Programme @

IDM uk

VIRTUALCONFEX

15 June 2021

Brought to you by Whitehall Media

Programme @ IDM uk

Session One

the people, principles and processes which make up a successful IAM enterprise

  • How to become a better communicator: collaboration is key
  • Starting an IAM programme: how to succeed in project management
  • Accounting for the privacy-personalisation conundrum
  • Scoring your IAM maturity against your business needs
  • Understanding the value of PAM: protecting every privilege in every setting
  • IAM for the people! How to govern in the digital age

09:15

Conference Chair's Opening Address

David Terrar
Director and Chair, Cloud Industry Forum
view profile

David Terrar, Director and Chair, Cloud Industry Forum

09:25

How to become a better communicator: collaboration is key

A significant issue for IAM leaders is effectively communicating security concerns and establishing sustainable lines of communication.

In place of clear, accessible, and business-relevant information, cybersecurity professionals often fall back on terminologies that fail to align with business goals situated outside of the IT function.

We address, the benefits of communication, the consequences of miscommunication, and how to bring together IAM practitioners and other business elements.

 

09:45

Starting an IAM programme: how to succeed in project management

Many organisations still rely on manual forms of IAM process management despite the availability of technology-assisted tools which enable project progression and create the space for human-led technical innovation.

One of the primary reasons for a lack of initiative is an inability to envisage how to move from the identification of an inefficiency to its resolution through the deployment of the right technology and the empowerment of the right people.

We address:

  • What you need to initiate
  • Taking that initial step
  • Real-world examples of best practice
  • What a well-run programme looks like

10:00

Cloud Native IAM for Digital Banks

Jayanta Debnath
Head of Identity and Access Management, Standard Chartered Bank
view profile

Jayanta Debnath, Head of Identity and Access Management, Standard Chartered Bank

For today’s generation, banking forms a seamless part of their online identity.

In order to reflect this change in utilisation, banks are moving into hyper-personalisation use cases and innovative practices such as contextual marketing and AR/AVR based branch banking.

In this, identity and access play a key role as financial institutions look to modernise their models of customer engagement; we will be looking at the evolution of Cloud Native IAM systems.

• Digital banking – digital use cases and trends
• Hyper-personalisation, AR/VR banking, IoT, password-less and Smart Cities integration
• Cloud-Native -The need to be Cloud Native in a highly changeable technology space
• Emerging IAM patterns
• The importance of customer experience

10:15

Questions to the Panel of Speakers

10:30

Networking Break

Session Two

10:45

Introduction to Session Two

10:50

Universal Privilege Management – A Modern Approach to PAM

George Rogers
Enterpise Account Manager, BeyondTrust
view profile

George Rogers, Enterpise Account Manager, BeyondTrust

Enterprises of all sizes have experienced a privilege explosion, driven by trends like cloud computing, DevOps, and edge computing, and the proliferation of non-human identities and accounts. As a result, privileged access is pervasive across the modern IT environment yet it is often inadequately managed and monitored In this session, learn the key steps to achieving Universal Privilege Management, and how it is used to secure every user, session, and asset across your IT environment.
Topics covered include:
• Why relying on password management alone leaves dangerous gaps in protection
• Disrupting the cyberattack chain with privileged access security controls
• Essential steps to achieving rapid leaps in risk reduction
• Keys to a frictionless PAM solution that is invisible to end users

11:05

Supporting your mobile workforce: mobile identity platforms

Kumud Dubey
Senior ASIC verification Engineer, Boeing
view profile

Kumud Dubey, Senior ASIC Verification Engineer, Boeing

2020 was the year in which mobile working became much more established for businesses, with many now having chosen to either keep most of their workforce remote or to move away from the office entirely.

This development, for all its positives, has also made the job of IAM leaders more difficult as the enterprise ecosystem has taken on a more complex, varied, and layered outlook.

We address:

• Identifying users and devices in a mobile landscape
• Convergence of mobility management and IAM technologies
• Implications of this ‘new normal’ for the digital workplace

11:20

Understanding the value of PAM: protecting every privilege in every setting

Today, the vast majority of breaches are conducted through the successful exploitation of privileged access. Once an enterprise has been breached, it is then playing host to any number of hostile actors who are then able to operate within your network, access sensitive data, install malware and funnel out business-critical information to a wider audience.

Reducing your security risk means fully appreciating and understanding the value that PAM brings to your organisation.

We address:

  • The pervasiveness of PAM across the enterprise
  • Accounting for PAM technology trends
  • Advancing your managing and monitoring techniques
  • Deploying universal privilege management

11:35

Questions to the Panel of Speakers

11:50

Networking break

Session Three

12:05

Introduction to Session Three

12:10

Composing Easy & Effective Consumer Onboarding Workflows

Johann Dilantha Nallathamby
Head of Solutions Architecture for IAM, WSO2
view profile

Johann Dilantha Nallathamby, Head of Solutions Architecture for IAM, WSO2

Consumer onboarding is one of the, if not the most, important functions of a Customer Identity & Access Management (CIAM) solution. An overly complicated onboarding workflow can significantly detract from the consumer experience. Providing a simple, user-friendly, efficient and effective onboarding workflow without compromising security has always been a challenge amongst security and risk professionals.

In this session we will review:
-The 3 most common consumer onboarding workflows
-The components that make up an onboarding workflow
– What are “verifiers”? And how do you use them?

12:25

Coarse grained authorisation with oAuth2

Marcin Zimny
Identity and Access Management Architect, London Stock Exchange Group
view profile

Marcin Zimny, Identity and Access Management Architect, London Stock Exchange Group

We are so used to associating oAuth2 standards to the integration of the applications with Identity Providers in the context of authentication. We can use Facebook and Google to log into our applications on-line, but what really happens behind the façade of the login screens? oAuth2 has been developed to enable delegation and authorization, not just authentication.

Let’s look at how we can utilise this standard beyond the first ‘A’ and protect the resources with authorisation and entitlements, which can be incorporated into an authorisation server and enforced at the resource server level.

Let’s try to find the line between fine-grained backend AuthZ services and flexibility or coarse grain entitlements within oAuth2 authorisation servers

12:40

Case study

coming soon

12:55

Questions to the Panel of Speakers

13:10

Break for Networking Lunch

Session Four

13:45

Seminar Sessions

14:30

Networking break

Session Five

deploying the right technology to where it is needed most

  • Mapping your customer base: architecting an identity graph
  • Supporting your mobile workforce: mobile identity platforms
  • Password-less authentication: achieving the required distribution
  • Make privacy matter: adopting an always-on approach
  • Adopting a hierarchical order of system control: ABAC and RBAC
  • Accelerate the adoption of a decentralised identity platform

14:45

Conference Chair’s Afternoon Address

14:55

Mapping your customer base: architecting an identity graph

One of the ways in which businesses can better manage customer identity and access demands and consolidate their identifiers is with the deployment of an architected data warehouse which takes account of the many points of contact that customer digital identities have within the enterprise network and the digital prints they leave behind.

We address:

  • Deploying an identity graph
  • Identity as a multi-faceted asset
  • Privacy-compliant identification
  • Creating greater linkage between business and customers
  • Establishing a universal ID

15:05

Supporting your mobile workforce: mobile identity platforms

2020 was the year in which mobile working became much more established for businesses, with many now having chosen to either keep the majority of its workforce remote or to move away from the office entirely.

This development, for all its positives, has also made the job of IAM leaders more difficult as the enterprise ecosystem has taken on a more complex, varied, and layered outlook.

We address:

  • Identifying users and devices in a mobile landscape
  • Convergence of mobility management and IAM technologies
  • Implications of this ‘new normal’ for the digital workplace

15:15

Questions to the Panel of Speakers

15:30

Afternoon Networking and Refreshments served in the Exhibition Area

Session Six

15:45

Introduction to session six

15:50

Make privacy matter: adopting an always-on approach

Lydia Payne-Johnson
Director, Information Security, Identity & Access Management and Risk, The George Washington University
view profile

Lydia Payne-Johnson, JD, CIPP, Director, Information Security, Identity & Access Management and Risk, The George Washington University 

Organisations like Cambridge Analytica once boasted of their capability to mine, link, and exploit the data of billions of Facebook users in the service of a premium customer with devious motivations. Today, with public knowledge of this type of exploitation growing, customers are demanding businesses limit the possibility of their digital identities being subject to misuse.

We address:

  • Implementing a zero-trust approach to IT security
  • Adopting a CARTA strategic approach to security and risk
  • Continuous security assessments
  • Prevent internal fraud from insider threats
  • Achieve a more private space for customer interaction

16:05

Adopting a hierarchical order of system control: ABAC and RBAC

As authorisation architecture evolves at an impressive rate in response to the trend towards greater digitisation of workloads in hybrid IT environments, IAM leaders are having to design and orchestrate greater linkage between their RBAC and ABAC hierarchy.

We address, how to create a dynamic authorisation environment that will support the ever-expanding need to facilitate fine grain access.

16:20

Decentralized Identity deployed: a 12-month collaboration for a vendor-agnostic solution

Chris Eckl
Chief Technical Officer Condatis
view profile

Chris Eckl, Chief Technical Officer, Condatis

Part of the NHS’s long-term plan is to enable staff to move between NHS Trusts to respond to urgent care requirements across regions. The NHS Digital Staff Passport (DSP) is a self-sovereign identity solution based on the following foundations and concepts formulated by UK healthcare physician, Manreet Nijjar, the founder of Truu:
– Right to work checks
– Barring and disclosure checks which the home office issues
– Moving training records and certification to work with vulnerable groups
– Movement of staff credentials from one employer to another
– Licenses to practice
– Specialisations
– Bank checks
– The clinician’s end-user experience.

The DSP project is a collaboration between Condatis, Sitekit, Evernym and Truu, all aligned with the same vision to deliver a system that empowers clinicians and enables them to move swiftly between locations and NHS Trusts without having to re-prove their identity and credentials. As the largest healthcare organisation globally and an incredibly complex multi-organisational system with nearly 400 organisations across the UK, this is a substantial commercial collaboration for the healthcare service, pushing to provide a vendor-agnostic solution.

This solution is currently the world’s most significant ongoing deployment of Self-Sovereign Identity with 81 different agents within a trusted ecosystem.

Summary of the solution:
– Drastically reduces the time it takes to move staff records from one employer to another.
– Based on Evernym stack on Hyperledger Aries with Verity agents.
– One issuer and one verified deployed for every organisation.
– Run on Microsoft Azure Active Directory.
– Reuse of existing Staff Identity.
– Issuance of DSP to moving consultants.

16:35

Questions to the Panel of Speakers

16:50

Closing Remarks from the Conference Chair

17:00

Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.

Follow us on social

Keep up to date with what's going on by following us on social media.

Featured blogs

Read the latest news and views from key industry figures and thought leaders.

Addressing the Biometric Concern
According to recent research by Nomidio, it is discovered that only 14% of consumers are regularly using biometric authentications to log into their digital services, websites and even accounts. The recent survey did show that over half of the people surveyed agreed biometrics make authentication a quicker process, with nearly the same amount believing it...
Amazon Trials at Hand
In a progressive step for the online retail giant, Amazon has presented a new and improved contactless payment service currently being trialled is US Amazon Go stores. Amazon One The new biometric scanner is the hope to streamline contactless payment security as well as physical access for consumers. Labelled as Amazon One, the device scans...
Remote workers on the front line: access to sensitive data and its security implications
Remote workers needing access to sensitive data and their security implications Following the overwhelming success of IDM Europe and ECS UK, we were delighted once again with the outcome of our Government IT Security virtual conference, which was held on the 23rd of September. During this event, delegates were enlightened by our guest speakers who...