Identity at the Center Identity At The Center #37 - Access Management with Andy
Mar 30, 2020
This week, Jim and Jeff chat with Andy Clark, a Principal Consultant at Okta with an extensive background in IT and identity access management. Andy dives into the evolution of IAM, emphasizing the benefits of centralized systems over app-specific identities. He explains the differences between SAML and OpenID Connect, touting OIDC’s simplicity for developers. The conversation also covers the importance of user experience in MFA adoption and discusses emerging trends in cloud IAM and identity consolidation. Get insights on how secure authentication is shaping our digital landscape!
AI Snips
Chapters
Transcript
Episode notes
Early Inbound Federation Win
- Andy described first inbound federation work integrating an application's identity with an organization's directory to avoid duplicated credentials.
- That early project convinced him identity consolidation was the right direction for large systems.
Identity Moved From Ad-Hoc To Professional
- Andy observed protocols and professional IAM practice matured to replace ad-hoc app-level identity stores.
- He emphasized user security awareness and demand for stronger identity controls after high-profile breaches.
Offer MFA To Customers
- Offer multifactor options for customers rather than avoiding it to reduce friction concerns.
- Andy noted users now expect stronger protections and will accept smartphone apps or fobs in many industries.