You're listening to the identity of the center podcast, this is the show that talks about identity and access management and making sure you know who has access to what let's get started. Welcome to the identity at the center podcast I'm Jeff and that's Jim. Hey Jim hey Jeff. How's it going? Not so bad yourself. Good hair just got back from a week of vacation. I took my family to Orlando to the land of the mouse and stood in a lot of long lines.
We were supposed to be a 50% capacity, I honestly couldn't tell felt like the lines were longer than ever. That's, you're a brave person to take that. Annie, I know you'll you and I work, I talked about earlier today and you weren't able to actually get onto a lot of the I think attractions because they were sold out ahead of time, right? Well, that's the, something is sold out. But now, it's even though you have a paid Park admission and you have, you know, you prepaid
to be gone. All those attractions, you have to reserve them using the app. So word to the wise, if you're going to Orlando for Disney and All the parks, download the app reserve, your spot in different attractions ahead of time. That's probably a good idea. I think so, I was able to actually switching topics real quick because this is going to hopefully get me into a spot where I can go elsewhere, as I finally got my first covid shot, so I'm very excited about that.
So I'm only a couple of days into it. Everything's been fine. So so good deal. Oh, and you know, my story, I went to get my shot and it just happened that it was right? As they stopped giving the Johnson Johnson shot and that's what they have lined up for me. So I get turned away. Yeah, well I mean I guess an abundance of caution is probably good but that's got to be disappointing. Yeah, well I'm out there are scouring working to get my shot now.
So we'll see. It'll all work out in the end. I'm sure. I'm sure it will. So why don't we shift gears a little bit and maybe Taco. But identity, access management we're going to introduce our guest in a minute. But before we get to that subsume, some kind of, you know, odds and ends that we've got out. There, we still got a universe. That's still taking place June 21st to 23rd. It's in Denver, but it's also online.
I know we talked about this originally, maybe a few weeks ago and I was like, no way I'm in my going on-site. Well, now that I'm actually have the vaccine and I'm scheduled already for my second wife, right. Maybe I think I think I've gone from zero percent chance to 40 percent chance that I might try to attend in person. Has your thought process, change the now because I know that you were kind of looking forward I was looking forward to it.
And, you know, I've got to get at least gold status on Delta Airlines or my life is meaningless. So, I've got to start traveling again soon, Jeff soon. So the only reason you're going is for that phrase for the mileage as status, uh, the status, mainly the status of Tennessee, who cares about the identity stuff.
And I mean, you have to admit, as well as, as a former Road where you have to admit that, you know, traveling without status of you, you know, going and are A line to save a couple of bucks and you get treated, like, not as good. It's not leave it at that, not as good. Yeah, you know, it sucks. But I think traveling some of those things where it's, it's hard to at the very beginning because you may not have a cumulus ask, but once you've got the status, it's actually not so bad.
At least, you know, from my perspective, I do like to travel but it's certainly a lot easier when you're, you know, constantly getting upgraded and you've got things like, you know, Club, memberships and hotel statuses. You can kind of get late check-out. It's an early check outs and then obviously that bleeds over into, you know. All travel which is great too. So, I certainly miss that, you know, I'm gonna have a hard time achieving any type of status for next year, based on this year.
So hopefully, hopefully the travel status God's will be kind and extend a little bit more. Imagine showing up at the airport and going to check a bag and they said that'll be $40 at sorting it's like 70 or 80. Now I think at least always right yeah it's ridiculous. That's that's why I'm a fan of the one bag. Pavel. So if I can get everything underneath underneath the seat in front of me even better. So, you are a fan of doodads, an evangelist of doodads and of one bag.
Travel, gotcha. You got it, right? Yeah. I certainly have a bag clutch, and that is for sure, but enough about that. Why don't we talk about identity management a real quick that took place on April 13th, which is a Tuesday and it will be last week by the time. Folks are listening to this. Want to give a congratulations out to Tom Malta. Who was awarded the Evangelist of the Year from Navy.
Federal Credit Union. And then also the city of Boston, which is kind of cool, which was the winner for the organization of the Year. Always interesting to see. I think a government service, when a organization of the year for anything. Because you don't really typically associate efficiency, you know with that. But it sounds like they've done, a great job of kind of getting the, I am space into a much better position maybe than it
has been. Not that I have very much familiarity of Boston, but I think any recognition is probably good. What do you think? Well, very big kudos to them City of Austin. Congratulations. You know, that, you know, behind the scenes when that anything like that happens, you know, there are individuals who worked to burn the candle at both ends to make things happen. That's fantastic.
I know Tom from my past and my career and identity management, he's a great person and I been seeing mostly, you know, recent interactions with Tom pin through Linkedin and he's doing a great job. All those really being an evangelist, right? So that was the award that he received. And I think it was well deserved he's getting out there and making sure that, you know, people are staying up-to-date with what's happening in the industry, and I think he's been doing a great job at it.
So, very good picks, I think and big, congratulations to both yes, aggressive, both winners, maybe at some point, we can try to get one or both of those guys or at least representatives from the organization's to be on the show at some point. So why? Don't we talk a little bit about what we're going to get into today and that'll give us a chance to introduce our guests. Our topic today is around the convert converged identity and access management and to help us
with that conversation. We've got Arun Singh. He's the CEO and board member at. I Lantus. Welcome to the show Arun. Thank you so much, Jim and Geoff. Thanks for having me today. Yeah, thanks so much for joining us. And you know, I think one of the things that we want to get into is really what, you know, how the market has been responding to a few different. Things, especially in the identity space, we've seen a lot of Acquisitions. We've heard things about zero.
Trust will probably get into a bunch of different things like that but you know, seeing as how this is your first time on the show with us, our first question, always lines up with, you know, how did you get into the identity and access management space? Is that something that you chose or did you choose it? So in my case, it was both actually. So when I started my career as a practice had for application security, during that time identity and access management was Pretty hot.
So, I chose that to start building up that practice. And you may not know, but about 20 years back. When I was at Wipro, you know, we had actually created our own product called Wipro web secure which got listed in Gartner's magic quadrant. So there was a lot of Buzz around that the single sign-on access management, Enterprise SSO, all of that were you know so very popular but later on I moved. To look at all different aspects of cyber security including identity and access management
of course. But Focus was all across IMS, all across, cyber Security Solutions. And later when I move to Accenture as the managing director there, I built the cybersecurity managed services that was covering, you know, end-to-end cyber Security Solutions, and identity, and access management was one of the core pillar. Their sin was the story at you,
why? Where I work as a partner and there, we created cyber security as a service offering and digital identity as a service, which was my favorite. You know, pillar where we build that entire solution from scratch and the quad multiple customer, and very interestingly in my current role, when I joined Islanders as the CEO. So I'll enter that had been focused, you know, past two decades on identity and access management. And this time, I will say I am chose me.
Okay, to be able to you know, come and come back home. So it was kind of a full circle coming back to I am and that's my full project Focus right now. That's an interesting story. You know. So what we want to talk about today is this trend of convert the convergence of I am and you know I've been in Jeff and I both getting the I am space for over 15 years and you kind of seen the industry go from sweets to best-of-breed read and back to sweets.
And you think back around 15 years ago is when Oracle started buying best-of-breed Solutions and pulling them together into a sweet. And in a way you could call that a convergence of I am. But I think the the trend in convergence of I am today is about making all these parts and pieces work together seamlessly. So I really wanted to talk about or have you talked about how you see this?
I mean Your company kind of coined the term compact identity, maybe you talk a little bit about what that is and you know maybe key off of what I was talking about there with the convergence of. I am being more than just a suite of different solutions for each of these you know single sign-on identity, governance and thing and privileged access management. For example yeah so this is very good question and in fact of you have so much focus on the
convergence. So let me Start with your first question that why we call our product as compact identity and what is, you know, the meaning of compact identity. So, basically, when we coined, this term compact identity that time convergence, you know, story was not that very popular, but when I'll enters created this product compact identity, the idea was to bring all the components of identity into a single platform and compact them together to create a Platform.
That's how we started our journey. And if you look at that, why we chose to create this compact identity solution. So our experience has been, as you rightly mentioned that in the beginning, it was a very simple requirement for identity and access management people who are all looking for single sign-on solution.
Then slowly, the provisioning de-provisioning came into picture, then the role engineering came fine-grained access management, multiple different Type of authentication and authorization Solutions, which came up like are back context-based, you know, access and attribute-based access management. And then very recently this identity governance, identity, Administration, and Pam, all of
that came into picture. Now, when you look at, from any customer perspective, so on an average, any client need to choose a minimum of five to seven different. I am product. And then stitch them together to be able to meet the control requirement of identity and access management. Now, this approach is not just, you know, brings lot of complexity from integration perspective but also managing so many different vendors. It's a highly cumbersome activity.
So, when we were looking at this market and what are the gaps, okay, we thought about this problem to create a platform ground up And we can converge the full Suite of excess management, requirement the full Suite of identity governance Administration, requirement. And then create a platform where client don't have to buy multiple tool and they can buy one platform and using that you can you know address your I am a requirement that is another element.
Also I would like to highlight here is that if you look at, you know, application onboarding onto I am platform, so traditional, Coaches that were first to deploy an access management solution whether it's a doctor, Microsoft, any solution you pick up and then you on board your thousands of application onto that access management platform. Then you need to repeat the same story with IG a solution.
So any idea tool you deploy and then after you do the same thing and then the third is when you deploy the Pam solution, privileged access management solution. So again, the same story need to be repeated it's not just time consuming but it's also Most intensive. And that's the problem which we are solving with the help of convergence of, I am Solutions onto a single platform, what we
call compact identity. You know, it's really interesting because it's almost like the definition of insanity, right? Doing the same thing over and over. It's like, okay, we just went through our integration of, you know, X number of systems through our access management platform. Now, we got to do the same thing for IGA and now we've got to do same thing for Pam and, you know, maybe there's things that you're doing through Sim integration right for analytics
and etcetera. Ra. So I think it's, I think it's interesting point you bring up one of the things you mentioned before was also this kind of as a service model. And I think there's we've seen a lot of organizations that have expressed a desire to move away from on-premise type Solutions, right and even if that on-premise really means virtualization they really want
to go to something as a service. So that's kind of what I was thinking is, you know, maybe we can cut kind of talk about, you know, what have you seen from your perspective when it comes to as a service model? Yeah. So as a This model is started catching lot of momentum, past 56 years. And when I was working at Ernst & Young as a partner, so we actually decided to build the entire cyber security as a service model.
And the reason for building up, you know, as a service model was because it actually cuts down the time to deploy the solution, the time to value is one of the co-driver and traditional General model will require you to buy the tool. You need to By the infrastructure deploy that. And the amount of time it takes for any large organization, like procurement cycle. Etc. At to be able to deploy a test and then roll it out. All of that can be cut short, okay?
Because you have the base solution available in the SAS model, but apart from that, there are two other reasons. I'll know mention which are very prominent which are driving this as a service model. The first one is, you know, very easy, upgrade and maintenance. So in identity and access management to, you might remember that deploying a particular version of the product is just the starting of your opening very soon. You will find the product, vendor will come up with the next version.
And then upgrading from the old version to the new version is a full-blown project. It's not just changing the product, but all the integrated application, you need to take through this entire journey and where you need to retest all of that. And if this had been a constant pain in the The streak, the SAS model, or as a service model
actually takes away. This major pain, we are product vendor as a vendor, we can upgrade and building the new version new feature functionality without, you know, breaking the entire, you know, Continuum of integrated application onto the system. So not just lowers the operational cost but also some of those implementation value, you can avoid and also that, you know, the team and the talent which is required to upgrade the system, all that is.
You know, kind of you can get rid of and then, you know, the second more most important factor which is driving as a service model adoption is, you know, the operation from anywhere or, you know, you can call it as a driven by the pandemic. The cloud first, or Mobility, just kind of, you know, initiative where there is a clearly defined business need where we need to enable our employees, the contractors and business associates to be able
to access system. From anywhere and from the cloud adoption perspective. Having this as a service model actually brings lot of facilities because you can bring the I am discipline to all the SAS application, the identity and access management. You know, controls can be applied to all those SAS applications seamlessly. And that's the, you know, kind of main advantage why people are adapting to as a service approach.
I think one of the challenges that I've seen with the as a service technologies that are that are out there Especially if they were not originally designed for as a service. Is that the feature parity is not exactly there between an on-premise solution that might have been there historically versus maybe the SAS version of that product. A lot of times we see organizations that may be of customized a lot of their on-premise solutions to meet
particular business needs. And when you start to shift into the, as a service model, you know, you really have to figure out, you know, how can you adjust your business processes to meet the capabilities that are Actually available, you know, in the new versions of those products because it may not be as customizable as you might be used to. I'm curious as what your, your thoughts are on.
That kind of feature parity that we've seen between different, you know, vendors that are out there and maybe they're not quite exactly the same, but maybe good enough is good enough, you know, for now and you know what your experience has been in in that specific area around features. So I think this is a very strong observation which you have and the way I would like to Define it as that that there are two kinds of products which are there in the market, the, some
of the Legacy product, okay? When they found that cloud first strategy is being adopted by majority of clients. So they actually upgraded the new feature functionality to support cloud and there are second category of products, okay? Which are Cloud native and those other products, which were born in cloud, and there's a very clear cut difference. You will see as you implement those solutions that cloud native.
Lucian's, they adapt to various different feature functionality and the cloud services seamlessly but where you are trying to patch on those additional features to just make it compatible with the cloud there the integration implementation and integration poses several challenges.
So I would strongly recommend that, you know organizations who are looking for the as a service solution they should look at whether the product vendor is cloud, native or They are trying to get onto the cloud as after Mark. Yeah. That that's a really good point.
If if it's okay, I'd like to pull the discussion back to kind of the industry Vision or where the industry is adding kind of talked about that in terms of the convergence of I am and and kind of where I was introducing from was you know, taking that view of how the industry has gone through consolidation phases. And then that Created opportunities for startups to kind of fill niches and to specialize in, you know, become a best of breed solution.
I think that's a good backdrop for this question, which is, you know, what, we just saw recently was this major purchase by OCTA of the auth0 platform and kind of building out their capabilities. Plus we see, you know, OCTA kind of building out capabilities around I ND governance and privileged access management. We see that with other vendors as well. I'm picking on OCTA primarily or picking out octave primarily because of the recent acquisition. I'd like to get your feedback on
that. But you know, another Trend that I'm seeing is a lot of platforms. The Microsoft platform building out identity management as a component of that Salesforce servicenow doing kind of the same thing where they're building out there. I am capabilities and saying, hey, you can just come on. Platform and use all of our, I am tools as well. So I guess a room to you, you know, what are your thoughts on the OCTA austere acquisition? And then, where do you see the
industry going as a whole? Is it more towards that? It are we going to see the cycle again? Where we see a consolidation, but it creates opportunities for other vendors. Yes. So these are the recent market. Dynamics are actually proving our Point, okay? Which we had been actually, you know, trying to bring Yup. Since past many years, that converts the I am is the future of identity and access
management. If you look at the recent report published by Gartner in December 2020, they actually leave published this IGM Market guide. Their they have very clearly given the market prediction that the next 24 months by year 2023 more than 45% of new. I am deployment will be Skin for converged. I am solution and that's a very big statement because In the market, people are now realizing there is a fatigue. They don't want to buy those
Niche products separately. They want a single platform where all these Solutions are big tin and the recent acquisition by OCTA, you know. It actually kind of confirms this Market Trend that traditionally they had been very strong in the market on access management side. But now they are seeing that, you know, the IGA and Pam if they bring both of that into their portfolio. Go. So they can address the new set of requirements which are coming in.
And if you look at, you know, the the approach what time were dark, and many of the other, I am players, they are also taking. They are also trying to expand from their current domain, like bam product vendors. They are trying to move into IGA and access management. Likewise the IGA vendors very soon you will find. They will also start moving left and right, okay?
To start, you know, getting into access management and Privileged access management, you know, his face and one of the core Point, okay? Which we feel a little bit positive about it. That there are two ways by which you can actually build this converged. I am a story one, what OCTA is doing like, acquiring the different product and then, you know, either you do the pre integrated solution, which you present to your client, or maybe you sell each of these Solutions separately to the client.
So, from customer perspective, it will be single, vendor from whom you can. All these product, however, the way we look at it, that true convergence is where you have created a product right from the beginning. The entire code base is a single code base, which is addressing the access management IGA and, you know, Pam requirements together and there are several advantages in doing. So, because you are not looking at it as a, you know, three different product. But it's a tightly integrated
right from the beginning. And some of those risk analytics data, or Identity analytics data, which you require to pass on from one tool to another tool that all can happen seamlessly. So we still feel that you know clients will look at the difference between you know the Stitch the converged IM solution versus through. Converged IM solution where we
are right now. Positioned as a market leader and we created this entire solution from, you know, grounder talking about, you know, the Microsoft coming onto the platform or, you know, the other player. Like Salesforce, I think those are also corroborating to the same point that convergence is, you know, a big Trend in the market. Number one, number two, that the entire space of identity and access management is so very hot that many of these large package solution, vendor, okay?
They are realizing the client demand and adding more features and functionality to be able to cater to those customer need. I'd also like to add to your list. List of the servicenow and the kind of, you know, the new feature capabilities, what they are, you know, kind of bringing onto the market, okay? They are also confirming to the same Trend that even though it is started as a itsm tool.
But since clients are putting up the request for access management Etc, why not to service that request directly? And from that perspective they are bringing the IGA capabilities into the you know, they are itsm to So many of these overlapping capabilities, which will be coming up in the market and they simply defined two Trends. One is the convergence. Another, that I am is pretty
hot. It's a huge investment with people are making into this area to address this issue and both of them are really good from, you know, the I am professionals perspective, I think it's really interesting.
When you talk about the platform well how many organizations that have Servicenow don't also have Microsoft or you know also have Salesforce and so if you making the pitch that hey you know, pull it all together, you still have this heterogeneous environment unless you're a very small organization, you saw as heterogeneous environment that you need to connect. So it is somewhat challenging but I wanted to bring you back in all through this up to your room but also to Jeff is around
the OCTA and all that 0dr auth0. You can because I just find it fascinating. I think it's going to be really see the impact play out of the next few years. I'm wondering, you know, Jeff and I are in the Consulting space, right? So, we get involved with a lot of product evaluations with our clients and product bake-offs, and it's just surprising, however, maybe not surprising, but it was just happening so much that Octonauts 0 would be
finalists kind of pacing off. With one another in product evaluations, they have a different story to tell, right? Octus kind of the, you know, my perspective was it was a tool built so, you know, from the UI system administrator kind of tool for doing identity. Access management. Where is also 0 was kind of a developer tool, right? You need to be able to go in and kind of look at the code and do a lot of code samples so you could play with and things like
that. I guess, turning all Didn't do a question. Is what does OCTA need to do now? There's made the author's, 0 acquisition to make it successful or it it's got to be more than just a Runners, two separate products forever, right? And you have their wisest just, they would have been better kind of running off on their own. What do what do they need to do? You have a perspective on that? Or is it just sit back and wait? And see a room. One, that you take that one first?
So, So my feeling is getting that look, I would say that we should wait and watch because OCTA had actually acquired multiple different tools with some overlap in the capabilities. So how they are going to, you know, create you know, homogeneous solution and integrate all of them together to bring the capability for their end. Customer will be something. Which will be really interesting for us to watch also like treating each of these products separately and bring Benefit.
If you add the licensing cost. That goes very, very high. So it will be really interesting. I probably, I prefer to reserve my comment and see that, how it shapes up in coming days, because it's not just about zero, but the other very recent acquisition, what they did, for IG. And okay, let's see how all of that plays together, and that's a great CEO answer for sure.
You know, the way that I I would approaches is I don't, I'm not a CEO but my two cents would be, you know, I think you have to take a look at the different markets that they've traditionally served so austere. All like you said, Jim has been more developer focus. And I think OCTA has been seen more as an Enterprise kind of inside the firewall type tool,
right for employees. But they have been making inroads to the customer side of things, maybe it's out roads, not sure if it's in roads, if you're talking about customers in that case. But I think one of the things that what I would probably look at is in the short-term, nothing. It's right there to big companies, they're going to have to kind of navigate the different Technologies and integration where it makes sense, so that they don't disrupt customers of their own.
But I think long-term, I think this strengthens octaves API situation and gives them a more developer focused capability with in that regard. And then, you know, at some point there's going to be a lot of overlap because they do a lot of the same things. So you know it is a year from now or maybe it's two years from now, you know, which API are You actually using. Is it an original OCTA one?
Or is it an Oscar one? And at the end of the day, it doesn't matter as long as it's, you know, leveraging, whatever it is, you're trying to do. So I think it'll be interesting to see how it works out because, you know, they're certainly not the only ones making Making Waves in that space made act as we're coming out of octane which was their yearly conference. This year. They announced Pam capabilities and the privileged access management space.
They announced IGA and identity governance capabilities but a lot of that stuff isn't really coming until next year so they made a lot of waves with announcements. But this isn't anything that's real until it hits the market. And that's not slated, until I think q1 of 2022. So we're still a ways away and it's as always the devil's in the details, right? What does that actually mean? When you're saying you're doing IGA, what does it actually mean?
We're doing privileged access management, is it going to be as full featured as something like a cyber-ark? Which is kind of the dominant player in that space, right? So I think I'll be interesting to see how it works out.
And I think this kind of drives towards where I wanted to take the next question which was around investments in the I am space because As we see organizations start to look at different platforms, sometimes that means making an investment in that platform and divesting from existing infrastructure or tools that they might already have. And I'm curious to run from your perspective, I guess, couple
questions right. What are you're seeing from that perspective of investing and new platforms and new tools and trying to build that converged? I am capability where it makes sense. And then from a just from a market perspective, do you see any differences in the way that the you This has been approaching those types of scenarios versus maybe what's been taking place
internationally? Yes. So, this is a standard question and the way I would like to answer this, that there are a couple of, you know, standard driver for investment in. I am a space that are Universal all across the globe, like Regulatory, Compliance, and audit, and compliance needs are standard across the globe. Whether you look at, you know, America's us has got Tree specific regulations and you know same way in Europe, the GDP are the government regulation or here in the CCP.
All of that are driving and each country has got their own regulation. So that's one of the primary driver for I am investment, but apart from that, you know, the some of the new drivers which had come up is like digital transformation and especially in American Market, many of the
organization. You know, they are going through the digital transformation and this had created a very different need for looking at identity and access management primarily because they want to, you know, handle the user experience and the user consent management, and all those Associated single user ID and those you know whole lot of those experiential input which they want to handle differently. That's actually driving in a big way. Adoption of identity and access management.
And the you know the other area is the risk mitigation and the overall maturity of the security cannot be achieved by you know, keeping things manual or semi-automated. So without having identity and access management solution, you know, deployed or without making this investment, you cannot get to the modern cyber security architecture. I am Solutions are driving you. No identity Centric analytics like a behavior analytics and those kind of things which you
can bring into the picture. And, you know, using those identities and click or behavior analytics, you can identify the indicators of compromise early on, and you can feed in, you know, more enriched information to your security operations center. And also based on the risk associated with the transaction, there are different level of authentication, which you can. Provide so risk mitigation is, you know, Big, Big Driver, you know, for I am investment.
Now, looking at the geographical differences, I would say in US market, digital transformation is one of the co-driver a part from Regulatory Compliance, or operational efficiency, but in a media Market you know it's a bring your own device or Mobility Trend that's also creating a major push towards adoption. And affect Market is primarily because of security concerns, because there have been so many different breaches which happened.
So just to prevent the Cyber theft, that's the core reason and the government regulation, as I mentioned earlier, that's the driver for investment in. I am it's interesting that you finished off with the security One driver, you know, we're we hear from even from clients, now they're looking at a zero, trust model. So used to be We would recommend or ask have you looked at your Charles servers your trust on your plate? I'm wondering, you know, is that a driver that you're seeing as well?
Where clients are actually saying we are, we are tracking towards has your trust framework? And I'm wondering are you designing your Solutions or your messaging around the zero trust framework and using the converged, im as a as a way to achieve store troughs. Yeah of course. Yes you know on zero cost is definitely pretty hot in the market and I'll quote you know the reasons that we've done by October that itself indicates that more than 60% you know Enterprises.
They are trying to be are working towards introducing 0 trusting to their environment and in our experience also like ailanthus being a global company when we you know interact with the clients in Southeast Asia or Europe or in the US. So could we find that 0? Stays one of the common element. Okay, which people are asking about, and if you look at zero trust primarily it is, you know, pushing the entire requirement, you know, we are never trust, always verify model towards
continuous authentication. So I would say that gone are the days. Okay, we are clients are happy with one time authentication. Now they are looking for continuous authentication to be able to boost their overall
maturity of the cybersecurity. And if you look at the, you know, core requirement of zero trust framework where people start with, you know, the creating separate zones and then identifying their high-value asset into the most secure Zone you require to continuously monitor the traffic which is going in and out and who are the people who are accessing those, you know, high-value critical assets and the traditional approach of having this login ID, password, And every time you
pop up and people need to login, you know, enter those password, or if you have taken the authentic credentials first time, and then you are playing it again. And again is not going to help at all. So one of the roadblock, 40 trusted option is the password.
And that's where we are actually noticing that there is a, you know, new trend which is catching up in a big way, the password less authentication and This is a primarily, you know, bringing cryptographically techniques to be able to you know, pass on the credential and you know handle it in a manner. We are without involving the user at the back end. You can do it in a more secure Manner and then you know, enable the organizations and the businesses to be able to deploy
the zero trust solution. Yeah. I'll say, we here at the the identity of the center podcast, have a strong disdain for the password. So, you're hitting on a lot of good points, but so let me put it to you like this. Finish the sentence, the password is dead, dot dot dot. I say password is dead, and it's a time for you to upgrade your identity and access management
solution. I strongly recommend people to try out the password less authentication and, you know, try it out for a pilot set of users first. See that how delighted they are in terms of their experience and then you can roll it. Out for other stuff. The users in your organization. That's I think that's a great answer, you know. I think password lists is one of the few Technologies where you can improve the customer experience and improve security at the same time.
So let me pass this one to Jeff. Jeff, the password is dead dot dot dot again. I've been here in the passwords dad's, I don't know. For the last seems like five six, seven years, Um, I don't know anybody who doesn't want to kill the password, but we're still stuck in this mode of you know, organizations having not made the investment in there. I am platforms to be able to support that or they're just starting to get into it right. Hardware Cycles can be very long
in an organization. You may have like a three or five-year laptop refresh or, you know, Hardware refresh. And maybe people are just now getting into things like Windows, hello, right? Or the touch of Touch ID on a MacBook. There's always the mobile option, but there's always been hesitancy. I think to allow people to use a non corporate device to do corporate E-Type things, right? And I'll be waiting is out there, but sometimes made there is another good mobile device
management plan in place. So, I guess I'll see it when I believe it. I really hope I'll believe it when I see it. I should say. I hope it comes sooner rather than later. It's a fantastic feature. When you've got it enabled, you know, for your organization. But yeah, I think let me know when it actually is real in the majority of organizations and maybe not just you know the folks who are trying to be
cutting edge. So I know we're coming up here towards the you know, our time for this conversation but before we go, I wanted to know. One, thanks so much for joining us. A rune. Are there any final kind of Pearls of Wisdom that maybe you can drop on the folks that are listening here or for Jim? And I so just one point I wanted to add here like the point, which you And regarding password less.
Authentication is so very true. And, you know, I have actually, I'm publishing one paper on Forbes regarding this particular point, the observations around, what are the reluctance in the minds of the people? And it's kind of based on my conversation with many of those clients. Okay, who are interested in password less authentication but still thinking. So I tried compiling those
thought process together. So please look out for this folks article, which is Coming up next week on the same topic. Now, I'll be great. Yeah, if you can we can get a link. We can certainly include it in the show notes that people can come check it out. And I'm always interested to hear what the thoughts are around it, because it is a no-brainer until someone has to spend some money to make it happen. And hopefully, that will take place sooner rather than later.
Jim. Any final words of wisdom for us? Yeah, two things for me first, my answer in the password is dead. Its Jester's dead. No. No, it's not. But the problem is that a lot of the core information, security issues that we Face will not go away until it actually is said, so you know, is it going to be 5 years? We're still laughing at the statement, the password is bed, or is there going to be a great movement toward and, you know, it's really on the b2c side?
Where is the biggest problem? That's things that basically internet even more than is on the corporate side? So that's that's my number one comment on this number to comment is really, we talked a little bit about the space. We talked about, you know, evaluating I am Solutions and we have the CEO on from one of the companies are not saying that's
just the, as a service to him. But just as overall, I think, you know, the approach that most organizations take when they're evaluating, I am solutions to look at like the magic quadrant, for example, and say Say we're just going to look at vendors in the upper, right but my perspective is always been that you know that is a guidance guidelines so you kind of can survey the space and know who's in it and who has the most complete solution, get all that information is valuable but all
the organizations that are kind of within that realm even if they're in the lower left quadrant doesn't mean they're not good Solutions and that they don't fit a certain use case that you have, right. Although Solutions are in business because they they fit and need for some organizations,
right? And so I would encourage folks that if they're going into the product evaluation phase that they set their their Vision, their field of vision as widely as possible to evaluate organization or evaluate, I am products that are maybe not in the upper right-hand quadrant that's just The only thought is because I think if you open that field of vision you may find something that is actually the perfect fit for your particular circumstances.
And that's a really good point. I think, you know, at times organizations get their blinders on, right? And they kind of follow Gartner's gospel, which you know, they're great. They're a great research firm but they're not the end-all be-all. There are really really good products that are in the Gartner magic quadrant and any of them. They're also really good products that aren't rated because there is, you know, Certain thresholds to even be considered that in that spot
kind of analysis. So, you know, take the time to do the research, take a look at what's actually important to your organization, what are the capabilities and services that you need and make the right choice for your organization based on, you know, that kind of knowledge. So I think that's a really good advice Jim, so I appreciate that. So I think with that, we're going to go ahead and close it out for this week Arun. Appreciate you being part of this gym as well.
You can also you know visit us again at the show at W dot identity at the center.com. We're on Twitter at idac podcast. You know, we're always open to linking and Linkedin connections and messages that way. If you've got ideas for the show, you'll feel free to connect with Jim and I a rune I'm going to assume that you're open to connections as well on LinkedIn. Is that right? Yes. Absolutely great. So I'll include your information as well in our show notes that people can check out.
And then with that I hope everyone is staying happy and healthy and we'll talk with you all in the next one. Thanks. Thank Thanks Jim and Jeff. Thanks for listening to the identity at the center podcast. If you like what you heard, don't forget to subscribe and visit us on the web and identity at the center.com.