Artwork for podcast The Cybersecurity Readiness Podcast Series
Identity Orchestration Strategies and Best Practices
Episode 5228th June 2023 • The Cybersecurity Readiness Podcast Series • Dr. Dave Chatterjee
00:00:00 00:42:39

Share Episode

Shownotes

Cloud migration and remote work requirements are forcing organizations to modernize their applications and identity systems. Making the transition is both time-consuming and expensive using traditional software development practices. By decoupling applications from identity, orchestration can alleviate the burden while allowing companies to seamlessly mix and match different cloud providers as well as MFA and passwordless technologies. In this episode, Eric Olden, Co-founder and CEO at Strata Identity sheds light on identity orchestration strategies and best practices.

 

Time Stamps

00:02 -- Introduction

02:16 -- Eric Olden's professional highlights

05:11 -- State of maturity of identity management, and where does identity orchestration fit in.

08:13 -- When should an organization consider an identity orchestration strategy?

11:33 -- Identity orchestration, a plug-and-play approach

15:17 -- Use of the "adapter" metaphor to understand identity orchestration

16:50 -- Identity Orchestration and Single Sign-On -- What is the nature of the relationship?

18:47 -- Eliminating security vulnerabilities with application modernization and identity orchestration

22:06 -- Wide-scale implementation of passwordless authentication

25:47 -- Challenges and success factors in formulating and implementing identity orchestration strategies

30:24 -- Guidance in selecting service providers and vendors

34:31 -- Making a business case for identity orchestration

38:59 -- Final thoughts

Memorable Eric Olden Quotes/Statements

"I see identity providers themselves, the IDPs, are today's hardware in that customers need them, they have to run something, but they don't want to be locked into any one thing. So, we've created an abstraction layer that allows you to decouple the applications from the identity provider. So you can mix and match and do different things."

"Identity orchestration makes sense when you have more than one identity provider."

"If you find yourself trying to modernize applications and move from legacy to modern, that's another really important use case for orchestration."

"The abstraction layer allows you to avoid rewriting any of the applications because, from the application standpoint, the orchestration layer presents a facade that looks exactly like the application is expecting it before orchestration came in."

"We're able to bring modern security to legacy applications and do that without ever changing them."

"All of these five A's -- authentication, access, authorization, attributes, and audit, need to find their way into this new distributed environment."

"Today, with orchestration, you no longer need an application-specific connector because all of the patterns in the protocols that the applications need are already part of the abstraction layer in the orchestration."

"I told my developers, look, if you ever find yourself typing the word password in your code, stop, you're doing it wrong. So you need to back that up and figure out why someone was trying to bring a password in the first place and give them an alternative. So that is a bit of a heavy lift at the beginning, where you need to change people's mindsets."

"The world today is about self-service, and you want to have things bought and not sold."



Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip 

 

 

 

 

 

 

 

 

Chapters

Video

More from YouTube