to comment on that.
But I also wanted to kind of transition into a discussion around self-service and what are the kind of some of the keys self-service capabilities in the platform and how you go about addressing those? Yeah, well, that's indeed a very important feature. I just mentioned that to be addressing the right persona for the job is fundamental in B2B, in traditional solutions. And I'm back to the analogy with
light IGA or IGA, right? All you can translate is the name of roles you deliver for people. That's the ocean and ocean and the language. Sorry, the localizations. But as you mentioned, people tends to refer to those metaphors in different ways. So maybe we don't call them roles, we call them entitlements. Or maybe that's not a group in our language, that's the structure. And and you, you cannot come up with a dictionary which pleases everybody. There is no such a thing.
OK. So the only answer to that is to allow people to pick their name they like better. And again, how do you make that translation happen? It's something that you need an IT guide to translate that. You need this service engagement to reflect the language and to absorb that. It's also itself something that need to be managed by a non-technical individual.
I'm repeating myself in a way, but I think that the key to finding elements of the philosophy behind the solution we built is to not just reach feasibility, but of what we need to properly address B2B, but to have that feasibility be exploited be used to be leveraged by business people with no technical skills. This is the way by which you can refrain to even when you delegate somebody in a broker.
In an insurance example for instance that I gave, are you expecting that individual to be technical to manage their employees or to change the way the hierarchy, the structure of people, whether the organization in this broker is managed. It shouldn't be technical, right? It's a broker, it's coming from broker company. I mean that the level of skills is required to to feature. It should be adequate OK for for the scenario. Yeah, now what about the the self-service capabilities?
I mean, I think a big part of having delegated administration that works is not throwing all all everything back on the delegated admin who may have just an arm's length relationship with the end user, right? So people need to be able to manage their own profile, things like that. How extensively can an organization use Thomas Warm Welcome to extend self-service? Yeah, it's. It's indeed also a very
frequently required case. You have people on boarding himself, if you are on boarding somebody that somebody want to be owning. Is own identity attribute is a, is a defining tracks, right? So you can change the picture, can change different attributes depending on the implementation. Which extra attribute defines you? And you also maybe need to request for discretionary access? Maybe you're given access automatically out of your attribute sets.
So actually based authorization applies here of course, but maybe there are a few of them which are depending that cannot be automated, right? So that's another notion of self-service. You are allowed to request if that the configuration that our customer requires to you're allowed to request and then to follow an approval process before being delivered a given access. OK. So self-service applies in attributes and access equally. OK.
In which flavors in which your level of granularity of course varies depending on the specific customer needs, but it's consistently pretty much all the time among the requirements that we are tasked to task to fulfill? Jeff, if you don't mind, I'm going to keep going. I'm just, you called me out. Fanboy, right? But I'm excited. About the Roll with it, baby. Roll with it. All right.
I'm going to switch over to Jason because Jason we've been talking a ton about B to B, you know identity management, the delegate administration, things like that. Does the toss one welcome IM solution just cover that or are there other capabilities that you know or other products or solutions that Talos makes available that how does this all fit in beyond just the identity? Yeah.
So the the one welcome identity platform Jim is but I refer to it more as kind of like a comprehensive access management platform as Marco mentioned the you know the heritage that you really have been in the CI AM space, you know CI AM covering, you know all types of different external users in this case. So the the delegated user management or the identity management is definitely one key component.
But other things that you would expect in the platform doing you know single sign on session management kind of traditional access management capabilities are are definitely all there too. All different forms of authentication, multi factor authentication as well as authorization at different levels. And especially in the B2B context that we've been talking about here, authorization becomes kind of a a key component of the the overall solution.
And it's and it's not just about defining or governing the authorization policies, but being able to have kind of that dynamic contextually aware decision engine as well that can integrate with multiple different, you know, policy enforcement points to to ensure that those authorization
decisions are are carried out. I've got to imagine that you've run into all kinds of scenarios where somebody's more or less, we'll call it Greenfield. In other words, everything so legacy that they want to replace the whole stack. Then you probably have scenarios where somebody went out and bought, you know, like a Ford Rock or an off 0. You know, we should say Octo or a ping to do the authentication side of the house and maybe need the identity.
Or they build a custom app that they're really happy with and now want to do, you know, a strong authentication with an identity verification solution. So is is the platform? Is the solution kind of flexible that you can do parts and pieces? Or is it all or nothing? No, absolutely. It's it's flexible because I think as you said, I mean we run into you know customers and and prospects and and all different kinds of scenarios.
You know some that are looking to as we talked about earlier augment what they what they have to solve kind of a very specific slice of the problem. Others that are you know maybe looking to to fully replace and that's fine too. But then there's others that are more Greenfield, which you know, we haven't talked a lot about here, but you know Marco mentioned earlier on around kind of that overloaded buzzwordship digital transformation kind of driving some of the B2 BI mean.
So as as more businesses are you know kind of digitizing their operations, we do see some that are venturing into areas that you know of, you know new ways that they want to do business and engage with other organizations, what I refer to as like these collaborative networks. And in doing so they are looking for you know a solution from scratch or or or in in totality right.
And then in that case you know we we try to help them not just with kind of the piece meal parts or the the individual modules but bringing together the the entire solution as well. Yeah, one thing with this episode, you know, in looking at the one welcome tallest solution or tallest one welcome solution, I I felt like there's just so much there that I was afraid of like, hey, let's talk about these ten different things and spend 5 minutes talking about each one, including B to B,
right. So we're focusing on B to B. But I also wanted to mention like this, this piece I saw was called It's Me and it was like identity verification and then the fact that you're a company with roots in Europe, European Union, there's just such a heavy privacy focus as well.
So I think if you know, I got to think that you know either from an industry perspective or somewhere somehow your company footprint is geographically, you know, where things like identity verification, things like privacy really jump out. I mean, do any examples come to mind for you of that?
Yeah, absolutely. So I mean the concept of privacy is I think it's just in in our DNA as as we've said, you know one welcome comes from the heritage in Europe and you know, very much focused on supporting complex privacy regulations like GDPR, right. But beyond that as well Palace as a whole was very much focused on you know emerging things in the identity space like self sovereign identity as well.
So you mentioned you know like it's me which is you know one of the the European identity, the Eids that that that exist in in in Europe each one of the different countries have kind of their own national electronic IDs and so you know that being able to consume those so that citizens. Or or users can bring their own identity with them. That's the core part of the of the platform as well.
And you know Talus I think of the whole embraces that you know other parts of our business inside the digital identity and security business line that we have focused on things like digital wallets and mobile driver's license. We actually are the supplier for for those for a couple of the states in the US here as well for the the mobile driver's licenses that they have And identity is just kind of at the core of everything that we do when it's foundational.
And so you know protecting the privacy in that in that sense it's been very important. And when we look at the One welcome identity platform, I think there are some kind of key features that we focus on as well to support this for organization. The consent management is an
absolutely critical piece. So whether that's at the document or the attribute level, so you know, making it easy for either administrators or data privacy officers to be able to manage the life cycle around different types of consent to be
able to keep up with regulation. But then also to the point that Jimmy were talking about with self-service, it's about making it easy for end users to to be able to see what consent they've given and actually manage those, maybe remove those as well as, you know, their preferences change or evolve. And then another key part around privacy is around the focus on data security and encryption. Those that are familiar with Talus in the cybersecurity place in the cybersecurity space.
This is where Talus has made its name. A lot is on the data security side. So we're very well known for our HFS and key management solutions as an example. And so we've actually built that heritage into the one welcome identity platform as well allowing even though what we deliver is a public cloud fast solution like a multi tenanted solution. You know we give different options for people that want different levels of control as well.
So maybe you want a dedicated instance in the public cloud environment, so we can do that. Or we can support use cases like bring your own key and hold your own key again, that give those organizations more control as well over their data and who might potentially have access to it. That's fascinating stuff. What I also wanted to kind of transition into in terms of the discussion. So I think you guys get lumped into CIAM.
So here's the thing I think is like when I look at most CIAM solutions, they say here's the stack. You bring over your users and you populate our directory with your users. We don't care how it gets there right now. So that's the whole B to B part, but there's not analyst reports on B2B. So where do you put one welcome, you put them into the CIACI AM
function. So given that distinction, when we talk about the analyst reports, and I'll bounce this one to Marco, where do you, where do you end up positioned in the analyst reports and what do you think factors into that positioning beyond kind of the things I said?
Yeah, well, in this right, there's no B2B report, right, not specific though we we're happy to report that the latest Garner Magic Quadrant was calling out already from the abstract in the front page the B2B relevance as an increasing aspects that Access management need to be qualified against, qualified with, right. So actually, this is an interesting and interesting and very, very happy finding from
our side. So that is now I would say, finally, OK, gaining recognition in terms of relative relevance. Why I'm saying finally, because we have been in the space for five, 5 1/2 years now since we started rebuilding our B2B solutions, but a bit struggling in even having a unified way to call it. Now we call it B2. BAM, we're already doing that today, right.
But if you check what happened up until a few years ago, it was partner AAM, guest user management, there was all sort of naming to reference what we now call better BWAM.
So back to your questions, we are indeed consistently present in the major analyst reports talking of the Garner one which is the magic quantum for access management, the site we are in the in the visionary space also because it's a reflection of what we just said, right, that we came in along with the acquisition of 1 Welcome, a European based company.
So we are literally on the right side in terms of vision, but still being primarily European in terms of heritage, not in the leaders quadrant for the ability to execute which is what we look forward to enter with the next edition.
OK. Out of the execution which we are already assisting, assisting and again coming from Europe, of course we have an historical presence in the Kufinger coal leadership campus which publishes the access management of the Siam. We are proud of leader, market leader, visionary leader depending on which one on you
pick. But we have definitely we are definitely as you mentioned present there along with other vendors which maybe are historically not so visible in the US OK. So we are maybe more than most, most of them even more now, so because of the of the Talis of the Talis acquisition. So, all right, I'm going to
throw you a curveball marker. Not because I want to try to stump you, but because what Jason was talking about with the authentication and I thought back to my experience with B2B identity and authentication, one of the most important parts was, OK, here's the scenario, I am an employee of that second B. So one of the customers or one of the suppliers, now you know the the organization, the main organization, the first B has a contract with their customers or suppliers, right, Maybe they
have contract codes and things like that. They don't have a contract with necessarily those agents of of that second B, the people that work there. But the second be those people are the ones that log in. So they need to bring with them attributes of the organization that they work for. Some other words like what I would call inheriting attributes of that object or you know, gaining entitlements because of belonging to this organ.
See, to me, this is one of the most complex things, and it gets that delegated administration. But it's not about administration, it's about authorization, right? So is this something? Am I just babbling or does this make sense to you? This is something you see. This is something we definitely see, and again is a perfect example of spanning multiple traditionally siloed domain, right? So to answer this kind of scenario would involve a part of a Federation story.
We federate with your ADP of the second B and we carry along as part of the way you get in some attributes of your identity record. Which one? The one that we need to identify you or maybe also some of them? Some of those that we need to authorize you the right way?
Because there is an attribute based authorization automations of what you now need to be get delivered with OK, which can be automatically computed out of where you belong in terms of geographical placement, organizational placement or other attributes, right? Or maybe it's more complex than that, it's contextual. So it's partially due to what you are out of your identity record. OK, but maybe also out of what how you relate to other people
or to other entities. We have cases where I'm allowed to operate as a delegate on another user only if we were jointly working on the same contract before. What was the contract? The contract is not an identity, yet another entity that has nothing to do with people, right? So we are now entering the domain of managing fine grain authorizations out of relationships between entities which are beyond the the
identity realm right? Are entering the business object model of what the business operates under, right? So I think that might be a bit of a complex answer, but that's why you trigger me. Sorry, this was your fault. It's not OK. It's perfect. It's kind of what I was looking for. But I the reason it was a curveball, I think Mosley was because of the placement of it within the show.
But it just kind of struck me. I mean, as we're having this episode of having flashbacks, good flashbacks, we are running a little long. So I wanted to kind of bounce it to Jason to talk about, you know, where are things heading? You know, where is this one welcome platform? What are the future opportunities for growth in the identity space for for Talisman Malcolm? Yeah, Jim, I think you know the the the B to B phase is an obvious one. That's what we've been talking
about today mostly. So you know we see that as kind of a Nathan market opportunity or a Nathan industry and you know we kind of we want to be at the forefront of that and and help shape what the industry sees as a whole as kind of the the right way to do B2B. I AM and we don't want to do that in isolation obviously we want to, we want to partner with other vendors and clients in the in the industry to help help evolve that. So that's that's an obvious
focus area. But in general we've talked about Tallis and our heritage being in you know not just in the fiber security space but in other highly regulated industries. And so towards that end, you know we have a particular focus in the BFFI segment, so banking, financial services, insurance, which fits very nicely into a lot of the capabilities I think that we offer both for the, you know the identity management side, but also the security
aspects as well. And then another focus area for us is kind of the continued evolution of authentication and password list in the industry. I know Jim and Jeff you spoke to one of our colleagues, Pedro Martinez back at the Authenticate Conference in October episode 242, if I'm not mistaken a little plug there for you. And you know Pedro is one of our subject matter experts in the area of password list and pass keys.
And again, we think that this is going to reshape the the industry around authentication, making it not only easier but more secure. So again that's that's an area that we're going to kind of continue to invest in as well. And then the last thing that I would just say is Talos made another acquisition at the end of last year of Imperva who you guys might be familiar with like in a data security and
application security space. So we see a lot of synergy possible between the identity space, the data security space, the application security space. So you know, we're spending a lot of research and investment dollars there as well on how do we, how do we address new and emerging use cases by bringing identity and data and application security closer
together. So it seems like Thomas is really kind of developing one welcome as this force to be reckoned with in the industry and I appreciate the plug. Thank you very much for for plugging Pedro show. So well done professional podcaster Jason. I don't listen to this conversation. I didn't want to interrupt fanboy Jim really geeking out about this stuff because he has so much experience in the space. But it got me thinking that, you know, a lot of this sounds
difficult to do and do it right. And I guess I want to close the conversation out on what does it actually take to implement something like this. So if I'm going to deploy 1 welcome for my use cases, I guess what does a typical implementation look like? And I know that's a loaded question because the consulting answer is it depends. But you know what? I guess, kind of briefly walk me through the process. What does it take to set up, What does it take from a resource perspective?
You know, if I'm a customer, what should I be bringing to the table for like roles? Is it all technical people are there business analyst, business representation? Do we get the actual B to B people involved as part of this? Help me kind of understand what it takes to deploy something like this. And maybe Marco, then, maybe that's a question for you. Yeah, happy to.
Happy to address that. Of course I can answer along the line of what is the approach that our partner system integrators are following the the methodology they usually follow basically split the task into two parallel threads. There is an onboarding orchestration thread.
So how do we get the people in, what is the user journal like what form of authentication, is there any verification involved, is there any, is there any look up in some back end system to make sure that you are really you OK. So that is more on the science side so to speak. OK. In terms of task, in parallel to that there is another work thread potentially and very often led by different people, which is around how do we model the split of who can manage and should be managing whom.
So what is the delegation model? So how do we segment out of the identity record the scope of responsibility, OK of different companies, different product line, different Geo. What belongs to the segmentation which is now the technical conversation is more of a business process and business model type and also along the same in the same thread what kind of persona are we looking at? Do we have a delegated manager, do we have a partner manager.
So somebody who's also really job is to on board partner but not people. I mean these are the two parts. So there is an on boarding thread in a delegation management thread. Those are the two things usually in parallel. Very often the phased approach misused at least to reach a first release which is meant to show the value and to tune later on that what need to be adjusted. This first phase is what we call a minimal lovable product. Minimal lovable approaches in
the three months range usually. So Jim, got to throw a curve on that. Throw one more. I'm listening to this. I'm an IM practitioner not to listen to those podcasts. What is the hardest thing about this sort of deployment and what are things that I should be thinking about as someone in the IM world out in the business? You know, whatever it may be practitioner to say, OK, I'm this sounds really interesting. I need to plan around this thing because it tends to be the hardest part of an
implementation. Can you get my for any guidance on that? The hardest part, I mean, so for us usually the hardest part is to get identified as a provider of that solution that actually exists as a market solution and they don't need to reveal that from scratch. So the hardest part for us is actually to be called in rather than to deliver the thing. OK, maybe I'm not dodging the question. I'm just literally commenting on what is the hardest part for us so far going into once we're in.
So now we got selected say right and what is the hardest part? The hardest part is usually to well you you in a way I do revise A resemblance with IGA, OK, is to understand and to help our customers in structuring, OK. The the segmentation of who can do what? OK, in a unified format, OK, because not necessarily that was thought through before and there was no need for it, OK. The fact that you had an help desk, it means that that logic was in the brain of the L desk people.
It was not built in the solution that now can handle that. So you need to transpose that logic from what is the business as usual approach of delegation management onto a tool which is allowing you to do that. But now that you have a tool, you need to understand the metaphors and the configuration option offered by the tool to absorb your requirements.
So it's more of a logical conversation that a technical one, which demonstrated to be interestingly more challenging than maybe integrations with exotic systems of all sorts or federations with third party ADP and so forth. So I think that kind of was what I was thinking about too. Jason, what do you have as far as what do you think is the hardest part of a deployment? So, so I would add to what Marco said and look at when when these projects are going on.
It's not just about implementing the tool specifically, but it's about usually some kind of an evolution of the business process at the the organization and the tool here is only one part of that that's kind of helping that out. So typically there needs to be some kind of a rollout for your the B2B organizations that are that you are interacting with.
So there's training that needs to go and and happen on you know what is, what is the new philosophy, what is the new approach for accessing the the applications or for managing the users. So it's kind of that that distributed training of the end users, obviously everything needs to be intuitive, but ultimately you might be changing the way that your partners or that those different organizations are interacting with you.
And so that becomes kind of a a part of the overall project or the overall life cycle, not just the implementation of this, this one particular part, it's usually part of a a larger deployment project in general. I love those tips because I think those are things that are real world valuable. So I appreciate that we've got a ton of experience, you know, on this conversation between the four of us.
And I want to close out on a lighter note, and maybe not necessarily lighter, but more informative note, let's put it that way. Or recommendation note. What's a piece of advice that has stuck with you throughout your career? Marker. Why don't you go first all? Right, Yes. So the best piece of advice I ever received over my career is definitely from one of my early manager in the identity space. OK, the name name is Marcus J Krauslow.
Let's give him the credit, OK? Which apart from being a great salesman, he was very wise in many ways. And his advice was if you're good at what you're doing you're making, you should be aiming to make yourself redundant. Meaning you should be teaching to others what you're good at so that they can do that without you being involved. OK, so that was a very sticky thing and I think makes a tons of sense. So that's what I feel like sharing. I like that.
That's good, Jason. How about yourself? So yeah, thinking about this, that's a good question. So one of the things that comes to mind isn't necessarily kind of one in one advice that I have been given, but from an executive leader from my prior organization had seen them giving, you know, an internal talk on what does it mean to be a good leader. And he talked about the seven CS. Now, I don't mean bodies of water, but the action like the the letter C so.
So he mentioned seven things. Confidence, calmness, committed, consistency, clarity, constructive and compassionate. And it always just stuck with me. So I actually have a post it that I have on my desk. I'm holding it up here. You can't see that on the podcast. But that used that as a reminder to myself every once in a while when I'm like, you know, am am I? Am I doing the best I can to be
a leader in this organization? And I kind of go through the checklist and see where where I can improve along the way. So that's kind of stuck with me. That's another fantastic big that's that's going to be a tough one to top.
Jim, how about yourself? I I can't top either of those, but I will go back to I think this podcast put me back to my late 20s self rolling out my first Identity project, which was AB to B identity project and my CIO at the time, John Stout said just always do what's right for the company. It seems like such simple advice, but I remember back to times where there were people who were with the company 30
plus years. Right now I'm sure they're doing what they thought was right for the company, but they were very resistant to change, didn't want to become part of this B to BIM solution. They wanted to do things the way they had always done. And as Jason can imagine, they were from the mainframe era, right? And they ran the, the order entry applications and things like that, that the dealers used and they webified the mainframe essentially, right. And they didn't want to become
part of the IM solution. And what would have been easier for me would have been just to keep the peace and kind of try to find some kind of watered down compromise solution. But that was not what was right for the company, was right for the company was to move forward and provide a better experience, more secure experience, all that to our customers. And so I used that advice. We ultimately did. Now, I'm not saying that we took an uncompromising position because that rarely works in life.
But truly, if you just use that mantra, do what's right for the company, I think more times than not you'll do what's right and it will always be defensible. If you truly believe that what you're doing is was the right thing for the company, then you know in the end that you followed your your guiding principle. Jeez Jim, that's pretty good.
Let me see for mine. So you kind of stole my Thunder but I'm going to shift to a different one because the my my thinking was is you can always get smarter it's OK to get smarter. So that idea of evolution and, you know, just because it's the way we've done it in the past, doesn't mean we have to do it in the future. And yes, mistakes will be, hey, that's part of life. How do you get smarter? So you stole kind of my Thunder
on that one. I'm going to go back to my restaurant days and restaurant manager I had his name was Bill and we were just about to open up this new bar and, you know, staff meeting, hey, let's get everybody together. And I think one of the things that stuck out with me and this is, you know, decades later, the customer is not always right, which I found fascinating because I had worked in food service and restaurants and bars for years at that point.
And you know, the customer is always right. It was like, well, no, the customer is not always right. Sometimes you need to help your customer figure out what they need to do. They may not know, you know what is in their best interest. And I I will just go back to that because it's been such a, it was so ingrained in in that business and customer service was like, oh, the customer is always right. Well, no, not necessarily.
You've got to figure out how to help the customer move forward sometimes and kind of I think goes along with kind of what you're what you were saying Jim as well. So, so that's my customers. I thought you were going to say your your ranch dressing is not always the most important thing in the world. That is definitely another one of the things that I've learned. 5 table section shout out to all my chili heads or former chili heads out there.
A 5 table section at Chili's on a Friday or Saturday night is no joke. Hardest job I've ever had. Learned a lot in restaurant business. But yeah, so you learn at that point the ranch dressing is not the most important thing in the world. OK. I think, I think we've we've covered a lot of ground as part of this conversation. I think one thing that's going to be helpful for folks is the team from Tallis, when Welcome is going to be at a few different conferences throughout the year.
I'm looking forward to see them at a few myself. So they're going to be at Gartner's I Am Summit, RSA Identiverse, Cooper, Cooper Cole Conference. So we're going to get a chance to to meet the folks there as well as Jim and I head up to those, but definitely reach out to Marco, reach out to Jason. We'll have links to their LinkedIn profiles and our show notes, as well as a link where you can check out more about the Tawas One welcome solution. That website againcpl.tawasgroup.com,
cpl.thalesgroup.com. It'll be in the show notes, so easy to click on there and definitely appreciate you guys, Marco and Jason for for being part of this. Marco, I'll give you the final word, followed by Jason. What's 1. One thing that someone should take away from this conversation Who's been listening? Well, that B2B exists. It's no longer a blind spot, OK? You have solutions, Good to go to make that easy and doable in a matter of weeks. OK.
That's the take away from what we just discussed. That's good, Jason. How about yourself, Final World? Yeah, I think, you know No2 situations look alike in the in the B2B world or that that might be the the case on the surface. But there are lots of patterns and lots of institutional knowledges that have been built up to help you solve those problems. So don't go it alone.
Look for help and there's many across the industry who are willing to jump in and lend a hand and lend their expertise. All right. I can't stop that. So we're going to end it there for this week. Appreciate everyone for listening. You can find us on the web, IDAC podcast. Got Pod. Nah, that was terrible. Let me do that again. Appreciate everyone for listening. You can find us on the web at idacpodcast.com, at Twitter, at IDAC podcast and Macedon IDAC
podcast at Infosec dot exchange. So with that, thanks everyone for listening and we'll talk with everyone in the next one. You've been listening to Identity at the Center. We hope you've enjoyed the show. Make sure to like, rate and review and we'll be back soon. But in the meantime, hit the website at identity@thecenter.com and find us on Twitter at IDAC Podcast. See you next time on Identity at the Center.