1
00:00:05,320 --> 00:00:11,000
This is identity at the center. 
If it has anything to do with I 

2
00:00:11,120 --> 00:00:17,960
AM, this is the go to podcast 
now your host Jim McDonald and 

3
00:00:17,960 --> 00:00:21,880
Jeff Steadman. 
Welcome to the Identity at the 

4
00:00:21,880 --> 00:00:24,200
Center podcast. 
I'm Jeff and that's Jim. 

5
00:00:24,200 --> 00:00:25,840
Hey, Jim. 
Hey, Jeff. 

6
00:00:25,840 --> 00:00:27,360
How are you? 
Oh, not so bad. 

7
00:00:27,360 --> 00:00:28,810
Yourself. 
Good. 

8
00:00:28,850 --> 00:00:31,130
I'm getting used to seeing you 
in your Home Office. 

9
00:00:31,490 --> 00:00:34,850
Obviously we're on an audio only
podcast, but we have cameras on 

10
00:00:34,850 --> 00:00:37,530
so I can see you're at home. 
You've been home for like 2 

11
00:00:37,530 --> 00:00:39,250
weeks in a row. 
This is really weird. 

12
00:00:39,450 --> 00:00:41,810
Only one week. 
So yeah, I'm home this week. 

13
00:00:41,810 --> 00:00:44,650
I was out last week, but I think
I was able to record from home. 

14
00:00:44,770 --> 00:00:47,010
So and then I hit the road for 
the next. 

15
00:00:47,690 --> 00:00:50,690
I believe it's at least eight 
weeks in a row that I'll be 

16
00:00:50,690 --> 00:00:53,290
gone. 
So I'm making trips kind of 

17
00:00:53,290 --> 00:00:56,770
lower place, more in Chicago, 
Cincinnati. 

18
00:00:57,470 --> 00:01:01,430
Back to Milwaukee and then 
Chicago, then Milwaukee, then 

19
00:01:01,990 --> 00:01:07,190
where am I going after that? 
Then DC and then Austin, TX and 

20
00:01:07,190 --> 00:01:11,710
then San Diego and then who 
knows past that. 

21
00:01:11,790 --> 00:01:13,430
That's everything that I have 
going for next weeks. 

22
00:01:14,150 --> 00:01:15,230
Yeah. 
So what do you do? 

23
00:01:15,230 --> 00:01:18,310
Do you have any like tips and 
trips tips and tricks for the 

24
00:01:19,910 --> 00:01:24,190
non road warrior people like me?
Well, like, what do you mean 

25
00:01:24,190 --> 00:01:27,490
tips or tricks? 
Like, I, you know, our guest. 

26
00:01:28,050 --> 00:01:30,170
I'm not going to announce who 
our guest is, but he has this 

27
00:01:30,170 --> 00:01:31,730
camera on as well. 
And I see he's got some 

28
00:01:31,730 --> 00:01:33,650
backpacks in the background, 
right? 

29
00:01:33,650 --> 00:01:36,690
And I'm thinking, like, I know 
when I'm hitting the road like 

30
00:01:36,890 --> 00:01:40,010
2-3 weeks in a row, I like to 
basically keep my backpack 

31
00:01:40,210 --> 00:01:44,330
packed for three weeks, right? 
I don't know. 

32
00:01:44,330 --> 00:01:47,330
Do you have anything like that? 
I mean, I'm coming home in 

33
00:01:47,330 --> 00:01:49,570
between all those trips and I 
like to travel light. 

34
00:01:49,570 --> 00:01:53,930
I'm a big fan of one bag travel 
if I can do it, so I try to. 

35
00:01:54,540 --> 00:01:57,540
I have a quest to find the 
perfect one bag solution. 

36
00:01:57,980 --> 00:02:02,300
I am somewhere around the 30 or 
40th attempt of different bags 

37
00:02:02,300 --> 00:02:04,860
in my collection. 
At this point, I think it's a 

38
00:02:04,860 --> 00:02:08,780
big benefit if you can travel 
and fit everything you need 

39
00:02:08,979 --> 00:02:10,100
underneath the seat in front of 
you. 

40
00:02:10,300 --> 00:02:12,500
You don't have to fight for 
overhead space for luggage. 

41
00:02:12,500 --> 00:02:13,980
You don't have to worry about 
checking bags. 

42
00:02:14,140 --> 00:02:16,660
I haven't checked a bag in a 
decade. 

43
00:02:16,700 --> 00:02:18,820
I don't know, and that was for 
an international trip, so I'm 

44
00:02:18,820 --> 00:02:21,820
not. 
I'm not a fan of that pack 

45
00:02:21,820 --> 00:02:23,540
light, you know, pack what you 
need. 

46
00:02:24,100 --> 00:02:27,100
Yeah, especially if you're doing
domestic US travel, you know, if

47
00:02:27,100 --> 00:02:29,140
you forget something, you can 
always find something local to 

48
00:02:29,140 --> 00:02:32,540
replace it if you need it. 
Trying to think what else, find 

49
00:02:32,540 --> 00:02:36,420
multipurpose items, so try to 
standardize like power plugs, 

50
00:02:36,580 --> 00:02:39,540
cables, things like that. 
So you don't need to bring like 

51
00:02:39,540 --> 00:02:42,380
8 different power adapters. 
With you get a nice USBC 

52
00:02:42,380 --> 00:02:45,940
charger, multiport with enough 
wattage to juice up all your 

53
00:02:45,940 --> 00:02:47,620
stuff. 
You know, get cables that can 

54
00:02:47,620 --> 00:02:50,180
serve multiple purposes, stuff 
like that. 

55
00:02:50,220 --> 00:02:51,980
And definitely if you're 
traveling a lot. 

56
00:02:52,470 --> 00:02:55,870
Invest in yourself. 
Meaning get like an airline car,

57
00:02:56,110 --> 00:02:59,990
airline club card or something 
like that to separate you know 

58
00:02:59,990 --> 00:03:03,510
yourself from the from the 
masses when you're in at an 

59
00:03:03,510 --> 00:03:06,710
airport. 
Yeah, I haven't been traveling 

60
00:03:06,710 --> 00:03:09,990
all that much really since the 
pandemic, but prior to that I 

61
00:03:09,990 --> 00:03:13,870
was traveling a lot. 
I think my tip would be practice

62
00:03:13,870 --> 00:03:17,080
the cone of silence, which is 
like, you can create this 

63
00:03:17,080 --> 00:03:20,560
invisible bubble around yourself
in your own mind anyway. 

64
00:03:20,880 --> 00:03:23,400
And it's like, you can kind of 
like, pretend you're not there, 

65
00:03:26,000 --> 00:03:29,480
well, you know, pretend you're 
not in that airplane seat, 

66
00:03:29,480 --> 00:03:33,320
because sometimes it's like hot 
or cold. 

67
00:03:33,400 --> 00:03:36,360
Maybe there's a baby right 
behind you crying, or there's 

68
00:03:36,520 --> 00:03:39,040
other people just being rude or 
whatever. 

69
00:03:39,040 --> 00:03:43,470
Don't don't fall into the trap 
of, you know, be rude yourself. 

70
00:03:43,470 --> 00:03:46,910
Just pretend you're not there. 
That you know that's a good 

71
00:03:46,910 --> 00:03:51,070
point get and this reminds me 
get the best noise cancelling 

72
00:03:51,070 --> 00:03:55,350
earbuds or headphones whatever 
that you can muster they may 

73
00:03:55,390 --> 00:03:59,150
they are a huge game changer. 
So I travel with a couple pairs.

74
00:03:59,190 --> 00:04:03,390
I got my Ear Pods Pro and then I
have the Bose quiet comfort to 

75
00:04:03,430 --> 00:04:04,990
earbud things. 
I don't like the overheads 

76
00:04:04,990 --> 00:04:07,790
because they take so much room 
so I'm not a fan of the in ear 

77
00:04:07,950 --> 00:04:09,590
type of stuff. 
So if that works for people 

78
00:04:09,590 --> 00:04:11,750
that's another one. 
So I carry both of those with me

79
00:04:11,750 --> 00:04:14,020
and. 
Yeah, It was very helpful for my

80
00:04:14,020 --> 00:04:17,380
last flight from New York City 
that had a child screaming in 

81
00:04:17,380 --> 00:04:21,019
the seat behind me. 
And I was, for the most part, 

82
00:04:21,019 --> 00:04:24,620
blissfully unaware. 
Yeah, I know when you, when you 

83
00:04:24,620 --> 00:04:28,500
have enough years of travel 
under your belt, you start 

84
00:04:28,500 --> 00:04:31,740
hearing people travel horror 
stories and you're like, yeah, 

85
00:04:31,740 --> 00:04:33,340
you travel it off. 
That's going to happen. 

86
00:04:35,620 --> 00:04:37,700
And we're on the runway for five
hours. 

87
00:04:37,700 --> 00:04:42,380
Yeah, that stuff happens. 
It delays all that stuff, stuff 

88
00:04:42,380 --> 00:04:43,900
you can control, stuff that you 
can't. 

89
00:04:44,060 --> 00:04:45,700
You know, I've kind of gotten 
just used to. 

90
00:04:45,700 --> 00:04:48,300
It's like, whatever. 
I mean, it happens. 

91
00:04:48,300 --> 00:04:51,140
If and now that I'm connecting, 
I used to, you know, fly out of 

92
00:04:51,140 --> 00:04:52,340
Chicago because that's where you
used to live. 

93
00:04:52,340 --> 00:04:53,420
So everything was a direct 
flight. 

94
00:04:53,860 --> 00:04:56,900
Now, living in North Carolina, 
out of the Asheville area, 

95
00:04:57,020 --> 00:04:58,580
everything is a connection for 
the most part. 

96
00:04:59,060 --> 00:05:01,140
Asheville, I go to Atlanta and 
then I go somewhere else. 

97
00:05:01,140 --> 00:05:02,780
So there's been a couple of 
nights where I've been, you 

98
00:05:02,780 --> 00:05:05,380
know, had to spend a night in 
Atlanta because flights are 

99
00:05:05,380 --> 00:05:07,740
delayed or whatever. 
It's a first world problem. 

100
00:05:08,290 --> 00:05:09,930
You know, I made it. 
We're okay. 

101
00:05:10,010 --> 00:05:12,970
We're fine, yeah. 
I get Nagri. 

102
00:05:12,970 --> 00:05:16,050
Doesn't change the outcome any. 
No, doesn't do anything for me. 

103
00:05:17,970 --> 00:05:20,610
Yeah, so it's. 
I guess So you're asking about 

104
00:05:20,610 --> 00:05:21,730
travel? 
I got a lot of things going on. 

105
00:05:21,730 --> 00:05:24,170
We're actually recording this a 
couple weeks in advance, so kind

106
00:05:24,170 --> 00:05:26,370
of the 4th wall down. 
It's September 7th. 

107
00:05:26,530 --> 00:05:29,170
As we're sitting here recording 
this, I have all these trips 

108
00:05:29,170 --> 00:05:33,630
lined up starting next week. 
And we're going to kind of talk 

109
00:05:33,630 --> 00:05:35,590
through some of that because I 
think some of these trips are 

110
00:05:35,590 --> 00:05:39,870
related to speaking engagements 
or conferences or things that 

111
00:05:39,870 --> 00:05:42,590
you and I are both doing. 
Guess the first thing coming up 

112
00:05:42,750 --> 00:05:44,470
is really it's a tie. 
It's for you and me. 

113
00:05:45,110 --> 00:05:48,110
I'm going to be at Identity 
Week, America, October 3rd and 

114
00:05:48,110 --> 00:05:51,630
4th in Washington, DC I'm 
hosting a panel discussion on 

115
00:05:51,630 --> 00:05:54,030
pass keys. 
We're recording this in the 

116
00:05:54,030 --> 00:05:56,350
middle of the day. 
As soon as this is over, I'm 

117
00:05:56,350 --> 00:05:59,150
hopping onto a call with my 
panel participants. 

118
00:05:59,570 --> 00:06:01,050
To figure out what the heck 
we're going to talk about. 

119
00:06:01,050 --> 00:06:04,170
So that is real time information
of what we're doing. 

120
00:06:04,810 --> 00:06:07,970
I'm going to be out there and 
we've got a discount code for 

121
00:06:07,970 --> 00:06:09,210
folks who want to take advantage
of that. 

122
00:06:09,210 --> 00:06:14,170
For Identity Week America, it's 
ID AC30I DA C30 that gets you 

123
00:06:14,170 --> 00:06:17,010
30% off your conference pass. 
It works for both Identity Week 

124
00:06:17,010 --> 00:06:20,050
America and Identity Week Asia. 
So if you're looking at any of 

125
00:06:20,050 --> 00:06:23,210
those conferences here in the 
next few weeks, definitely come 

126
00:06:23,210 --> 00:06:25,860
out. 
Say hello, I will be there, but 

127
00:06:25,860 --> 00:06:28,260
feel free to use the code that 
shows support for for us. 

128
00:06:28,500 --> 00:06:32,220
And then while I'm in DC, you're
going to be in San Francisco. 

129
00:06:32,700 --> 00:06:36,660
I'll be in San Fran at Octane 
2023 is October 3rd through the 

130
00:06:36,660 --> 00:06:40,220
5th. 
We have a discount code for that

131
00:06:40,220 --> 00:06:45,940
one as well, 30% off using OK 
TNID C30. 

132
00:06:46,220 --> 00:06:50,300
I'll get you 30% off. 
You can register@octa.com/octane

133
00:06:50,780 --> 00:06:53,140
and we're also doing some fun 
stuff over there. 

134
00:06:53,140 --> 00:06:58,020
One is I'm going to have my 
fancy Dancy iPhone and I'm going

135
00:06:58,020 --> 00:07:00,300
to take some videos and 
hopefully do some interviews 

136
00:07:00,300 --> 00:07:02,980
with folks that I see around the
conference. 

137
00:07:02,980 --> 00:07:07,220
I'll have some of the new 
updated IDAC stickers. 

138
00:07:07,700 --> 00:07:11,980
They're more easily peeled off 
and you're. 

139
00:07:11,980 --> 00:07:15,780
Very proud of those, by the way.
I mean, it's a. 

140
00:07:16,460 --> 00:07:19,420
It's a game changer. 
How often can you upgrade a 

141
00:07:19,420 --> 00:07:22,260
sticker, right? 
You know, like what do you have 

142
00:07:22,260 --> 00:07:24,700
to do to upgrade something 
that's been around for 100? 

143
00:07:24,700 --> 00:07:26,780
Years now with 100% more 
sticker. 

144
00:07:27,340 --> 00:07:32,460
Yeah, it's much more sticky. 
And then we're doing a cohosted 

145
00:07:32,460 --> 00:07:36,340
event with our friends from 
Accents We're it's Wednesday 

146
00:07:36,340 --> 00:07:39,060
night. 
We'll put the link in the show 

147
00:07:39,060 --> 00:07:41,740
notes for how to register for 
that bad boy. 

148
00:07:42,020 --> 00:07:44,620
Or you can look at my LinkedIn 
profile. 

149
00:07:44,620 --> 00:07:48,300
I've posted a video on it which 
kind of shows the last time we 

150
00:07:48,660 --> 00:07:51,860
did an event or actually 
attended their event, didn't 

151
00:07:51,860 --> 00:07:55,420
cohost that one at as 
identifiers, but we will for 

152
00:07:55,420 --> 00:07:59,780
this one at Octane and our guest
today may be in attendance there

153
00:07:59,780 --> 00:08:02,020
in Octane as well. 
Yeah, we'll see. 

154
00:08:03,180 --> 00:08:06,260
And then after that we've got 
Authenticate conference that is 

155
00:08:06,260 --> 00:08:09,590
October 16th to 18th. 
That's in Carlsbad, CA. 

156
00:08:09,590 --> 00:08:11,190
That's the San Diego trip that I
mentioned. 

157
00:08:11,190 --> 00:08:13,230
So I'm heading out there for 
that. 

158
00:08:13,270 --> 00:08:15,830
Jim, you and I are going to be 
on the main stage. 

159
00:08:15,830 --> 00:08:18,030
We're going to do a live show in
front of the live studio 

160
00:08:18,030 --> 00:08:22,150
audience of people in the in the
venue, as well as streamed live 

161
00:08:22,150 --> 00:08:23,670
to the Internet. 
That'll be interesting. 

162
00:08:24,390 --> 00:08:26,030
We've got to figure out what the
heck we're doing with that one 

163
00:08:26,030 --> 00:08:28,350
too. 
So we got to get out on our 

164
00:08:28,350 --> 00:08:30,430
horse about that. 
But we've got a code for that 

165
00:08:30,430 --> 00:08:33,990
one as well. 
I D AC15 podcasts that get you 

166
00:08:33,990 --> 00:08:37,690
15% off. 
So we've got discount codes, the

167
00:08:37,690 --> 00:08:42,130
galore for Identity Week, 
America Octane, Authenticate, 

168
00:08:42,490 --> 00:08:44,690
very appreciative of all those 
guys sponsoring with us and 

169
00:08:45,050 --> 00:08:47,410
helping us get the word out for 
stuff that we're going to be 

170
00:08:47,410 --> 00:08:49,370
doing at their stuff and 
hopefully they get the benefit 

171
00:08:49,370 --> 00:08:51,650
of your great attendance being 
there. 

172
00:08:51,730 --> 00:08:54,490
So I'll have links in our show 
notes too, where people can get 

173
00:08:54,490 --> 00:08:57,530
all this information and make it
easy for people to sign up and 

174
00:08:57,530 --> 00:08:59,700
register. 
Also, if you're a fan of the 

175
00:08:59,700 --> 00:09:02,180
podcast at the Authenticate 
Conference, we're going to 

176
00:09:02,180 --> 00:09:07,380
record like 5 different episodes
or four In addition to that main

177
00:09:07,380 --> 00:09:11,300
stage one and we're going to 
have a multitude of guests. 

178
00:09:11,300 --> 00:09:14,540
We're also going to have live 
studio audience opportunities 

179
00:09:14,540 --> 00:09:18,180
where people can come attend, 
ask questions of the guests. 

180
00:09:18,420 --> 00:09:22,260
We have to keep them in about an
hour long because we're going to

181
00:09:22,260 --> 00:09:26,500
be on the schedule just like any
other session, but should be a 

182
00:09:26,500 --> 00:09:29,010
lot of fun. 
So if you're into the show and 

183
00:09:29,010 --> 00:09:33,930
you want to take part, being 
there at Authenticate is a great

184
00:09:33,930 --> 00:09:36,170
way to do it. 
And by the way, they're also 

185
00:09:36,170 --> 00:09:39,290
having one night, which one of 
their entertainment nights is 

186
00:09:39,290 --> 00:09:41,730
they're going to have out on the
patio. 

187
00:09:41,730 --> 00:09:44,970
It looks like a really nice 
hotel or nice resort. 

188
00:09:45,250 --> 00:09:46,610
They're going to have food 
trucks. 

189
00:09:46,930 --> 00:09:49,730
So that's how we'll be fed that 
night is via food trucks. 

190
00:09:49,730 --> 00:09:51,050
I'm really looking forward to 
that. 

191
00:09:51,210 --> 00:09:56,640
I think Mexican food in San 
Diego is the best Mexican food 

192
00:09:56,640 --> 00:10:00,480
you can get in the US Those are 
fighting wars. 

193
00:10:00,480 --> 00:10:03,120
I know that we're going to get 
some hate mail over that, but 

194
00:10:03,120 --> 00:10:05,080
I'm, I'm putting, I'm laying 
down. 

195
00:10:05,680 --> 00:10:09,000
Do you agree? 
No, but that's only because I 

196
00:10:09,000 --> 00:10:11,600
haven't had it in the San Diego 
area from a food truck. 

197
00:10:11,880 --> 00:10:14,680
I'll be honest, I didn't really 
discover food trucks until about

198
00:10:14,680 --> 00:10:18,040
a year ago. 
Was never like a thing in the 

199
00:10:18,040 --> 00:10:20,240
Chicago suburbs. 
So it's like, okay, whatever 

200
00:10:20,240 --> 00:10:21,720
you're talking about too cold 
there. 

201
00:10:22,280 --> 00:10:23,350
Well. 
Yeah. 

202
00:10:23,350 --> 00:10:25,510
And I guess it's just it's, you 
know, it's urban, I mean you 

203
00:10:25,510 --> 00:10:27,710
know it's it's suburb and so 
it's just spread out everywhere.

204
00:10:27,710 --> 00:10:29,150
It's not like you're in the city
and stuff like that. 

205
00:10:29,150 --> 00:10:32,630
Or at least I wasn't very much 
now, hadn't lived in Nashville 

206
00:10:32,630 --> 00:10:35,590
for a little over a year. 
There is a huge food truck scene

207
00:10:35,590 --> 00:10:37,470
because there are constantly 
going between all the different 

208
00:10:37,470 --> 00:10:41,670
breweries and different things. 
So I'm I'm all in on the food 

209
00:10:41,670 --> 00:10:42,830
trucks. 
A good food truck. 

210
00:10:44,030 --> 00:10:47,010
Chef's kiss for sure. 
Am I willing to go and say that 

211
00:10:47,010 --> 00:10:50,730
San Diego area has the best 
Mexican food out of a food 

212
00:10:50,730 --> 00:10:51,690
truck? 
I don't know. 

213
00:10:51,730 --> 00:10:55,290
I'll take the challenge. 
I'll throw away the food truck 

214
00:10:55,290 --> 00:10:56,930
qualifier. 
I'm just saying it has the best 

215
00:10:56,930 --> 00:10:59,410
Mexican food. 
But what about, like, Chili's? 

216
00:11:03,410 --> 00:11:06,050
We'll leave it at that, folks. 
Episode over. 

217
00:11:07,130 --> 00:11:08,170
Yeah. 
Why don't we get to our main 

218
00:11:08,170 --> 00:11:12,370
topic We're going to talk about 
just in time access and just in 

219
00:11:12,370 --> 00:11:13,850
time. 
We've got John Morton. 

220
00:11:13,970 --> 00:11:17,330
He's the field CTO, Cloud 
Solutions, engineering leader at

221
00:11:17,330 --> 00:11:19,330
Brightive. 
Welcome to the show. 

222
00:11:19,330 --> 00:11:20,970
Or I should say, welcome back to
the show, John. 

223
00:11:21,990 --> 00:11:24,790
Always happy to be here, 
gentlemen, and the Chili's 

224
00:11:24,790 --> 00:11:27,630
comment that that those are 
fighting words. 

225
00:11:28,590 --> 00:11:29,790
Hey, shout out to my chili 
heads. 

226
00:11:29,790 --> 00:11:31,670
I work for Chili's for like 4 or
five years. 

227
00:11:32,030 --> 00:11:33,910
Made great friends, lifelong 
friends. 

228
00:11:33,910 --> 00:11:37,150
It was a great time and I'm. 
I'm a fan of the queso. 

229
00:11:37,150 --> 00:11:39,390
What can I say? 
I travel, I go to a Chili's, I 

230
00:11:39,470 --> 00:11:41,190
eat the queso. 
It's simple. 

231
00:11:41,190 --> 00:11:43,550
I'm a simple man with simple. 
Yeah, with simple needs. 

232
00:11:43,950 --> 00:11:47,630
The last time you were with us, 
John, was episode 115. 

233
00:11:48,310 --> 00:11:50,230
And we talked about the cloud 
being different. 

234
00:11:50,230 --> 00:11:55,110
That was way back in October 
2021, now we're in September of 

235
00:11:55,110 --> 00:11:57,350
2023. 
What have you been doing for the

236
00:11:57,350 --> 00:12:00,950
last two years? 
That is a great question and 

237
00:12:01,790 --> 00:12:05,790
surprisingly I've been diving 
into exactly that, Not just 

238
00:12:05,790 --> 00:12:11,070
cloud usage but actually like 
digital transformation and I've 

239
00:12:11,070 --> 00:12:12,990
been working a lot with 
customers. 

240
00:12:13,500 --> 00:12:16,020
Getting to know them and 
understanding what are they 

241
00:12:16,060 --> 00:12:20,100
doing there that's so radically 
different that traditional tools

242
00:12:20,100 --> 00:12:23,620
just don't fit. 
So a lot of conferences, lot of,

243
00:12:23,620 --> 00:12:26,060
you know, customer engagements, 
you all mentioned some 

244
00:12:26,060 --> 00:12:27,620
conferences. 
We all may be used to an 

245
00:12:27,620 --> 00:12:31,300
identity, but we're talking 
things like Google Next, a WS 

246
00:12:31,300 --> 00:12:36,180
Reinvent, Cube, Con, a 
Kubernetes specific conference, 

247
00:12:36,460 --> 00:12:39,700
DevOps days, these sort of 
conferences I've been attending 

248
00:12:40,020 --> 00:12:42,260
and really just learning from 
customers or what are they 

249
00:12:42,260 --> 00:12:44,460
doing. 
And how are they doing it? 

250
00:12:46,660 --> 00:12:48,700
That's it. 
That doesn't sound very much. 

251
00:12:51,020 --> 00:12:53,620
Well, the objective there, the 
pitch I always give is what I've

252
00:12:53,620 --> 00:12:57,380
been working on for our company 
at Bright of is I bridge the gap

253
00:12:57,380 --> 00:13:00,220
between sales, engineering and 
product being an evangelist for 

254
00:13:00,220 --> 00:13:02,540
customers. 
So when I gather all that data 

255
00:13:02,540 --> 00:13:05,020
and information of what they're 
trying to do, how do we build 

256
00:13:05,020 --> 00:13:08,020
our product and make it better 
and actually tangibly build it 

257
00:13:08,020 --> 00:13:11,500
so and then go sell it. 
So that's the the summary there.

258
00:13:12,610 --> 00:13:15,050
So for people who aren't 
familiar with Bright of what is 

259
00:13:15,050 --> 00:13:17,210
it that you guys are looking to 
solve for? 

260
00:13:17,890 --> 00:13:19,610
Yeah. 
So the best way I summarize it 

261
00:13:19,610 --> 00:13:21,570
is that we do cloud access 
management. 

262
00:13:21,890 --> 00:13:26,290
I know that sounds very simple 
and it's very easy way to put 

263
00:13:26,290 --> 00:13:29,010
it, but that is functionally 
what we do. 

264
00:13:29,010 --> 00:13:31,170
We help folks manage access to 
the cloud. 

265
00:13:31,530 --> 00:13:34,570
And our claim to fame is, as you
all pointed out, is just in 

266
00:13:34,570 --> 00:13:37,730
time, meaning you get the access
you need when you need it. 

267
00:13:37,770 --> 00:13:40,210
It's the appropriate access and 
it's what you want. 

268
00:13:40,700 --> 00:13:44,500
Not to be confused exactly with 
authentication, more focused on 

269
00:13:44,500 --> 00:13:48,060
that authorized authorization 
piece, but that's the summary. 

270
00:13:49,300 --> 00:13:51,020
Yeah, that that's a good 
summary. 

271
00:13:51,500 --> 00:13:55,100
I think what I always get hung 
up with on just in time access 

272
00:13:55,100 --> 00:13:57,300
is because I think you just said
what it is. 

273
00:13:57,780 --> 00:14:01,860
But how does it really work? 
Like walk me through a scenario 

274
00:14:01,860 --> 00:14:05,460
where somebody is like receiving
just in time access to go do 

275
00:14:05,460 --> 00:14:07,340
something they need. 
Yeah. 

276
00:14:07,500 --> 00:14:11,860
And so, yeah, back to that point
of what are these engineers, I 

277
00:14:11,860 --> 00:14:14,900
like to call them builders, 
platform engineering folks, 

278
00:14:14,900 --> 00:14:19,740
system engineering folks, site 
reliability engineers in, you 

279
00:14:19,740 --> 00:14:22,660
know, operations trying to do 
what they're trying to do for 

280
00:14:22,660 --> 00:14:26,140
the most part is maybe deploy a 
certain piece of software 

281
00:14:26,140 --> 00:14:29,180
literally right now, whether 
that's a human method or an 

282
00:14:29,220 --> 00:14:32,230
automated method. 
What they've learned over time 

283
00:14:32,230 --> 00:14:35,550
is you don't have to have static
credentials that have static 

284
00:14:35,550 --> 00:14:38,950
permissions like a domain admin 
to add someone to a security 

285
00:14:38,950 --> 00:14:41,230
group. 
You can actually do it pulling 

286
00:14:41,230 --> 00:14:44,830
the levers of API. 
I can put Jim McDonald in 

287
00:14:44,830 --> 00:14:48,670
security Group A for 5 minutes, 
he does his job and I take him 

288
00:14:48,670 --> 00:14:51,350
out. 
That's the simplest way to break

289
00:14:51,350 --> 00:14:54,590
down some of that complexity 
that makes a lot of sense. 

290
00:14:54,590 --> 00:14:59,430
I think that you know, one of 
the biggest shortcomings we have

291
00:15:00,110 --> 00:15:04,110
is over provisioned accounts, 
accounts laying around that you 

292
00:15:04,110 --> 00:15:06,710
know even if you feel like 
you've got all the safeguards 

293
00:15:06,710 --> 00:15:09,870
and controls around those 
accounts, it's an unnecessary 

294
00:15:09,870 --> 00:15:12,350
risk to have an account out 
there that has all these 

295
00:15:12,350 --> 00:15:14,150
permissions that's not being 
used. 

296
00:15:15,430 --> 00:15:19,670
But it brings me back to I think
that the terminology that I was 

297
00:15:19,670 --> 00:15:22,870
hearing a lot a few years ago is
0 standing privileges. 

298
00:15:23,230 --> 00:15:26,670
And my question is, is just in 
time access is 0 standing 

299
00:15:26,670 --> 00:15:28,790
privileges? 
Are they exactly the same thing?

300
00:15:29,410 --> 00:15:31,850
They, they go hand in hand, they
go hand in hand. 

301
00:15:31,850 --> 00:15:34,970
So what's always tough for 
customers, I've been doing this 

302
00:15:34,970 --> 00:15:39,010
now for three years specifically
is everybody says they do JIT 

303
00:15:39,170 --> 00:15:44,050
and and JIT can literally mean, 
hey, Jeff logs on right now, 

304
00:15:44,490 --> 00:15:48,090
creates an account for me right 
now and he puts me in the group 

305
00:15:48,090 --> 00:15:50,490
right now. 
That qualifies as just in time, 

306
00:15:50,890 --> 00:15:53,110
right? 
That is radically different than

307
00:15:53,110 --> 00:15:56,950
0 standing privileges where you 
know you may have an existing 

308
00:15:56,950 --> 00:15:59,510
user account and you get the 
access you need. 

309
00:15:59,670 --> 00:16:02,830
Being put into a group for 
example, and taken out the 0 

310
00:16:02,830 --> 00:16:06,110
standing privileges there is 
your account has zero standing 

311
00:16:06,110 --> 00:16:09,270
privileges. 
So architecture is my favorite 

312
00:16:09,270 --> 00:16:11,430
term for that. 
Makes it a little confusing 

313
00:16:11,430 --> 00:16:15,150
about the two and it's the 
operations team who really can 

314
00:16:15,150 --> 00:16:17,710
break it down for even better, 
if that makes sense. 

315
00:16:19,060 --> 00:16:22,180
It seems like the council we're 
talking about are the of the 

316
00:16:22,180 --> 00:16:26,420
privilege of variety makes you 
think of privilege access 

317
00:16:26,420 --> 00:16:29,260
management or Pam. 
I'm wondering, is what we're 

318
00:16:29,260 --> 00:16:32,340
talking about like Pam 2.0? 
Because we've done episodes 

319
00:16:32,340 --> 00:16:35,660
where he said Pam is dead. 
I wouldn't say Pam is dead, 

320
00:16:35,660 --> 00:16:37,500
because that hurts a lot of 
people's feelings. 

321
00:16:38,300 --> 00:16:41,820
What it is, is access is being 
looked at in a new way, right? 

322
00:16:42,060 --> 00:16:44,940
Why does it have to be 
privileged access when you can 

323
00:16:44,940 --> 00:16:48,140
manage access this way? 
A better way to look at it is, I

324
00:16:48,140 --> 00:16:52,380
always say from the resource up,
it should be the resource that 

325
00:16:52,380 --> 00:16:57,420
dictates the level of privilege.
And you know that's a new way to

326
00:16:57,420 --> 00:17:00,900
kind of look at things. 
If you were biased like I was 

327
00:17:00,900 --> 00:17:04,700
for a long time and I am where 
what I mean is like a developer 

328
00:17:04,700 --> 00:17:07,700
may say, I need access to an EC2
instance. 

329
00:17:08,109 --> 00:17:10,349
That's a resource. 
It's a bucket where you store 

330
00:17:10,349 --> 00:17:13,470
data, ECT. 
They don't care how you get 

331
00:17:13,470 --> 00:17:15,630
there. 
All they care about is getting 

332
00:17:15,630 --> 00:17:17,069
the access they need when they 
need it. 

333
00:17:17,069 --> 00:17:20,310
So they're looking more at the 
resource itself versus some sort

334
00:17:20,310 --> 00:17:22,990
of account that gets down into 
it, right. 

335
00:17:24,190 --> 00:17:27,910
So John, I'm gonna ask you, I'm 
gonna ask the question very 

336
00:17:27,910 --> 00:17:31,490
open-ended about what business 
problem that solves, but then I 

337
00:17:31,490 --> 00:17:34,250
do want to get into specifics 
depending on your answer. 

338
00:17:34,250 --> 00:17:37,890
So what business problems does 
just in time access solve? 

339
00:17:38,370 --> 00:17:43,930
Oh, now that is my absolute 
favorite, Jeff and Jim, this is 

340
00:17:43,930 --> 00:17:47,210
where I over the past few years 
working with operations and 

341
00:17:47,210 --> 00:17:49,730
builders. 
I've been so relieved working 

342
00:17:49,730 --> 00:17:53,210
with them because there are a 
lot of shops of yes versus 

343
00:17:53,210 --> 00:17:55,890
working with traditional 
identity and security that are 

344
00:17:55,890 --> 00:17:58,210
shops of no. 
What does that mean? 

345
00:17:59,130 --> 00:18:02,610
Operations teams, platform 
engineering, system engineering.

346
00:18:02,850 --> 00:18:07,130
They get paid to do things like,
you know, we're recording now. 

347
00:18:07,610 --> 00:18:10,090
They get paid to keep the 
platform up, right. 

348
00:18:10,090 --> 00:18:12,810
They get paid to make sure when 
we access it, it's there. 

349
00:18:13,010 --> 00:18:16,930
The KP I's for the business are 
driven by functional operations 

350
00:18:16,930 --> 00:18:19,530
of organizations. 
The last thing they want is to 

351
00:18:19,530 --> 00:18:22,170
be slowed down and doing their 
jobs. 

352
00:18:22,210 --> 00:18:24,690
A lot of the KP I's revolve 
around and they report up to the

353
00:18:24,690 --> 00:18:26,730
CTO. 
So what we do? 

354
00:18:27,200 --> 00:18:32,040
Is we help remove a lot of the 
complexity of access so they can

355
00:18:32,040 --> 00:18:35,240
do their job. 
Simply put, they are begging 

356
00:18:35,520 --> 00:18:38,920
please remove the complexity so 
I can do my job. 

357
00:18:38,920 --> 00:18:41,720
Because when you think about 
things like least privilege, 

358
00:18:42,320 --> 00:18:47,360
privileged access management, 
request workflows, that is 

359
00:18:47,360 --> 00:18:50,330
complexity. 
The business value of what we're

360
00:18:50,330 --> 00:18:53,850
doing is we're streamlining that
process by giving these builders

361
00:18:53,850 --> 00:18:57,290
a self-service opportunity that 
has security guardrails. 

362
00:18:57,370 --> 00:19:00,010
So it's win, win. 
The builders get what they want.

363
00:19:00,010 --> 00:19:02,930
They do things fast and there's 
security involved because we 

364
00:19:02,930 --> 00:19:07,090
have guardrails with Jet and we 
we really enable them to build 

365
00:19:07,090 --> 00:19:09,090
fast. 
That's a great answer. 

366
00:19:10,570 --> 00:19:13,930
You know, I I don't, I can't 
think of the organization I've 

367
00:19:13,930 --> 00:19:18,430
worked with in the past decade 
or said that doesn't have cloud 

368
00:19:18,430 --> 00:19:20,990
infrastructure, cloud 
applications. 

369
00:19:21,470 --> 00:19:27,110
And I think we're talking a lot 
about how to do these things, 

370
00:19:27,110 --> 00:19:30,910
how to manage these privileges 
for the cloud. 

371
00:19:30,910 --> 00:19:33,830
But what about on Prem? 
A lot of these organizations 

372
00:19:33,830 --> 00:19:38,030
still have servers and data 
centers, and it might call it 

373
00:19:38,030 --> 00:19:41,910
like a hybrid cloud, but the 
reality of it is is it's still 

374
00:19:41,910 --> 00:19:45,170
on Prem infrastructure. 
You are absolutely correct. 

375
00:19:45,170 --> 00:19:48,050
So one thing I like to remind 
people of too, just to take one 

376
00:19:48,050 --> 00:19:51,050
step back, is when I talk about 
the cloud, I really hate. 

377
00:19:51,370 --> 00:19:54,010
It was a joke that came out 
maybe four or five years ago 

378
00:19:54,010 --> 00:19:57,010
where somebody said the cloud is
just someone else virtualizing 

379
00:19:57,010 --> 00:19:59,730
your data center. 
That is not the cloud at all. 

380
00:20:00,130 --> 00:20:05,050
The cloud to me when I talk 
about AWS or GCP is actually a 

381
00:20:05,050 --> 00:20:07,890
new operating system. 
It's not somewhere where you 

382
00:20:07,890 --> 00:20:10,530
virtualize servers. 
It's a brand new operating 

383
00:20:10,530 --> 00:20:12,330
system that has its own 
functions. 

384
00:20:12,650 --> 00:20:16,850
So what they did there is they 
built capabilities like 

385
00:20:16,930 --> 00:20:18,730
ephemeral access that made it 
easy. 

386
00:20:19,250 --> 00:20:22,890
So the hardest thing we deal 
with that bright is your exact 

387
00:20:22,890 --> 00:20:25,410
point. 
You can do all these fancy fun 

388
00:20:25,410 --> 00:20:28,050
things in the cloud. 
Why can't you do it on premise? 

389
00:20:29,210 --> 00:20:30,770
Well, there's certain 
limitations. 

390
00:20:30,770 --> 00:20:34,050
There's traditional networking, 
traditional directory 

391
00:20:34,050 --> 00:20:37,230
structures, file structures. 
You have these beautiful 

392
00:20:37,230 --> 00:20:41,550
firewalls that keep us out, so 
we're slowly bridging that gap 

393
00:20:41,550 --> 00:20:45,710
back to on premise where my use 
case still applies on premise. 

394
00:20:46,230 --> 00:20:49,710
Imagine if you can put someone 
in a security group for 5 

395
00:20:49,710 --> 00:20:53,150
minutes and take them out. 
That's the simplest way to think

396
00:20:53,150 --> 00:20:55,310
about it. 
Now you when you add on the 

397
00:20:55,310 --> 00:20:58,350
layers to it, you have to have 
some sort of agent that runs in 

398
00:20:58,350 --> 00:21:00,550
the environment that can do this
job that you would have done 

399
00:21:00,550 --> 00:21:01,910
manually. 
That's where it gets a little 

400
00:21:01,910 --> 00:21:05,290
fun, but we are seeing these 
capabilities expanded with 

401
00:21:05,290 --> 00:21:09,010
certain tools like Kubernetes, 
with certain capabilities like 

402
00:21:09,250 --> 00:21:12,130
robotic automated processes, 
things like Jenkins, things like

403
00:21:12,130 --> 00:21:15,970
Terraform. 
So the cloud world is slowly 

404
00:21:15,970 --> 00:21:18,890
being begged to go back to the 
on premise world. 

405
00:21:19,090 --> 00:21:21,890
We're just nobody's 100% there 
yet. 

406
00:21:22,650 --> 00:21:24,690
Yeah, yeah. 
There's just so many such a 

407
00:21:24,690 --> 00:21:29,010
variety of use cases and legacy 
systems and things like that, 

408
00:21:30,370 --> 00:21:34,110
so, so. 
It sounds like on Prem is a more

409
00:21:34,110 --> 00:21:38,750
difficult 1 to tackle in terms 
of the types of systems. 

410
00:21:38,750 --> 00:21:42,230
Are we talking about apps? 
Are we talking about middleware 

411
00:21:42,350 --> 00:21:47,310
infrastructure or is it all the 
above platforms as well? 

412
00:21:47,350 --> 00:21:49,750
Yeah. 
Now that's that's still I always

413
00:21:49,750 --> 00:21:52,070
talk to you is another thing I 
like to talk about is a cloud 

414
00:21:52,070 --> 00:21:54,790
journey, right, a cloud journey.
You just nailed it very 

415
00:21:54,790 --> 00:21:57,630
eloquently, Jim. 
So a lot of folks, they will 

416
00:21:57,630 --> 00:21:59,590
start with, let me just 
virtualize some of these 

417
00:21:59,590 --> 00:22:03,320
hardware servers into the cloud,
Very basic stuff, right? 

418
00:22:03,320 --> 00:22:07,880
So at its core lift and shift, 
we're managing the platform. 

419
00:22:08,160 --> 00:22:10,720
But anybody who goes on a 
digital transformation knows 

420
00:22:10,720 --> 00:22:13,040
that's the tip of the iceberg. 
You want to use these new 

421
00:22:13,080 --> 00:22:16,240
operating systems like I 
mentioned and you know, get that

422
00:22:16,240 --> 00:22:20,040
going. 
So what we'll see is it's a 

423
00:22:20,040 --> 00:22:22,080
really diverse set of what 
they're going for. 

424
00:22:22,080 --> 00:22:26,240
Now a little bit bias here, but 
there are certain organizations 

425
00:22:26,240 --> 00:22:30,250
that are on the bleeding edge of
pushing operations faster. 

426
00:22:30,410 --> 00:22:33,850
Retail for example, they get 
paid when you go download stuff 

427
00:22:33,850 --> 00:22:35,810
off their app and purchase stuff
through their apps. 

428
00:22:36,210 --> 00:22:39,530
They're a lot farther in your 
case, Jim, of where we at, you 

429
00:22:39,530 --> 00:22:41,890
go somewhere else like 
insurance. 

430
00:22:42,810 --> 00:22:46,490
Yeah, we're lucky if we see 
anything in the close fed space,

431
00:22:46,490 --> 00:22:48,570
very similar. 
So many controls and rules, 

432
00:22:48,570 --> 00:22:50,210
they're not there. 
So they're different verticals 

433
00:22:50,210 --> 00:22:52,730
that push a lot farther. 
But we really run the gamut of 

434
00:22:52,730 --> 00:22:56,700
all all of those in between and 
I described as human problems 

435
00:22:56,700 --> 00:23:00,900
versus legitimate automated 
infrastructures, code CICD 

436
00:23:00,900 --> 00:23:03,100
problems. 
There's a full spectrum there. 

437
00:23:04,220 --> 00:23:06,060
You mentioned a couple of 
different verticals like 

438
00:23:06,100 --> 00:23:09,220
government and insurance 
compared to maybe retail and 

439
00:23:09,220 --> 00:23:12,420
sort of the, I don't know the 
the where they're at on their 

440
00:23:12,420 --> 00:23:14,860
journey either to or from the 
cloud, I guess would be the 

441
00:23:14,860 --> 00:23:18,780
right way to put it. 
A lot of folks out there 

442
00:23:18,780 --> 00:23:22,460
probably have a Pam strategy. 
I hope they do at least of some 

443
00:23:22,460 --> 00:23:24,460
sort and maybe it's been 
designed. 

444
00:23:25,480 --> 00:23:28,840
You know that was more focused 
on an on Prem versus something 

445
00:23:28,840 --> 00:23:33,880
that's more cloud focused. 
Does it make sense to have a Pam

446
00:23:33,880 --> 00:23:37,760
strategy for both? 
Here is our Pam strategy for on 

447
00:23:37,760 --> 00:23:40,800
premise environment and then 
here is our Pam strategy for our

448
00:23:40,800 --> 00:23:44,120
cloud environment. 
Are there parallels that could 

449
00:23:44,120 --> 00:23:47,640
be drawn between the two to say 
okay as a general rule of you 

450
00:23:47,640 --> 00:23:52,170
know, of of operating? 
We want to be least privileged, 

451
00:23:52,170 --> 00:23:54,010
right? 
Or if we can zero same 

452
00:23:54,010 --> 00:23:56,050
privileges, which I love, I 
love, I love. 

453
00:23:56,090 --> 00:23:58,130
You know the idea of that. 
I think I've been using it since

454
00:23:58,130 --> 00:24:00,370
I heard you talk about it a 
couple years ago. 

455
00:24:00,410 --> 00:24:02,490
That's a great idea, right? 
That's this just in time axis 

456
00:24:02,490 --> 00:24:06,330
type thing. 
If I have a strategy that was 

457
00:24:06,330 --> 00:24:11,890
built for on Prem, how much of 
that translates to my Pam 

458
00:24:11,890 --> 00:24:16,210
strategy for the cloud? 
Yeah, Jeff, get me excited over 

459
00:24:16,210 --> 00:24:22,430
here asking the tough questions.
So I would say almost 5% would 

460
00:24:22,430 --> 00:24:23,590
be applicable. 
Here's why. 

461
00:24:23,790 --> 00:24:26,510
Now traditionally, everyone 
should have an identity 

462
00:24:26,510 --> 00:24:28,390
strategy. 
You guys nailed it. 

463
00:24:28,390 --> 00:24:31,910
Jeff and Jim, you're here to 
hear first leaders in in the 

464
00:24:31,910 --> 00:24:33,590
right way to think about it, 
right. 

465
00:24:33,790 --> 00:24:35,550
It should be an identity 
strategy. 

466
00:24:35,550 --> 00:24:38,030
Why am I saying that? 
Pam to me has always been a 

467
00:24:38,030 --> 00:24:40,830
subset of that. 
And about 20 years ago, some 

468
00:24:40,830 --> 00:24:43,630
smart vendors, we won't name 
names, they created their own 

469
00:24:43,630 --> 00:24:46,310
market space for Pam and they 
created all the rules. 

470
00:24:46,830 --> 00:24:48,830
Well, those rules don't apply 20
years later. 

471
00:24:49,380 --> 00:24:52,260
Trust me, I very rarely 
encounter anybody who wants to 

472
00:24:52,260 --> 00:24:56,420
be held up having some virtual 
machine log into them as an 

473
00:24:56,420 --> 00:25:00,140
admin user because you have to 
pay for more admin accounts. 

474
00:25:00,380 --> 00:25:03,660
So those sort of strategies, 
you're correct, they should be 

475
00:25:03,660 --> 00:25:06,340
there. 
But what hurts the most is the 

476
00:25:06,340 --> 00:25:10,420
mandates, the compliance, the 
risk, the the regulations that 

477
00:25:10,420 --> 00:25:13,060
accompany Pam. 
So there's no way to escape that

478
00:25:13,060 --> 00:25:18,130
strategy, but it does not in any
way correlate 1 to one for 

479
00:25:18,130 --> 00:25:21,170
capabilities in the cloud. 
For example, you know 0 standing

480
00:25:21,170 --> 00:25:23,730
privileges. 
We once showed an auditor when 

481
00:25:23,730 --> 00:25:25,930
we were working on our own stock
two type 2. 

482
00:25:26,250 --> 00:25:28,770
They said, hey, let's do an 
audit of your environment. 

483
00:25:28,770 --> 00:25:31,570
Bright if we showed them and 
they said why do none of these 

484
00:25:31,570 --> 00:25:34,450
accounts have any permissions? 
This isn't even possible. 

485
00:25:35,090 --> 00:25:38,490
Where's the privileged accounts?
We're like when we use this new 

486
00:25:38,490 --> 00:25:41,450
tool that we built and that 
doesn't work that way anymore. 

487
00:25:41,450 --> 00:25:45,560
So as times evolve, the 
traditional Pam idea, which to 

488
00:25:45,560 --> 00:25:48,440
me is a subset of identity, is 
not going to be able to keep up.

489
00:25:48,440 --> 00:25:51,240
It's just not feasible. 
Well, I think a lot of 

490
00:25:51,240 --> 00:25:54,400
organizations run into this 
struggle of the definition of 

491
00:25:54,400 --> 00:25:58,040
what is privileged access, and 
sometimes it's like okay. 

492
00:25:58,040 --> 00:26:01,840
Well, because I'm an admin, I 
need that admin access all the 

493
00:26:01,840 --> 00:26:04,890
time. 
When do you really, I mean, you 

494
00:26:04,890 --> 00:26:07,730
know, sometimes it's you know, 
one transaction, right, you're 

495
00:26:07,730 --> 00:26:10,970
doing per day that requires it. 
Or maybe it is in an area where 

496
00:26:10,970 --> 00:26:14,090
you're constantly doing things 
and the end up as sort of like 

497
00:26:14,090 --> 00:26:17,370
this spectrum of different 
permissions. 

498
00:26:17,370 --> 00:26:21,250
And I think the reality if you 
really were able to get it down 

499
00:26:21,250 --> 00:26:25,250
to a fine grained point in time,
minute, not even minute by 

500
00:26:25,250 --> 00:26:28,850
minute, but millisecond by 
millisecond in some cases, what 

501
00:26:28,850 --> 00:26:32,490
is your actual privilege profile
look like? 

502
00:26:32,860 --> 00:26:34,180
There's probably a spectrum 
there. 

503
00:26:35,180 --> 00:26:37,580
Am I thinking about that right, 
or is there a different way to 

504
00:26:37,580 --> 00:26:39,460
that, that people should be 
thinking about that out there? 

505
00:26:39,460 --> 00:26:42,020
You're thinking about it right? 
And that's traditionally how I 

506
00:26:42,020 --> 00:26:43,820
came into it too, right? 
I kind of thought about it. 

507
00:26:43,820 --> 00:26:46,900
So this is where I ran into the 
conflicts, though, where I 

508
00:26:46,900 --> 00:26:48,980
pivoted to, well, what are the 
builders doing? 

509
00:26:49,500 --> 00:26:53,060
They don't care about an admin. 
They don't know the difference. 

510
00:26:53,340 --> 00:26:55,900
What they care about is access 
to resources. 

511
00:26:56,340 --> 00:26:59,580
So within any environment, any 
ecosystem, the data, the 

512
00:26:59,580 --> 00:27:03,020
resource is what can be 
classified as privileged, if you

513
00:27:03,020 --> 00:27:05,820
will. 
How we get that, you know can 

514
00:27:05,860 --> 00:27:09,740
latch on to that easier than us.
So let me put it a different 

515
00:27:09,740 --> 00:27:12,060
way. 
A lot of Pam and I am teams 

516
00:27:12,060 --> 00:27:15,780
think they ask me if I just had 
the context, if I knew what was 

517
00:27:15,780 --> 00:27:18,660
privileged, if your tool could 
tell me I could fix things. 

518
00:27:19,420 --> 00:27:22,060
That's never going to work. 
That's a never ending tale. 

519
00:27:22,060 --> 00:27:26,240
With every new cloud added, 
every new resource added, we say

520
00:27:26,240 --> 00:27:28,600
hey, why don't you look at the 
resource itself and what they're

521
00:27:28,600 --> 00:27:30,400
trying to do. 
When we build guard rails around

522
00:27:30,400 --> 00:27:33,600
that, does that make kind of a 
sense around a different way to 

523
00:27:33,600 --> 00:27:36,520
approach the same problem? 
Yeah, I think so. 

524
00:27:36,600 --> 00:27:39,680
I think it's difficult in the 
real world sometimes, right. 

525
00:27:39,680 --> 00:27:45,880
It's how, I guess how responsive
are your identity systems in 

526
00:27:45,880 --> 00:27:48,280
being able to manage that. 
It's typically the challenge I 

527
00:27:48,280 --> 00:27:51,920
see because the traditional 
method of doing this is I go 

528
00:27:51,920 --> 00:27:54,170
into a vault. 
And then, you know, first of 

529
00:27:54,170 --> 00:27:57,010
all, I log into a vault, and 
then I need to find my 

530
00:27:57,010 --> 00:28:00,090
credential and then I need to 
check it out like a library 

531
00:28:00,090 --> 00:28:01,770
book. 
Sometimes there's a form I need 

532
00:28:01,770 --> 00:28:04,170
to fill out that says, hey Jim, 
am I allowed to have this 

533
00:28:04,170 --> 00:28:07,530
library book out? 
And then we're waiting for Jim 

534
00:28:07,530 --> 00:28:11,370
to say yes or no, right? 
And then I get that account, and

535
00:28:11,370 --> 00:28:13,570
then I do my thing, whatever it 
is. 

536
00:28:13,970 --> 00:28:16,930
And then maybe I keep that 
library book checked out for the

537
00:28:16,930 --> 00:28:21,050
entire day, week, month, hour, 
whatever it is. 

538
00:28:21,690 --> 00:28:25,450
And then somewhere Jim, the mean
privileged librarian comes along

539
00:28:25,450 --> 00:28:27,970
and says give me that back, 
takes that, takes that book 

540
00:28:27,970 --> 00:28:30,010
back, that account back and 
changes the password on me. 

541
00:28:30,010 --> 00:28:32,970
So I can't use it. 
It seems like that that's not 

542
00:28:32,970 --> 00:28:35,770
super responsive in today's 
world. 

543
00:28:36,570 --> 00:28:39,850
And and I'm thinking about this 
this just in time, Access is 

544
00:28:39,850 --> 00:28:42,450
very in my mind. 
It's going to have to be very 

545
00:28:42,570 --> 00:28:44,970
data-driven, but it's going to 
really be a a different way to 

546
00:28:44,970 --> 00:28:49,250
think about how can we actually 
deliver on that promise of JIT. 

547
00:28:49,760 --> 00:28:51,440
And say, okay, well, here's 
here's what we've got. 

548
00:28:51,640 --> 00:28:55,640
And you know, your access is 
minute by minute, second by 

549
00:28:55,640 --> 00:28:57,720
second, really kept up to date 
because I think there is 

550
00:28:57,720 --> 00:29:01,080
something very powerful to say 
about, yeah, if if an account 

551
00:29:01,080 --> 00:29:04,160
gets breached, the account 
itself doesn't have any 

552
00:29:04,160 --> 00:29:07,160
permissions, which is great. 
It's very similar to kind of 

553
00:29:07,160 --> 00:29:10,760
this, this idea of passwordless 
or and I'll say true passwords, 

554
00:29:10,760 --> 00:29:13,520
meaning there is no password in 
the environment you're relying 

555
00:29:13,520 --> 00:29:15,040
on other mechanisms to do 
authentication. 

556
00:29:15,040 --> 00:29:18,280
So if you steal the database 
that has the credentials in it. 

557
00:29:18,980 --> 00:29:20,940
The pastor feel is blank, empty 
or just doesn't. 

558
00:29:20,940 --> 00:29:23,260
You know, it doesn't make any 
sense and is of no use to 

559
00:29:23,260 --> 00:29:24,580
people. 
I see kind of the same concept 

560
00:29:24,580 --> 00:29:25,380
here. 
Yeah. 

561
00:29:25,380 --> 00:29:28,300
So it's exactly that. 
It's just to add, like I like to

562
00:29:28,300 --> 00:29:30,980
say, Better Together to add to 
what you're saying, right. 

563
00:29:30,980 --> 00:29:34,460
The Better Together story is if 
you looked at it this way and 

564
00:29:34,460 --> 00:29:38,660
when I talked to my customers, 
we don't have the content as 

565
00:29:38,660 --> 00:29:41,780
identity practitioners of all 
these vulnerabilities. 

566
00:29:41,820 --> 00:29:44,940
All the simplest way we can do 
it is say we have a production 

567
00:29:44,940 --> 00:29:48,470
environment, the developers or 
builders have the context of 

568
00:29:48,470 --> 00:29:51,230
what they need. 
What if we allow them to have 

569
00:29:51,230 --> 00:29:53,950
self-service to what they want 
with security guardrails to your

570
00:29:53,950 --> 00:29:57,110
point, the security guardrails 
being you can build your own 

571
00:29:57,110 --> 00:30:00,670
access in this environment and 
you use JIT and you use our 

572
00:30:00,670 --> 00:30:03,950
policies and you plug into the 
SIM and you plug into SSO or 

573
00:30:03,950 --> 00:30:06,510
MFA. 
That is exactly where we're 

574
00:30:06,510 --> 00:30:08,150
fitting. 
We don't know what you're trying

575
00:30:08,150 --> 00:30:09,480
to do. 
We want to give you the 

576
00:30:09,480 --> 00:30:12,520
guardrails to build it to be the
most effective you can. 

577
00:30:12,800 --> 00:30:16,600
That is amazing. 
When we, when we our customers 

578
00:30:16,600 --> 00:30:19,600
specifically, that's what 
they're buying into rather than 

579
00:30:19,600 --> 00:30:21,960
identity saying you need to 
explain to me all these things, 

580
00:30:21,960 --> 00:30:23,240
Jim, why do you want this 
access? 

581
00:30:23,240 --> 00:30:24,840
I'm going to give it to you for 
24 hours. 

582
00:30:25,200 --> 00:30:27,200
Instead it's saying, hey, why 
don't you build this, then you 

583
00:30:27,240 --> 00:30:29,000
use it. 
We'll keep an eye on it. 

584
00:30:29,160 --> 00:30:31,360
If it works, it works, everybody
wins. 

585
00:30:31,360 --> 00:30:33,680
Does that make sense? 
Yeah, for sure. 

586
00:30:33,680 --> 00:30:35,920
I think there's another area 
that I kind of want to get into 

587
00:30:35,920 --> 00:30:39,200
a little bit and this is around.
Data, because I think this is an

588
00:30:39,200 --> 00:30:41,120
area where a lot of 
organizations struggle. 

589
00:30:42,240 --> 00:30:44,480
Back in the old days in 
quotation marks there were 

590
00:30:44,480 --> 00:30:47,720
things like data lakes with 
Hadoop, things like that and it 

591
00:30:47,720 --> 00:30:51,320
was still very much role based 
access to some degree, maybe 

592
00:30:51,320 --> 00:30:53,080
some attribute based access 
control. 

593
00:30:53,520 --> 00:30:57,120
And now we've got things like 
Snowflake and this potentially 

594
00:30:57,120 --> 00:30:59,360
is an area they think they could
have a pretty big impact, 

595
00:30:59,360 --> 00:31:03,280
meaning just in time access into
Snowflake environments and data 

596
00:31:03,280 --> 00:31:06,410
accesses. 
First of all, I guess for people

597
00:31:06,410 --> 00:31:08,730
who aren't familiar with 
Snowflake and pretend I'm a 

598
00:31:08,730 --> 00:31:10,450
dummy, I know it won't be a big 
stretch for you. 

599
00:31:10,970 --> 00:31:15,690
What is Snowflake? 
And then talk about the impact 

600
00:31:15,690 --> 00:31:19,170
that something like either JIT 
or 0 standing privileges might 

601
00:31:19,170 --> 00:31:21,770
have on a solution like 
Snowflake. 

602
00:31:22,480 --> 00:31:25,160
Yeah, excellent. 
And I love these folks. 

603
00:31:25,520 --> 00:31:28,680
Never think anybody's a dummy. 
I get excited about it cuz I had

604
00:31:28,680 --> 00:31:30,640
to start, you know, somewhere. 
So when I think about what 

605
00:31:30,640 --> 00:31:33,200
Snowflake is, so when I started 
out, I used to be in finance 

606
00:31:33,200 --> 00:31:35,760
before, actually before I came 
to the vendor side like 1012 

607
00:31:35,760 --> 00:31:38,280
years ago. 
And everybody knows what a DBA 

608
00:31:38,280 --> 00:31:40,480
is, right? 
Everybody knows what a database 

609
00:31:40,480 --> 00:31:42,520
is. 
Hopefully you store data in it, 

610
00:31:42,520 --> 00:31:44,600
you reference it, you need it 
for everything. 

611
00:31:44,800 --> 00:31:47,840
And that's how most systems, 
information systems work. 

612
00:31:49,030 --> 00:31:50,350
It's not really that much 
different. 

613
00:31:50,470 --> 00:31:54,790
Where Snowflake changed the game
was in just charging pricing 

614
00:31:54,790 --> 00:31:56,470
model. 
I know I'm not making this like 

615
00:31:56,470 --> 00:31:58,870
a business conversation, but 
it's actually pretty important 

616
00:31:59,430 --> 00:32:01,710
rather than worry about tons of 
storage. 

617
00:32:01,870 --> 00:32:04,430
And this actually speaks to the 
difference between on premise 

618
00:32:04,430 --> 00:32:06,670
and cloud. 
Most of the time when you 

619
00:32:06,670 --> 00:32:09,430
worried about, and I I'd like to
speak like a CTO, because it's 

620
00:32:09,430 --> 00:32:12,030
business value. 
When you have an application 

621
00:32:12,030 --> 00:32:14,750
that references data and 
databases you used to get 

622
00:32:14,750 --> 00:32:17,730
charged by storage. 
The more data you stored, the 

623
00:32:17,730 --> 00:32:21,010
more expensive it was. 
What Snowflake did is they said 

624
00:32:21,010 --> 00:32:24,330
that is a bad idea. 
Let's switch it where we're only

625
00:32:24,330 --> 00:32:27,610
going to charge you when you 
access data, we don't care how 

626
00:32:27,610 --> 00:32:30,930
much of it you store. 
So that radically allowed 

627
00:32:31,210 --> 00:32:33,130
applications to be built in new 
ways. 

628
00:32:33,890 --> 00:32:36,530
We won't go too deep into it, 
but it's your idea of data 

629
00:32:36,530 --> 00:32:38,290
warehousing. 
It's still the exact same, 

630
00:32:38,450 --> 00:32:40,290
right? 
You store the data somewhere and

631
00:32:40,290 --> 00:32:43,840
you get charged by compute. 
What this does though is it 

632
00:32:43,840 --> 00:32:47,680
allows organizations to get 
really business analytical and 

633
00:32:47,680 --> 00:32:49,840
think about what they're doing 
with the data and use it in new 

634
00:32:49,840 --> 00:32:53,120
and creative ways. 
So with Snowflake, you can store

635
00:32:53,120 --> 00:32:55,400
all the data you want, you can 
distribute it how you want, you 

636
00:32:55,400 --> 00:32:57,960
want to protect it, but you're 
allowing folks to access it when

637
00:32:57,960 --> 00:33:01,000
when they want, and they're only
charged in in that time for 

638
00:33:01,000 --> 00:33:03,320
compute. 
Now why that matters? 

639
00:33:03,320 --> 00:33:06,760
Does that kind of make sense? 
Yeah, I'm thinking of my simple 

640
00:33:06,760 --> 00:33:08,640
brain, almost like a vending 
machine. 

641
00:33:08,640 --> 00:33:11,480
You've got a stock of soda 
inside the vending machine. 

642
00:33:11,960 --> 00:33:14,080
And you're only paying for the 
things that you're pulling out 

643
00:33:14,080 --> 00:33:17,120
of that vending machine 100% 
rather than paying for keeping 

644
00:33:17,120 --> 00:33:19,360
that vending machine alive and 
stocked and full where you may 

645
00:33:19,360 --> 00:33:21,960
not use it all the time. 
I only want a couple sodas. 

646
00:33:22,640 --> 00:33:25,640
So what that does though from a 
security perspective is it's a 

647
00:33:25,640 --> 00:33:28,760
little scary to traditional 
security practitioners because 

648
00:33:28,760 --> 00:33:32,120
now you have new ways of 
accessing snowflake tools like 

649
00:33:32,120 --> 00:33:34,600
Jupiter notebook that data 
scientists use. 

650
00:33:34,600 --> 00:33:38,000
So to your point earlier, Jeff, 
guess how they access this data?

651
00:33:38,320 --> 00:33:41,780
They have one set of logging 
credentials, they use it in 

652
00:33:41,780 --> 00:33:45,100
these robotic processes and they
fetch this data all the time. 

653
00:33:45,580 --> 00:33:48,540
Now that's good on the business 
side, but on the security side, 

654
00:33:48,940 --> 00:33:52,220
that's a little petrifying. 
Especially if you can run up the

655
00:33:52,220 --> 00:33:55,460
bill or access data sets, you 
shouldn't be able to access it. 

656
00:33:55,660 --> 00:33:57,820
You do need some disparity 
there. 

657
00:33:58,020 --> 00:34:01,620
And again, it's the traditional 
concept of do you need global 

658
00:34:01,620 --> 00:34:05,540
admin to access every table and 
every entry to run this task 

659
00:34:05,540 --> 00:34:09,460
with one set of credentials or 
can we do it in a different way?

660
00:34:11,120 --> 00:34:13,159
Okay. 
So I'm sold. 

661
00:34:13,600 --> 00:34:16,800
I need to have just in time in 
my environment, I need to have 

662
00:34:16,800 --> 00:34:19,199
privileged Access management 
environment if I don't already. 

663
00:34:19,719 --> 00:34:22,360
One of the challenges that 
typically see this is around 

664
00:34:22,840 --> 00:34:25,360
this concept of accountability 
versus ownership and 

665
00:34:25,360 --> 00:34:28,760
responsibility of delivering 
these services out to, you know,

666
00:34:28,760 --> 00:34:35,040
the to the environment who runs 
Privileged Access Management. 

667
00:34:35,449 --> 00:34:39,010
Within an organization and part 
of that would be things like 

668
00:34:39,170 --> 00:34:42,370
services like just in time or 0 
standing privileges or 

669
00:34:42,690 --> 00:34:44,650
traditional Pam right? 
That might be like a vault or 

670
00:34:44,650 --> 00:34:47,530
things like that. 
Cuz I feel like typically 

671
00:34:47,530 --> 00:34:50,929
infosec teams like to get their 
hands in there and say okay, 

672
00:34:51,290 --> 00:34:53,770
here's my tool right? 
And you developers need to use 

673
00:34:53,770 --> 00:34:55,409
this. 
There's another school of 

674
00:34:55,409 --> 00:34:57,850
thought that's like, well, it's 
the engineers are gonna be using

675
00:34:57,850 --> 00:34:59,690
it, maybe they should own it 
and. 

676
00:35:00,230 --> 00:35:02,550
Information security, maybe 
provide some guidance or you 

677
00:35:02,550 --> 00:35:04,830
know some oversight over how 
it's used, right? 

678
00:35:04,830 --> 00:35:07,270
Things like that. 
Maybe it's someone else. 

679
00:35:07,270 --> 00:35:10,110
I don't know, like where do you 
see this, this, this. 

680
00:35:10,710 --> 00:35:14,590
I won't say battle, but this 
discussion taking place it is it

681
00:35:14,590 --> 00:35:17,870
is a battle. 
So what my best recommendation 

682
00:35:17,870 --> 00:35:19,990
is as such. 
All right so and this is what I 

683
00:35:19,990 --> 00:35:23,750
tell the boards or sea level 
folks the job of a sea. 

684
00:35:23,750 --> 00:35:28,190
So in my opinion Chief Security 
Officer is to technically own 

685
00:35:28,190 --> 00:35:32,750
the tools that account for risk.
They own the risk. 

686
00:35:32,950 --> 00:35:35,830
They do not need to have the 
context to understand what 

687
00:35:35,830 --> 00:35:38,790
exactly the CTO is doing in 
Snowflake right. 

688
00:35:39,150 --> 00:35:42,230
But he does own the risk of that
access of that getting out. 

689
00:35:42,630 --> 00:35:45,550
So traditionally when we've seen
it and you all probably have 

690
00:35:45,550 --> 00:35:49,550
seen the same thing, I am teams 
even their purchases go to the 

691
00:35:49,550 --> 00:35:52,710
see see so see so owns the 
product. 

692
00:35:53,230 --> 00:35:58,790
What is a happy medium is when 
you do say CTO or CIO, I'm going

693
00:35:58,790 --> 00:36:01,470
to own the risk. 
Here's the tools I'm providing. 

694
00:36:01,830 --> 00:36:06,190
They will help you enable your 
task, your functions, MB, O's, 

695
00:36:06,190 --> 00:36:09,590
whatever, right The the CTO also
has an objective, so does the 

696
00:36:09,590 --> 00:36:12,630
organization. 
That's what we normally see. 95%

697
00:36:12,630 --> 00:36:15,790
of the time the see so owns the 
risk, they own the products. 

698
00:36:16,110 --> 00:36:19,030
But you have to work hand in 
hand with the business units. 

699
00:36:19,030 --> 00:36:22,470
The CTO normally that's 
executing these functions or has

700
00:36:22,470 --> 00:36:24,630
to use them. 
I think this is an important 

701
00:36:24,630 --> 00:36:27,870
topic for people to really kind 
of understand because I ran a 

702
00:36:27,870 --> 00:36:29,870
workshop on this actually a 
couple weeks ago with a client 

703
00:36:30,350 --> 00:36:35,310
and we spent probably a good two
hours talking about the racy 

704
00:36:35,310 --> 00:36:39,110
model of the IM program in the 
room was information security, 

705
00:36:39,590 --> 00:36:43,030
you know, general IT application
developers, things like that. 

706
00:36:43,030 --> 00:36:47,030
And we kind of we had discussion
around Okay. 

707
00:36:47,360 --> 00:36:50,200
Let's talk about these services 
for identity that we're going to

708
00:36:50,200 --> 00:36:52,920
be providing and this isn't 
specific to you know Pam or JIT,

709
00:36:52,920 --> 00:36:57,080
but I think it's it certainly 
applies is is really 

710
00:36:57,080 --> 00:37:01,200
understanding where do you fit 
within that racy matrix because 

711
00:37:01,200 --> 00:37:05,560
I think a lot of people and I 
and I'll, I'll blame not blame I

712
00:37:05,560 --> 00:37:08,800
will I'll I'll drop this on my 
information security brothers 

713
00:37:08,800 --> 00:37:12,680
and sisters out there is there 
is this tendency that oh it's a 

714
00:37:12,680 --> 00:37:15,720
security tool so security should
own it and operate it and blah, 

715
00:37:15,720 --> 00:37:17,920
blah, blah. 
That might not be true. 

716
00:37:18,840 --> 00:37:24,160
You might be accountable for the
tool or the risk that the tool 

717
00:37:24,160 --> 00:37:27,000
is mitigating, but that does not
necessarily mean you need to be 

718
00:37:27,000 --> 00:37:29,280
responsible for the delivery of 
that service. 

719
00:37:29,800 --> 00:37:31,760
So I think this is something 
that organizations really need 

720
00:37:31,760 --> 00:37:34,160
to start thinking about. 
If you're if you're running an 

721
00:37:34,160 --> 00:37:37,960
IM program or you're looking at 
getting one stood up, or anytime

722
00:37:37,960 --> 00:37:39,880
you're building out a new 
service, really take some time 

723
00:37:39,880 --> 00:37:42,600
to think about that racy model. 
Because I think there's a big 

724
00:37:42,600 --> 00:37:45,240
difference between being 
accountable for risk. 

725
00:37:45,240 --> 00:37:49,280
And this is where I see the SISO
and the CTO having the 

726
00:37:49,280 --> 00:37:52,440
accountability hat. 
And to me, accountability is 

727
00:37:52,440 --> 00:37:54,520
like Highlander. 
There can only be one, yeah, 

728
00:37:54,840 --> 00:37:57,760
you've got to have one person or
one group that's that's actually

729
00:37:57,760 --> 00:38:00,120
accountable for, you know, the 
risk of the service, whatever it

730
00:38:00,120 --> 00:38:04,050
may be. 
Versus who's responsible for 

731
00:38:04,090 --> 00:38:05,490
making sure that service is up 
and running. 

732
00:38:05,490 --> 00:38:08,930
So I think this is an area where
really think about you know, do 

733
00:38:08,930 --> 00:38:10,490
you really want to be 
accountable for it. 

734
00:38:10,490 --> 00:38:13,890
Because if you are, something 
goes wrong, that's, you know, 

735
00:38:13,890 --> 00:38:15,970
the group or the person that's 
going to be on the hook to talk 

736
00:38:15,970 --> 00:38:19,850
to others, to figure out what 
happens, go to the board. 

737
00:38:20,290 --> 00:38:22,970
Things may be now conversely, 
you know, typically that's the 

738
00:38:22,970 --> 00:38:25,490
person probably going to get the
recognition for, hey, the 

739
00:38:25,490 --> 00:38:26,850
ServiceNow, hopefully that 
person. 

740
00:38:27,410 --> 00:38:30,130
That it's accountable to sharing
that love downstream to others 

741
00:38:30,130 --> 00:38:31,890
as well. 
But I think that's something 

742
00:38:31,890 --> 00:38:34,570
important for people to think 
about is this concept of 

743
00:38:34,570 --> 00:38:37,770
accountability versus 
responsibility and then of 

744
00:38:37,770 --> 00:38:40,250
course the consultant in the 
informed part of that racy 

745
00:38:40,250 --> 00:38:42,370
diagram. 
But really think about where do 

746
00:38:42,370 --> 00:38:46,410
you really want to be, you know,
with regards to that service you

747
00:38:46,450 --> 00:38:47,610
did. 
You said it nicely, Jeff. 

748
00:38:47,610 --> 00:38:49,890
I was just taking it in watching
the master teach. 

749
00:38:51,290 --> 00:38:54,330
Yeah, You didn't think you'd get
out of here easy, did you, John?

750
00:38:55,920 --> 00:38:57,080
I never do. 
It's fun though. 

751
00:38:57,280 --> 00:39:01,080
No, you know, you know I want to
add something on this topic 

752
00:39:01,080 --> 00:39:04,240
which is I think privilege 
access management or just in 

753
00:39:04,240 --> 00:39:06,760
time access. 
This is one of those areas where

754
00:39:07,360 --> 00:39:10,480
you know information security, 
if they're delivering single 

755
00:39:10,480 --> 00:39:14,120
sign on or identity governance 
and administration or what other

756
00:39:14,360 --> 00:39:17,400
whatever other I M services 
they're offering, they just 

757
00:39:17,400 --> 00:39:21,200
assume okay, well we'll run the 
Pam system as well. 

758
00:39:21,840 --> 00:39:24,880
But what I found in my career is
that Pam. 

759
00:39:25,370 --> 00:39:28,810
As seen by engineers or 
whoever's being affected by it 

760
00:39:28,810 --> 00:39:32,010
and going to have to use the 
tool as this is being done to me

761
00:39:32,690 --> 00:39:35,930
and now I have to figure out how
to do my job efficiently. 

762
00:39:36,970 --> 00:39:39,730
In light of the fact that you've
thrown this obstacle in my way 

763
00:39:39,730 --> 00:39:43,450
and I'm going to figure out ways
to work around it versus the 

764
00:39:43,450 --> 00:39:47,810
mindset, the mindset shift that 
can happen if you say no, 

765
00:39:47,850 --> 00:39:51,410
actually this is your tool, you 
run it, and now. 

766
00:39:52,590 --> 00:39:56,030
You can't skip a step, which the
step is if you go into an 

767
00:39:56,030 --> 00:40:00,750
organization and the engineering
team thinks, Oh well, John and 

768
00:40:00,750 --> 00:40:03,310
Jeff have worked here for 20 
years, They're my best friends. 

769
00:40:03,310 --> 00:40:05,830
They would never. 
They would. 

770
00:40:05,830 --> 00:40:07,750
They would. 
They would never try to rob the 

771
00:40:07,750 --> 00:40:11,150
company or do something bad or 
become an inside threat. 

772
00:40:12,520 --> 00:40:15,200
We trust each other. 
We share passwords. 

773
00:40:15,200 --> 00:40:17,480
We don't. 
If that's the mindset, no you 

774
00:40:17,480 --> 00:40:19,720
don't. 
You don't get to run the system 

775
00:40:20,000 --> 00:40:23,960
right and but you at least have 
to have like a management view 

776
00:40:23,960 --> 00:40:28,440
within that team that says, you 
know, I have people come and go 

777
00:40:28,440 --> 00:40:33,400
and you know like I can trust 
you with my lunch money, but 

778
00:40:33,400 --> 00:40:36,120
that's I'm not going to trust 
you with the keys to the Kingdom

779
00:40:36,120 --> 00:40:39,780
of of the company. 
It's just the way it is, right? 

780
00:40:39,780 --> 00:40:41,580
So. 
Jim you and I had this 

781
00:40:41,580 --> 00:40:44,100
discussion a long time ago. 
I I remember this was an episode

782
00:40:44,260 --> 00:40:45,940
I I don't know when it was. 
It was a long time ago. 

783
00:40:45,940 --> 00:40:51,300
We talked about this is related 
to remember when Tesla almost 

784
00:40:51,300 --> 00:40:54,420
got breached and basically there
was this guy who was like an 

785
00:40:54,420 --> 00:40:59,020
insider threat and he was being 
paid or the the I guess the the 

786
00:40:59,020 --> 00:41:01,420
attempt was right is somebody 
would give him money to give him

787
00:41:01,420 --> 00:41:03,820
information on Tesla stuff 
right. 

788
00:41:04,260 --> 00:41:06,220
And you and I had a conversation
like, OK, so. 

789
00:41:06,780 --> 00:41:11,300
And my, my, my thought process 
was everybody has a number to, 

790
00:41:11,780 --> 00:41:16,780
you know, break their oath of 
security or whatever, you know, 

791
00:41:16,780 --> 00:41:19,980
privacy, whatever it may be. 
The number might be small, the 

792
00:41:19,980 --> 00:41:23,300
number might be a strong 
astronomical, but everybody has 

793
00:41:23,300 --> 00:41:25,220
a number. 
If someone came to you Jim, and 

794
00:41:25,220 --> 00:41:29,580
said, hey, I will give you $2 
billion tomo bravo, If you're 

795
00:41:29,580 --> 00:41:33,100
listening to, you know, be part 
of an acquisition where they 

796
00:41:33,100 --> 00:41:34,780
acquire the identity of the 
Center podcast. 

797
00:41:35,290 --> 00:41:37,330
I think we would listen to that,
right? 

798
00:41:37,570 --> 00:41:38,650
As much as like doing that, 
right. 

799
00:41:38,650 --> 00:41:40,050
We have a number that we like, 
all right? 

800
00:41:40,050 --> 00:41:41,130
That would be something like 
that. 

801
00:41:41,570 --> 00:41:43,130
And I think the same goes for 
anything. 

802
00:41:43,130 --> 00:41:45,850
Now, again, I'm not saying that 
people are bad inherently. 

803
00:41:45,850 --> 00:41:48,450
I try to believe in the good 
side, but I think everybody has 

804
00:41:48,450 --> 00:41:52,010
a number. 
And if you're relying on trust 

805
00:41:53,130 --> 00:41:56,930
to be your security platform, 
you know, in a physical, human 

806
00:41:57,130 --> 00:42:00,250
sense, I think you got problems.
I think that's the case. 

807
00:42:00,250 --> 00:42:03,610
I think it's best run by the 
engineers because at 12:00 

808
00:42:03,610 --> 00:42:06,360
midnight, you know they're 
trying to solve a problem. 

809
00:42:06,680 --> 00:42:09,840
You threw the system at them. 
Either they're going to try and 

810
00:42:09,840 --> 00:42:12,120
work around or they're going to 
pick up the phone and call you. 

811
00:42:12,480 --> 00:42:16,480
And I think information 
security's role is to make sure 

812
00:42:16,480 --> 00:42:20,160
that the controls that have been
put in place actually work, get 

813
00:42:20,160 --> 00:42:22,960
tested on a regular basis. 
The system is doing what it's 

814
00:42:22,960 --> 00:42:25,600
supposed to do, be accountable 
for the system. 

815
00:42:25,600 --> 00:42:27,000
In other words, the buck stops 
here. 

816
00:42:27,000 --> 00:42:30,200
But that doesn't mean turning 
the wrenches necessarily. 

817
00:42:30,510 --> 00:42:31,030
Right. 
Yeah. 

818
00:42:31,030 --> 00:42:34,070
And just to add to that, just to
add highlight exactly what you 

819
00:42:34,070 --> 00:42:37,510
both are saying. 
The reason I took this role and 

820
00:42:37,510 --> 00:42:40,910
I wanted to get closer to the 
customers is because I 

821
00:42:40,910 --> 00:42:46,790
consistently see cloud teams 
pull away from they hear words 

822
00:42:46,790 --> 00:42:50,030
like Pam and Lee's privilege, 
they pull away, they're building

823
00:42:50,030 --> 00:42:53,870
these tools themselves. 
Every one of my large customers 

824
00:42:54,350 --> 00:42:57,910
have built some version of the 
tool themselves because they 

825
00:42:57,910 --> 00:43:00,730
don't trust. 
Their cohorts and information 

826
00:43:00,730 --> 00:43:03,490
security because it's just 
slowing them down and we don't 

827
00:43:03,490 --> 00:43:06,810
understand what they want. 
So that's if we can bridge that 

828
00:43:06,810 --> 00:43:09,650
gap going forward. 
Those are the most effective 

829
00:43:09,650 --> 00:43:11,810
customers I see out in the 
world. 

830
00:43:13,170 --> 00:43:17,010
Yeah, you talked earlier a lot 
about and I wanted to kind of 

831
00:43:17,010 --> 00:43:21,530
close this out in terms of the 
area we've been talking about 

832
00:43:21,530 --> 00:43:24,410
just in time Access. 
But shifting back to what you're

833
00:43:24,410 --> 00:43:27,840
talking about with DevOps, you 
know, you're talking about the 

834
00:43:27,840 --> 00:43:31,120
conferences you're going to. 
To me this seems like that's the

835
00:43:31,120 --> 00:43:37,240
sweet spot for Just in Time 
access is you know, especially 

836
00:43:37,240 --> 00:43:41,520
around non human accounts and 
not having them sitting around 

837
00:43:41,520 --> 00:43:47,080
with privileges to singing, you 
know, high power groups and 

838
00:43:47,760 --> 00:43:50,960
elevated permissions and doing 
it in a just in time way. 

839
00:43:53,470 --> 00:43:55,470
I'm wondering am I thinking 
about that right? 

840
00:43:55,470 --> 00:43:59,750
What is the role for just in 
time access in DevOps? 

841
00:44:00,470 --> 00:44:03,790
So yeah, So in the over 2 years 
I've been meeting with these 

842
00:44:03,790 --> 00:44:06,790
folks and you know, and they 
love the idea and but I think 

843
00:44:06,790 --> 00:44:11,830
again, I will say this bluntly 
and boldly, Identity needs to be

844
00:44:11,830 --> 00:44:15,870
more in DevOps or I call them 
platform engineering builders. 

845
00:44:15,870 --> 00:44:18,070
I call them builders. 
They're builders and their 

846
00:44:18,070 --> 00:44:21,790
organization, the engineers, 
They're looking for identity 

847
00:44:21,790 --> 00:44:23,840
solutions. 
And they're not finding what 

848
00:44:23,840 --> 00:44:25,840
they're looking for. 
Matter of fact, case in point, 

849
00:44:25,840 --> 00:44:29,680
literally I heard it so much we 
actually built a request module.

850
00:44:29,680 --> 00:44:31,960
Now we call it Access Builder in
our own tool. 

851
00:44:32,280 --> 00:44:34,720
Because another thing they would
tell us is the complexity of 

852
00:44:34,720 --> 00:44:38,320
requesting a simple access. 
Jeff needs access to XYZ. 

853
00:44:38,840 --> 00:44:40,720
I got her to submit a service 
now Ticket. 

854
00:44:40,720 --> 00:44:42,560
I filled it out wrong. 
I get it back. 

855
00:44:42,960 --> 00:44:45,040
I get the right details. 
He goes to someone who doesn't 

856
00:44:45,040 --> 00:44:46,560
know what I want. 
I get it back. 

857
00:44:46,840 --> 00:44:48,920
He goes to some cloud engineer 
to fulfill that. 

858
00:44:48,920 --> 00:44:50,680
He doesn't know what I want. 
I get it back. 

859
00:44:51,000 --> 00:44:54,160
So it's even in the complexity 
of requesting access that we 

860
00:44:54,160 --> 00:44:56,760
decided to build this product 
and it's hitting off like 

861
00:44:56,760 --> 00:44:59,000
gangbusters. 
And we're asking where is your 

862
00:44:59,000 --> 00:45:01,480
IGA tool? 
Oh, way too complicated. 

863
00:45:01,760 --> 00:45:05,760
Where is your ITSM tool? 
Oh, we don't even want to use 

864
00:45:05,760 --> 00:45:08,440
that if we don't have to. 
Can you just give me one line of

865
00:45:08,480 --> 00:45:11,920
audit that says Jeff Steadman 
approved this thing? 

866
00:45:12,330 --> 00:45:14,530
That's all I need. 
I don't need the complexity. 

867
00:45:14,890 --> 00:45:18,330
So they're begging. 
Builders are begging for these 

868
00:45:18,330 --> 00:45:21,210
sort of solutions where they're 
just not happy with the current 

869
00:45:21,210 --> 00:45:22,890
state of things. 
And it is them. 

870
00:45:22,930 --> 00:45:25,970
They're the ones who are pushing
innovation and making people's 

871
00:45:25,970 --> 00:45:28,250
lives hard in identity and 
infosec, right? 

872
00:45:29,090 --> 00:45:33,290
Yeah, I and I think from a CIO 
perspective, you don't want to 

873
00:45:33,290 --> 00:45:37,090
slow down like the engineers can
move like at the speed of light.

874
00:45:37,090 --> 00:45:41,170
Now with these cloud services 
and just roll out new business 

875
00:45:41,170 --> 00:45:44,880
functionality, even the CSO is 
minded from a business 

876
00:45:44,880 --> 00:45:47,680
perspective. 
I don't want to slow that down. 

877
00:45:47,680 --> 00:45:51,000
But at the same time just 
saying, all right, well I'm 

878
00:45:51,000 --> 00:45:57,000
hands off that that doesn't take
away the the necessity to ensure

879
00:45:57,360 --> 00:45:59,160
security controls are being 
followed. 

880
00:45:59,160 --> 00:46:02,720
So you have to find the middle 
ground and I think just time 

881
00:46:02,720 --> 00:46:07,040
access can potentially bring you
a long way toward achieving 

882
00:46:07,040 --> 00:46:08,920
that. 
You need to have the paper 

883
00:46:08,920 --> 00:46:15,700
trail, but you know, counting on
like a service desk ticket or 

884
00:46:15,700 --> 00:46:19,060
counting on your IGA system to 
provide a detective or even a 

885
00:46:19,060 --> 00:46:21,780
preventive control, it's just 
too slow. 

886
00:46:22,580 --> 00:46:24,580
It's. 
It's the worst break glass is 

887
00:46:24,580 --> 00:46:26,860
always my favorite. 
You you all pointed it out. 

888
00:46:27,140 --> 00:46:29,980
There's normally two guys in 
every shop or or ladies, you 

889
00:46:29,980 --> 00:46:33,060
know, two people who have the 
keys of the Kingdom for cloud 

890
00:46:33,900 --> 00:46:38,260
and they have it written down in
the hopefully a little safe next

891
00:46:38,260 --> 00:46:40,460
to their desk and they both know
how to log in. 

892
00:46:41,050 --> 00:46:43,970
And that's how they still do it,
because they don't trust even a 

893
00:46:43,970 --> 00:46:45,730
vault to get them to where they 
need to be. 

894
00:46:45,730 --> 00:46:48,690
They're like, man, you and me, 
Jim, we're going to turn the 

895
00:46:48,690 --> 00:46:50,210
keys at the same time and get in
here. 

896
00:46:50,970 --> 00:46:54,090
But yeah, it's it's a tough and 
interesting place to be. 

897
00:46:54,090 --> 00:46:57,250
And just finding that happy 
medium is what I'm trying to do.

898
00:46:57,250 --> 00:46:59,410
That's that's where I want 
identity to go. 

899
00:46:59,410 --> 00:47:03,730
It is, to me, the biggest rough 
spot of all enterprises I talked

900
00:47:03,730 --> 00:47:07,210
to is the identity processes. 
Right now they're just complex, 

901
00:47:07,210 --> 00:47:10,700
mundane and misunderstood. 
And they may have its place in 

902
00:47:10,700 --> 00:47:13,460
finance, healthcare, there are 
compliance regulations and 

903
00:47:13,460 --> 00:47:15,020
mandates. 
Hopefully those change. 

904
00:47:15,420 --> 00:47:18,860
But where you don't have as much
retail, manufacturing, things 

905
00:47:18,860 --> 00:47:22,060
like that, they just want to 
move fast, Give me what I need. 

906
00:47:22,140 --> 00:47:25,540
We're all getting paid. 
Give me what I need. 

907
00:47:25,540 --> 00:47:28,060
I love it. 
I think that's that's that's a 

908
00:47:28,060 --> 00:47:30,940
good way to probably close out 
that part of the discussion is 

909
00:47:30,940 --> 00:47:34,420
give it, give it to me when I 
want it and get out of my way. 

910
00:47:36,610 --> 00:47:38,890
So we mentioned at the top of 
the show we were recorded a 

911
00:47:38,890 --> 00:47:42,370
couple weeks early. 
It's September 7th, which is a 

912
00:47:42,930 --> 00:47:46,570
holiday in my household and 
maybe others, but it is opening 

913
00:47:46,570 --> 00:47:48,650
night for the NFL season here in
the US. 

914
00:47:49,090 --> 00:47:51,810
So I'm a big football fan, been 
for years. 

915
00:47:51,810 --> 00:47:53,850
I have retired from the fantasy 
football game. 

916
00:47:53,970 --> 00:47:56,050
I used to run one for like 20 
years. 

917
00:47:56,700 --> 00:47:57,940
I haven't done that in a long 
time. 

918
00:47:57,940 --> 00:48:01,020
Now I can actually sit and 
actually watch a game and enjoy 

919
00:48:01,020 --> 00:48:03,860
it rather than watching the 
little ticker at the bottom that

920
00:48:03,860 --> 00:48:07,020
says, you know, so and so scored
touchdown or receiving yards or 

921
00:48:07,020 --> 00:48:08,220
passing yards, whatever it may 
be. 

922
00:48:08,740 --> 00:48:11,260
So here is what we're going to 
end On a lighter note today, 

923
00:48:11,820 --> 00:48:16,100
we're going to pick a winner for
this week's slate of games, week

924
00:48:16,100 --> 00:48:18,220
one of the NFL. 
And because people aren't going 

925
00:48:18,220 --> 00:48:21,340
to hear this until, I think 
September 25th, Ish. 

926
00:48:24,330 --> 00:48:26,330
We're going to be able to find 
out right who is right, wrong 

927
00:48:27,010 --> 00:48:29,930
way off phase. 
And so you know, welcome to the 

928
00:48:29,930 --> 00:48:34,610
first ever Locktown episode of 
the NFL Weekly Picks with 

929
00:48:34,970 --> 00:48:38,050
identity at the center. 
John, who do you have your eye 

930
00:48:38,050 --> 00:48:40,330
on this week? 
Who is going to win? 

931
00:48:41,570 --> 00:48:45,290
So I actually do compete in the 
survivor pool, where you can 

932
00:48:45,290 --> 00:48:47,970
only pick one winner every week 
and you cannot pick the same 

933
00:48:47,970 --> 00:48:51,000
team. 
I did my research based on 

934
00:48:51,000 --> 00:48:54,160
degenerate gambling and sports 
betting and I'm going to go with

935
00:48:54,160 --> 00:48:56,840
the Baltimore Ravens to at least
get the win money line. 

936
00:48:57,680 --> 00:48:58,840
All right, who are the Ravens 
playing? 

937
00:48:59,520 --> 00:49:02,520
The Ravens are playing. 
Actually, that's a really good 

938
00:49:02,520 --> 00:49:03,400
question. 
I'm not. 

939
00:49:03,480 --> 00:49:05,120
Even that's probably a good. 
Oh yeah, the Texans. 

940
00:49:05,200 --> 00:49:06,600
That was. 
That was why I think 

941
00:49:06,600 --> 00:49:08,840
statistically the safest. 
Bet you are correct. 

942
00:49:08,840 --> 00:49:11,680
Yeah. 
OK, Jim, who is your lock for 

943
00:49:11,680 --> 00:49:13,440
the week? 
They are going to win their 

944
00:49:13,440 --> 00:49:17,040
opening game. 
Well, I I want to interrupt 

945
00:49:17,040 --> 00:49:21,380
first with I'm not a huge NFL 
fan until the college football 

946
00:49:21,380 --> 00:49:24,620
season ends. 
I'm a Georgia Bulldogs fan. 

947
00:49:25,420 --> 00:49:30,180
They are going to win every 
week, so we can put that in the 

948
00:49:30,180 --> 00:49:32,820
bank. 
I also am like super excited 

949
00:49:32,820 --> 00:49:36,060
about Coach Prime and what he's 
doing at Colorado. 

950
00:49:36,300 --> 00:49:38,980
They beat TCU last week. 
They're going to beat Nebraska 

951
00:49:38,980 --> 00:49:43,430
this week. 
NFL wise, Eagles first. 

952
00:49:43,430 --> 00:49:47,350
I grew up in Philadelphia and my
number two team has been The 

953
00:49:47,350 --> 00:49:51,070
Jets because it lives in the New
York metro area for a while and 

954
00:49:51,070 --> 00:49:54,110
they sucked big time when I 
lived there. 

955
00:49:54,310 --> 00:49:58,470
But now I think they're my pick 
for the Super Bowl, so. 

956
00:49:58,790 --> 00:50:00,230
You think The Jets are going to 
the Super Bowl? 

957
00:50:01,030 --> 00:50:02,910
I I think they're winning the 
Super Bowl. 

958
00:50:03,110 --> 00:50:04,790
Wow. 
And they're playing the Bills, 

959
00:50:04,990 --> 00:50:07,030
so that's a money night game. 
That's huge. 

960
00:50:07,030 --> 00:50:08,710
Obviously Aaron Rodgers going 
to. 

961
00:50:09,520 --> 00:50:13,000
The Jets is is a big deal and 
they're wide receivers really 

962
00:50:13,000 --> 00:50:15,400
good too, right? 
They're OK. 

963
00:50:16,600 --> 00:50:18,960
I thought like the one guy was 
like superstar. 

964
00:50:18,960 --> 00:50:22,120
I don't know. 
Like, it's not really my my cup 

965
00:50:22,120 --> 00:50:24,200
of teas, so. 
You're going to The Jets? 

966
00:50:24,520 --> 00:50:25,960
Well, you're saying you're 
picking The Jets of the. 

967
00:50:25,960 --> 00:50:28,280
Super Bowl, though, Who is 
winning this week? 

968
00:50:28,480 --> 00:50:30,080
They're going to play the 
Buffalo Bills. 

969
00:50:30,080 --> 00:50:32,240
You're picking the Eagles over 
the Patriots? 

970
00:50:33,000 --> 00:50:35,440
Yeah, that's safe bet. 
OK. 

971
00:50:35,440 --> 00:50:36,880
Yeah. 
All right. 

972
00:50:37,700 --> 00:50:44,060
So my two teams are the 49ers 
and the Bears. 49ers play. 

973
00:50:44,060 --> 00:50:46,220
Who do the The Steelers, who are
bad? 

974
00:50:47,180 --> 00:50:52,140
They should win that game. 
But this is about passion, about

975
00:50:52,140 --> 00:50:55,020
feeling. 
I'm going with my Chicago Bears.

976
00:50:55,700 --> 00:51:00,220
Aaron Rodgers is out of town, 
and the Packers are coming in to

977
00:51:00,220 --> 00:51:02,700
Soldier Field. 
I'm going Bears, baby. 

978
00:51:02,860 --> 00:51:05,060
I've drank the blue kool-aid the
blue and orange. 

979
00:51:05,800 --> 00:51:07,560
Bears Lock it in. 
We're done. 

980
00:51:08,240 --> 00:51:10,360
Wait, how many wins did the 
Bears have last year? 

981
00:51:11,000 --> 00:51:15,880
I had a few I was just checking.
OK, a few means three or more. 

982
00:51:16,480 --> 00:51:17,800
They have more than that, I 
think. 

983
00:51:17,920 --> 00:51:20,160
So here's here's the excitement 
in Bear Town. 

984
00:51:20,240 --> 00:51:24,480
It's we're not facing Aaron 
Rodgers or Brett Favre for the 

985
00:51:24,480 --> 00:51:28,240
last 20 years. 
So there's actually a legitimate

986
00:51:28,240 --> 00:51:31,880
chance now that the I think the 
Bears can finally start to show 

987
00:51:31,880 --> 00:51:34,650
some progress against. 
The Packers, from a win 

988
00:51:34,650 --> 00:51:36,130
percentage, I think it's neck 
and neck. 

989
00:51:36,170 --> 00:51:39,810
I want to say the Packers took 
over like a one or two game lead

990
00:51:39,810 --> 00:51:43,410
in the last couple years, but 
historically it's been like, you

991
00:51:43,410 --> 00:51:45,610
know, 700 and 700. 
They've played so many games 

992
00:51:45,610 --> 00:51:47,330
against each others and it's 
been pretty even. 

993
00:51:47,330 --> 00:51:51,050
But I feel like this is the year
the Bears turn the corner, 

994
00:51:51,410 --> 00:51:54,010
mostly because they're not 
facing Aaron Rodgers. 

995
00:51:54,780 --> 00:51:57,380
Again, feels like you're trying 
to talk yourself into this one, 

996
00:51:57,380 --> 00:51:58,660
but that's OK. 
Hey, so. 

997
00:51:59,180 --> 00:52:01,980
You're saying there's a chance? 
I'm saying there's a chance. 

998
00:52:03,700 --> 00:52:06,180
All right, we'll go and wrap it 
up for this week. 

999
00:52:06,180 --> 00:52:08,380
John, thanks again for coming 
back on the show. 

1000
00:52:08,460 --> 00:52:10,100
We really appreciate the time 
you spent with us. 

1001
00:52:10,700 --> 00:52:14,580
I'll have links to your LinkedIn
and to to the bright of website 

1002
00:52:14,580 --> 00:52:18,860
BRITIV e.com so you can learn 
more about what John's been 

1003
00:52:18,860 --> 00:52:21,180
working on and some of the cool 
things that the bright of 

1004
00:52:21,180 --> 00:52:23,600
solution does. 
We'll have links to all the 

1005
00:52:23,600 --> 00:52:27,200
different conference things that
we talked about early on. 

1006
00:52:27,200 --> 00:52:29,880
So things like Identity Week 
America or discount codes for 

1007
00:52:29,880 --> 00:52:34,040
that, Octane or discount code 
for that authenticate our 

1008
00:52:34,040 --> 00:52:37,200
discount code for that. 
And of course, you know, you can

1009
00:52:37,200 --> 00:52:39,640
always connect with Jim and I if
you've got questions, comments, 

1010
00:52:39,640 --> 00:52:42,960
concerns, football picks. 
We're still looking for people 

1011
00:52:42,960 --> 00:52:45,320
to send pictures of Whopper's 
candy to Jim, because that's his

1012
00:52:45,320 --> 00:52:48,720
favorite candy. 
And we'll go ahead and leave it 

1013
00:52:48,720 --> 00:52:51,400
for this week. 
You can find us on the web, IDAC

1014
00:52:51,400 --> 00:52:56,960
podcast.com, Twitter at IDAC 
Podcast, Mastodon at IDAC 

1015
00:52:56,960 --> 00:53:01,960
Podcast at Infosec dot exchange.
Hit that subscribe button, like 

1016
00:53:02,400 --> 00:53:05,640
share, you know, whatever you 
want to do to help us out, get 

1017
00:53:05,640 --> 00:53:08,760
the word out for identity center
in the gospel of identity and 

1018
00:53:08,760 --> 00:53:10,520
access management to others is 
always appreciated. 

1019
00:53:10,520 --> 00:53:13,160
So we'll help. 
Leave it for this week. 

1020
00:53:13,160 --> 00:53:15,800
Thanks everyone for listening 
and we'll talk with everyone in 

1021
00:53:15,800 --> 00:53:18,690
the next one. 
You've been listening to 

1022
00:53:18,690 --> 00:53:22,610
Identity at the Center. 
We hope you've enjoyed the show.

1023
00:53:22,770 --> 00:53:26,970
Make sure to like, rate and 
review and we'll be back soon. 

1024
00:53:27,130 --> 00:53:29,410
But in the meantime, hit the 
website at 

1025
00:53:29,410 --> 00:53:36,490
identity@thecenter.com and find 
us on Twitter at IDAC Podcast. 

1026
00:53:36,970 --> 00:53:41,050
See you next time on identity at
the center.

