learning from the past, securing the present and looking to the future
- The Future of Digital Identity
- How to successfully manage IAM migration
- How to support a remote workforce at scale
- Moving from spreadsheets to AI: an entitlement management journey
- How to securely manage identities at scale in the cloud
- Addressing all PAM use cases
- Why Security Awareness Training for Developers matters
Conference Chair's Opening Address
The Future of Digital Identity
From the workplace to the home, our digital identities are taking on increasingly complex personas which are unlimited by their digital reach and unrestricted by environment and usage.
As technologies like AI, virtual reality and biometrics embed themselves more and more within society and impact the way in which we interact with one another, our digital and real identities will inevitably adapt and change.
In our opening address, we explore the ways in which practitioners can meet the challenges and demands this will bring.
- Address the need to amend strategies in line with technology changes
- Identify new methods of authentication in response to future technologies
- Adopt a global view of identity
- Data minimisation, pseudonymisation, unlinkability, transparency, and privacy
How to successfully manage IAM migration
All IAM projects are migration projects which require adopting an innovative approach to problem solving whilst ensuring that the old system isn’t interrupted.
Many IAM practitioners like to adopt a big bang approach to implementation, when they may well be better placed adopting a bottom-up strategy which emphasises reducing risk through an agile approach.
Such an approach allows you to create a space for innovation in which internal techniques can evolve while keeping old processes and features as required by the wider business.
The end result is that large-scale enterprises can then choose between one central IAM system and federated IAM repositories.
How to support a remote workforce at scale
The global pandemic has left many IAM leaders having to facilitate an unprecedented migration from the office to the home. From ensuring enterprise security to employee productivity, the limits of existing IAM systems are being tested like never before.
- Supporting larger than normal work volumes
- Verifying and authenticating remote access demands
- Securing all personal devices accessing apps and systems
- Business continuity with automated provisioning and de-provisioning
- Onboarding and securing new users
Moving from spreadsheets to AI: an entitlement management journey
The evolution of IAM from inputting data into spreadsheets to advanced tools with well-designed user interaction features which show how to review data and certify in a nice package for auditors is a clear marker of process improvement.
Despite such progress, many are still relying on outdated processes and legacy lag.
- The value of moving from manual to automated provisioning and centralising tools
- Adopting an open API component-based strategy as you move to the cloud
- Replacing recertifications with automated approval and rejection with analytics
How to securely manage identities at scale in the cloud
While managing identities and authorisations is a core requirement for all apps, the nature of modern applications means that they are required to securely manage hundreds of thousands or millions of identities at once.
In this talk, you will learn how you can leverage fully managed, serverless services in the cloud to securely manage your user pools.
During this presentation, we will show how to create and manage a pool, how to integrate hosted user interface in your mobile or web app, how to manage identity federation using OAuth, OpenID or SAML and how to apply RBAC rules for fine grained access control to native cloud resources such as APIs.
Questions to the Panel of Speakers
Refreshment Break Served in the Exhibition Area
Addressing all PAM use cases
Given that virtually all breaches involve the exploitation of privileged access, it is vital that organisations strengthen their PAM protection. Failure to do so will result in threat actors not only gaining access to an IT environment but moving on to embed themselves within and across multiple platforms in order to access assets, install malware and inflict damage.
We address, how best to manage the expansion of privileged users, why relying on password management alone creates gaps in protection, the steps you can take to reduce risk, and the role that privileged access controls play in disrupting cyberattacks.
Why Security Awareness Training for Developers matters
Developers create the basis of the business model in many companies, the application, the code. A small mistake here can have massive consequences both reputationally and legally. As a result, the requirements for Developer Security Awareness Training need to be different from the “normal” user.
In this presentation, we will take a closer look at what is required to make developers think and develop securely.
- Security Awareness for developers needs improvement
- Developers have special training needs
- Awareness training must be integrated into the daily work
- A gamified approach makes the training more attractive
Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
Networking Lunch Served in the Exhibition Area
securing the enterprise, facilitating access, and utilising the right technology for your business
- Achieving data access control at source
- External identity management: securing your TPM
- Securing your customer identities: CIAM in the age of COVID
- Managing all of your identities centrally
- Moving to the cloud: what’s stopping you!?
- Mastering governance and compliance needs: enterprise IAG
Conference Chair’s Afternoon Address
Achieving data access control at source
Enforcing data access controls is becoming an increasingly difficult task for IAM practitioners. In a world of integrations, file transfers, API’s, and reports, more than ever, organisations need to simplify the complex enterprise environment in order to understand who can see what.
One option which many opt for is to replicate all the rules in every system/component, but this is fraught with issues. Another is to limit access to the data to specific patterns, but this leaves your data science function out in the cold.
- OAuth’s on-behalf-of
- How to use OAuth flow
- Make sure your sensitive data is always protected at source
- How to deal with legacy applications
External identity management: securing your TPM
Whilst the majority of IAM systems are integrated with the enterprise HR function and the internal users embedded within the system, it leaves a growing number of third-party actors outside of HR control.
We address, how to best manage third party users no matter the size and status of your external users’ pool.
Securing your customer identities: CIAM in the age of COVID
As person-to-person interactions have been severely limited, or even eliminated, by the pandemic, the need to secure remote access has taken on added significance. This rings even more true for managing and securing your customer base.
- How to create the trust needed to meet expectations
- Securing the interaction, no matter the service being accessed
- Integrated identity verification services
- Remotely verify and onboard your customers
Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
Managing all of your identities centrally
Many organisations face the challenge of managing multiple systems in a global business environment. This makes identities difficult to manage and maintain, causes costs to increase and leads to an over-reliance on manual processes.
We address, how to automate your lifecycle management in order to reduce the internal effort and reduce the costs of services related to password management, onboarding and offboarding processes.
Moving to the cloud: what’s stopping you?
Many businesses fail to successfully manage and execute cloud migration strategies. From believing that your IT requires immediate and wholesale migration, that costs would outweigh the advantages, to the mistaken belief that you can’t adopt the cloud because of an inability to meet security, privacy and compliance needs, the myths are many.
We address, the strategies designed to combat obstacles to identity management cloud deployment, and you can better plan in order to formulate, implement and deliver.
Mastering governance and compliance needs: enterprise IAG
Delivering on the needs of your business means ensuring that your IAM platform is secure, compliant, efficient, and reliable. By adhering to these key tenets, you will enable simplified access to systems and applications for your employees, customers, and business partners.
With the right solution, moving to the cloud doesn’t require you to compromise on any of these key attributes. Instead you can move your IGA off-prem, utilise an enterprise grade SaaS offering with comprehensive IGA functionality, and allow for seamless performance whether on-prem or in the cloud.
Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Whitehall Media reserve the right to change the programme without prior notice.