Programme @ IDM uk

David Terrar, Director and Chair, Cloud Industry Forum

A significant issue for IAM leaders is effectively communicating security concerns and establishing sustainable lines of communication.

In place of clear, accessible, and business-relevant information, cybersecurity professionals often fall back on terminologies that fail to align with business goals situated outside of the IT function.

We address, the benefits of communication, the consequences of miscommunication, and how to bring together IAM practitioners and other business elements.

Many organisations still rely on manual forms of IAM process management despite the availability of technology-assisted tools which enable project progression and create the space for human-led technical innovation.

One of the primary reasons for a lack of initiative is an inability to envisage how to move from the identification of an inefficiency to its resolution through the deployment of the right technology and the empowerment of the right people.

We address:

• What you need to initiate
• Taking that initial step
• Real-world examples of best practice
• What a well-run programme looks like

Jayanta Debnath, Head of Identity and Access Management, Standard Chartered Bank

For today’s generation, banking forms a seamless part of their online identity.

In order to reflect this change in utilisation, banks are moving into hyper-personalisation use cases and innovative practices such as contextual marketing and AR/AVR based branch banking.

In this, identity and access play a key role as financial institutions look to modernise their models of customer engagement; we will be looking at the evolution of Cloud Native IAM systems.

• Digital banking – digital use cases and trends
• Hyper-personalisation, AR/VR banking, IoT, password-less and Smart Cities integration
• Cloud-Native -The need to be Cloud Native in a highly changeable technology space
• Emerging IAM patterns
• The importance of customer experience

George Rogers, Enterpise Account Manager, BeyondTrust

Enterprises of all sizes have experienced a privilege explosion, driven by trends like cloud computing, DevOps, and edge computing, and the proliferation of non-human identities and accounts. As a result, privileged access is pervasive across the modern IT environment yet it is often inadequately managed and monitored In this session, learn the key steps to achieving Universal Privilege Management, and how it is used to secure every user, session, and asset across your IT environment.
Topics covered include:
• Why relying on password management alone leaves dangerous gaps in protection
• Disrupting the cyberattack chain with privileged access security controls
• Essential steps to achieving rapid leaps in risk reduction
• Keys to a frictionless PAM solution that is invisible to end users

Kumud Dubey, Senior ASIC Verification Engineer, Boeing

2020 was the year in which mobile working became much more established for businesses, with many now having chosen to either keep most of their workforce remote or to move away from the office entirely.

This development, for all its positives, has also made the job of IAM leaders more difficult as the enterprise ecosystem has taken on a more complex, varied, and layered outlook.

We address:

• Identifying users and devices in a mobile landscape
• Convergence of mobility management and IAM technologies
• Implications of this ‘new normal’ for the digital workplace

Today, the vast majority of breaches are conducted through the successful exploitation of privileged access. Once an enterprise has been breached, it is then playing host to any number of hostile actors who are then able to operate within your network, access sensitive data, install malware and funnel out business-critical information to a wider audience.

Reducing your security risk means fully appreciating and understanding the value that PAM brings to your organisation.

We address:

• The pervasiveness of PAM across the enterprise
• Accounting for PAM technology trends
• Advancing your managing and monitoring techniques
• Deploying universal privilege management

Johann Dilantha Nallathamby, Head of Solutions Architecture for IAM, WSO2

Consumer onboarding is one of the, if not the most, important functions of a Customer Identity & Access Management (CIAM) solution. An overly complicated onboarding workflow can significantly detract from the consumer experience. Providing a simple, user-friendly, efficient and effective onboarding workflow without compromising security has always been a challenge amongst security and risk professionals.

In this session we will review:
-The 3 most common consumer onboarding workflows
-The components that make up an onboarding workflow
– What are “verifiers”? And how do you use them?

Marcin Zimny, Identity and Access Management Architect, London Stock Exchange Group

We are so used to associating oAuth2 standards to the integration of the applications with Identity Providers in the context of authentication. We can use Facebook and Google to log into our applications on-line, but what really happens behind the façade of the login screens? oAuth2 has been developed to enable delegation and authorization, not just authentication.

Let’s look at how we can utilise this standard beyond the first ‘A’ and protect the resources with authorisation and entitlements, which can be incorporated into an authorisation server and enforced at the resource server level.

Let’s try to find the line between fine-grained backend AuthZ services and flexibility or coarse grain entitlements within oAuth2 authorisation servers

coming soon

Click here to view the seminar sessions

One of the ways in which businesses can better manage customer identity and access demands and consolidate their identifiers is with the deployment of an architected data warehouse which takes account of the many points of contact that customer digital identities have within the enterprise network and the digital prints they leave behind.

We address:

• Deploying an identity graph
• Identity as a multi-faceted asset
• Privacy-compliant identification
• Creating greater linkage between business and customers
• Establishing a universal ID

2020 was the year in which mobile working became much more established for businesses, with many now having chosen to either keep the majority of its workforce remote or to move away from the office entirely.

This development, for all its positives, has also made the job of IAM leaders more difficult as the enterprise ecosystem has taken on a more complex, varied, and layered outlook.

We address:

• Identifying users and devices in a mobile landscape
• Convergence of mobility management and IAM technologies
• Implications of this ‘new normal’ for the digital workplace

Lydia Payne-Johnson, JD, CIPP, Director, Information Security, Identity & Access Management and Risk, The George Washington University 

Organisations like Cambridge Analytica once boasted of their capability to mine, link, and exploit the data of billions of Facebook users in the service of a premium customer with devious motivations. Today, with public knowledge of this type of exploitation growing, customers are demanding businesses limit the possibility of their digital identities being subject to misuse.

We address:

• Implementing a zero-trust approach to IT security
• Adopting a CARTA strategic approach to security and risk
• Continuous security assessments
• Prevent internal fraud from insider threats
• Achieve a more private space for customer interaction

As authorisation architecture evolves at an impressive rate in response to the trend towards greater digitisation of workloads in hybrid IT environments, IAM leaders are having to design and orchestrate greater linkage between their RBAC and ABAC hierarchy.

We address, how to create a dynamic authorisation environment that will support the ever-expanding need to facilitate fine grain access.

Chris Eckl, Chief Technical Officer, Condatis

Part of the NHS’s long-term plan is to enable staff to move between NHS Trusts to respond to urgent care requirements across regions. The NHS Digital Staff Passport (DSP) is a self-sovereign identity solution based on the following foundations and concepts formulated by UK healthcare physician, Manreet Nijjar, the founder of Truu:
– Right to work checks
– Barring and disclosure checks which the home office issues
– Moving training records and certification to work with vulnerable groups
– Movement of staff credentials from one employer to another
– Licenses to practice
– Specialisations
– Bank checks
– The clinician’s end-user experience.

The DSP project is a collaboration between Condatis, Sitekit, Evernym and Truu, all aligned with the same vision to deliver a system that empowers clinicians and enables them to move swiftly between locations and NHS Trusts without having to re-prove their identity and credentials. As the largest healthcare organisation globally and an incredibly complex multi-organisational system with nearly 400 organisations across the UK, this is a substantial commercial collaboration for the healthcare service, pushing to provide a vendor-agnostic solution.

This solution is currently the world’s most significant ongoing deployment of Self-Sovereign Identity with 81 different agents within a trusted ecosystem.

Summary of the solution:
– Drastically reduces the time it takes to move staff records from one employer to another.
– Based on Evernym stack on Hyperledger Aries with Verity agents.
– One issuer and one verified deployed for every organisation.
– Run on Microsoft Azure Active Directory.
– Reuse of existing Staff Identity.
– Issuance of DSP to moving consultants.