Cloud migration and remote work requirements are forcing organizations to modernize their applications and identity systems. Making the transition is both time-consuming and expensive using traditional software development practices. By decoupling applications from identity, orchestration can alleviate the burden while allowing companies to seamlessly mix and match different cloud providers as well as MFA and passwordless technologies. In this episode, Eric Olden, Co-founder and CEO at Strata Identity sheds light on identity orchestration strategies and best practices.
Time Stamps
00:02 -- Introduction
02:16 -- Eric Olden's professional highlights
05:11 -- State of maturity of identity management, and where does identity orchestration fit in.
08:13 -- When should an organization consider an identity orchestration strategy?
11:33 -- Identity orchestration, a plug-and-play approach
15:17 -- Use of the "adapter" metaphor to understand identity orchestration
16:50 -- Identity Orchestration and Single Sign-On -- What is the nature of the relationship?
18:47 -- Eliminating security vulnerabilities with application modernization and identity orchestration
22:06 -- Wide-scale implementation of passwordless authentication
25:47 -- Challenges and success factors in formulating and implementing identity orchestration strategies
30:24 -- Guidance in selecting service providers and vendors
34:31 -- Making a business case for identity orchestration
38:59 -- Final thoughts
Memorable Eric Olden Quotes/Statements
"I see identity providers themselves, the IDPs, are today's hardware in that customers need them, they have to run something, but they don't want to be locked into any one thing. So, we've created an abstraction layer that allows you to decouple the applications from the identity provider. So you can mix and match and do different things."
"Identity orchestration makes sense when you have more than one identity provider."
"If you find yourself trying to modernize applications and move from legacy to modern, that's another really important use case for orchestration."
"The abstraction layer allows you to avoid rewriting any of the applications because, from the application standpoint, the orchestration layer presents a facade that looks exactly like the application is expecting it before orchestration came in."
"We're able to bring modern security to legacy applications and do that without ever changing them."
"All of these five A's -- authentication, access, authorization, attributes, and audit, need to find their way into this new distributed environment."
"Today, with orchestration, you no longer need an application-specific connector because all of the patterns in the protocols that the applications need are already part of the abstraction layer in the orchestration."
"I told my developers, look, if you ever find yourself typing the word password in your code, stop, you're doing it wrong. So you need to back that up and figure out why someone was trying to bring a password in the first place and give them an alternative. So that is a bit of a heavy lift at the beginning, where you need to change people's mindsets."
"The world today is about self-service, and you want to have things bought and not sold."
Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast
Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.
Connect with Dr. Chatterjee on these platforms:
LinkedIn: https://www.linkedin.com/in/dchatte/
Website: https://dchatte.com/
Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338
https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712
Latest Publications:
Preventing Security Breaches Must Start at the Top
Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic
Latest Webinars:
https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip