When it comes to security technologies, identity management is one that stands out on its own. It’s one of the only security technologies that both help to keep enterprises more secure, while also improving how enterprises innovate. Where anti-malware, firewalls, VPNs, vulnerability management and similar all help to provide a more trusted environment, they don’t help to make that environment more efficient.
That’s not to say that keeping environments secure doesn’t help to foster commerce and innovation. It most certainly does. In his keynote, Gen. Michael Hayden reminded the audience, just how crucial security is when it comes to commerce when is cited Christopher Columbus’s voyages of discovery. And commerce on the Internet and enterprise networks are modern trade lines, and they need to be as secure as those shipping lanes that spawned in the 1500s as a result of Columbus’s early journeys.
And identity is in the center of both keeping today’s digital trade lines secure and innovative. This is especially trying as so many enterprises are deep into their efforts to transform most every business process into a digital process. “We’re living in a very dynamic, and very interesting space here,” said SailPoint CEO and founder Mark McClain. “People are beginning to rethink their approach to identity. We want to help you think about these dual challenges we all face, of how do you enable the business to move fast? The “digital transformation” is the new buzzword. How are we moving out businesses forward, while simultaneously protecting our assets, our people our information, our data, our applications,” McClain said in his keynote.
The idea of identity as both a technology to provide security and regulatory compliance as well as improve business enablement and digital transformation, as we wrote last week, was a big theme at Navigate ’17.
While it’s not the sailing carracks of the 16th century, or the shipping and other innovations that was spurred by the globalization of that period — innovation in commerce today is being driven by the move to cloud, DevOps, automation — and identity is central to it all. “This [notion] is the opposite of focusing on high-risk scenarios. This is [focusing on] an opportunity to automate mundane, routine tasks,” said SailPoint president and co-founder Kevin Cunningham, when describing the marriage of machine learning and identity management. “It gives us a great opportunity to use robotics to automate non-risky tasks of identity management,” he said. “It’s about helping enterprises move more quickly, at the speed of business today, and not be held back by identity and move forward more quickly because of it. AI provides us with the intelligence to automate, saving IT time and money,” Cunningham said.
Of course, such capabilities can also help teams to identify when something is awry, and spot attacks before they turn into a serious data breach. And this dual role of identity is one of the reasons why it makes such sense to weave identity deeper into the infrastructure and security defenses as Darran Rolls discussed in his talk Building the Identity-aware Infrastructure. “More and more, our customers are telling us what they need is not just to have a great system for managing identities the way we traditionally thought of provisioning and certification and compliance. But they want to be able to tie identity information into the rest of their ecosystem? As the perimeter gets less secure, as we blur the boundaries of our businesses with our colleagues and our business partners, how do we make sure it’s easy to share that data, but do it so securely,” Rolls asked.
And that struck me as the big challenge — and opportunity — the ability to harness identities and their associated data to move business forward more quickly while also improving the security posture of the organization. That was also a thread that connected not only Cunningham’s keynote announcing IdentityAI, Rolls on the Identity-aware infrastructure, and Amar Rama’s, senior manager product management talk on the nature of dynamic governance at the speed of business, but also among customers who shared their identity stories. This included the University of Utah’s talk, Strategy for an IAM Program in Academia, Humana’s vast role-based access control efforts, and Western Union’s one-year implementation and on-boarding of hundreds of apps using SailPoint.
This tale of identity management’s dual role also permeated conversations between sessions and keynotes, as users and attendees shared their own identity stories, as they taught and learned from each other.
Save the date, because we’re doing it all again next year May 14 – 17, 2018!