The 51st edition of the Identity Jedi Newsletter

Minding the Gap, A different conversation, Social Engineering

Wednesday 9/6/23 - Identity Jedi Newsletter - Subscribe

Hey Jedi welcome to the 51st edition of the Identity Jedi Newsletter! We are one week away from our 1st ANNIVERSARY. Can you believe it!?!? We’ve been through one football, one basketball, and half of a baseball season together. We’ve seen acquisitions, we’ve been to conferences, sooo much. But I’ll save the rest for next week’s newsletter.

We added another 100+ members to the community last month! Let’s keep this going and get to 1k before the year is out!

Sponsored By

Bullet-proof your cloud IAM and ensure rapid recovery with Acsense.

Let’s Get to the Good Stuff!

  • Social Engineering and You

  • Digital Identity and Onboarding

  • The result of the Platform Wars: Will it work?

  • NEW COMMUNITY POST!!!

Social Engineering and You

Our friends at Okta warned about a social engineering attack aimed at administrators. A key piece that’s glossed over in all of this:

The company says that before calling the IT service desk of a target organization, the attacker either had passwords for privileged accounts or were able to tamper with the authentication flow through the Active Directory (AD).”

This is less about Okta and more about general cybersecurity principles. It doesn’t matter what platform you have; if you have privileged access, the rest doesn’t matter. In this case the attackers had privileged access to AD ( already enough to do some damage). However, they wanted more. We're talking about privileged access to the system that grants privileged access, now we are getting somewhere. To me, this screams one thing: Identity practitioners have to start thinking and acting more like security practitioners. Trust…but verify…Everything.

Digital Identity and Onboarding

Evolution of technology is disruptive. We’ve seen this throughout the past 5 decades. One could say, well yeah evolution itself is the onset of change over time. But when you talk about evolution, you are considering small changes over a long span of time, with technology we see the opposite. Big changes over a short span of time. The biggest disruption is when a known fact and basis of proof changes. Imagine if I told you that down was up, and up was down. But I digress, let me get to my main point.

Rethinking identity and giving the user more control, completely changes the use cases we know today.

The below article talks about this in the case of employee onboarding and digital identity. While this article talks about the new risks, and covers different flavors of the use case. It dances around the fact that a simple change in this equation, creates a new problem entirely. In the case of employee onboarding, our known fact and basis of proof was that the employer controlled the identity. They were the authority on collecting and storing information that would become the basis of an employee’s digital identity. But in this new world, if user controls the identity….

Down is up, and up is down.

It brings up very interesting questions throughout the process, and challenges some very strong beliefs we currently have. How much information does an employer need to store about an employee? If the employee can provide said information on demand, in a verified way how does that change the current process?

Change is good, scary, disruptive, and dangerous. But above all….

It’s inevitable

Marvel Avengers GIF by Bombay Softwares

Gif by bombaysoftwares on Giphy

The Platform Wars: Who really wins?

Oldie but goodie here. This article was originally posted back in 2021, but given last week’s newsletter topics I felt it appropriate to bring up and have this quick discussion.

What’s the end result of Platform Wars? 3 maybe 4 converged platforms offering a “complete identity security solution”? What does the rollout of these platforms look like in current organizations? What features matter the most to customers? A mash up of all the current features doesn’t quite seem like it’s the right way to go?

So, let’s talk about it. What would YOU want in a converged platform?

Drop a comment, lets get the conversation going. ( FYI..View the web portion of this newsletter to leave a comment)

New Community Post by member Joe Duggan

Yesterday a new community post was sent out. Shout to Joe for submitting and adding to the growing area of community blogs. If you haven’t read it yet, here’s the link. ( It’s a really good read)

It’s time to party!

Oktane 23, the Party Bus Returns!

Our friends from Acsense are back with another party bus, and this time, it’s in San Francisco during Oktane! I can’t wait to ACTUALLY hop on the bus this time. ( Last time it was the night before my Keynote!!). Of course I’m always looking out for you Jedi so click the button below to secure your seat on the bus!

Identity Jedi Show Podcast

The Last Word

What if we challenged everything? Instead of pushing solutions, we asked questions and listened. Instead of pontificating about the future of identity, we met you where you are now. Instead of showing what could be, we showed you what is possible. What if identity security could be easier, faster, and more efficient to achieve…

Finally, what if we got thought leaders, innovators, and customers together to do just that?

Wouldn’t that be something?

If only someone would put together such a thing….
Well…someone did…and that someone wants you to be there.

Let’s change the conversation…together.

Be Good to each other, Be Kind to each other, Love each other

-Identity Jedi

What did you think of this weeks newsletter?

Login or Subscribe to participate in polls.

The JEDI COUNCIL

What job is identity hired to fix?

Subscribe to Premium to read the rest.

Become a paying subscriber of Premium to get access to this post and other subscriber-only content.

Already a paying subscriber? Sign In.

A subscription gets you:

  • • Blogs
  • • Expert Interviews
  • • Expanded Commentary
  • • Early Access to Identity Show content

Reply

or to participate.