1 00:00:05,280 --> 00:00:10,440 This is identity at the center. If it has anything to do with 2 00:00:10,560 --> 00:00:17,960 IAM, this is the go to podcast now your hosts Jim McDonald and 3 00:00:17,960 --> 00:00:23,490 Jeff Stedman. Welcome to the Identity at the 4 00:00:23,490 --> 00:00:25,410 Center podcast. I'm Jeff and that's Jim. 5 00:00:25,410 --> 00:00:26,490 Hey, Jim. Hey, Jeff. 6 00:00:26,490 --> 00:00:27,850 How are you? Not so bad yourself. 7 00:00:28,130 --> 00:00:29,690 Good. I mean, we're here at 8 00:00:29,690 --> 00:00:32,330 Authenticate Fantastic conference. 9 00:00:32,330 --> 00:00:35,850 The Expo hall has been really nice to have gotten an 10 00:00:35,850 --> 00:00:38,890 opportunity to drop by a few booths, including the four truck 11 00:00:39,010 --> 00:00:40,690 booth. And you know, I got that. 12 00:00:40,850 --> 00:00:44,250 I said what I said to them was how many people have stopped by 13 00:00:44,250 --> 00:00:46,650 and asked what's happening with four Truck and Pain. 14 00:00:47,010 --> 00:00:49,410 It's like, yeah, pretty much everybody so. 15 00:00:49,410 --> 00:00:52,310 What'd they say? I don't want to go into the 16 00:00:52,310 --> 00:00:55,870 whole thing here, you know, but it was it was good. 17 00:00:55,870 --> 00:00:59,390 And I think we have commitment to have some people come back 18 00:00:59,390 --> 00:01:02,430 and talk to us. So we will do that when they're 19 00:01:02,430 --> 00:01:04,430 ready to do that. That's always appreciated. 20 00:01:04,510 --> 00:01:09,550 How's the swag game in there? You know, I'm not my early days 21 00:01:09,550 --> 00:01:13,230 are going to IT conferences. I wanted everything like I would 22 00:01:13,230 --> 00:01:16,950 go around with like. The shopping carts and trick or 23 00:01:17,670 --> 00:01:22,530 treat, you know, can I have my whatever T-shirt or stress ball? 24 00:01:22,610 --> 00:01:24,330 Sliding camera cover, which I hate. 25 00:01:24,770 --> 00:01:27,050 Oh, the slide camera covers. Yeah, hey, let's put this thing 26 00:01:27,050 --> 00:01:30,410 that ruins you your ability to close your laptop. 27 00:01:30,770 --> 00:01:33,010 That's a great idea. Yeah, they're fantastic. 28 00:01:33,010 --> 00:01:37,290 And then there was the the dongle for charging any type of 29 00:01:37,290 --> 00:01:40,090 phone, even though most people just have one type of phone. 30 00:01:40,610 --> 00:01:42,770 I find that actually handy, 'cause I have so many different 31 00:01:42,770 --> 00:01:45,290 devices I'm travelling with. But yes, that was over. 32 00:01:45,290 --> 00:01:46,530 But you don't need each of them though. 33 00:01:47,970 --> 00:01:49,410 So swag game, we're not sure yet. 34 00:01:49,410 --> 00:01:51,090 I have to go through. I haven't really taken a walk 35 00:01:51,090 --> 00:01:53,730 through yet other than to get to our little room. 36 00:01:53,730 --> 00:01:56,290 We're we're behind. Because you ever notice as you 37 00:01:56,290 --> 00:02:00,090 walk the conference hall floor, some of the booths have 38 00:02:00,650 --> 00:02:03,490 different levels of swag. So I think if it's like you just 39 00:02:03,490 --> 00:02:06,570 want the entry level swag, it's like you pop one balloon with a 40 00:02:06,570 --> 00:02:08,889 dart. But if you want the next level, 41 00:02:08,889 --> 00:02:11,050 you've got to pop three balloons with the dart. 42 00:02:11,410 --> 00:02:14,250 And then there's like the major SWAG, which really means that 43 00:02:14,250 --> 00:02:16,010 you're going to spend $1,000,000 with them. 44 00:02:17,610 --> 00:02:18,850 I don't know what are you talking about. 45 00:02:20,410 --> 00:02:21,930 Go out there and I'll, I'll point it out. 46 00:02:22,010 --> 00:02:23,770 Is there like a specific vendor that's doing that? 47 00:02:23,770 --> 00:02:28,770 Well, I did see one vendor that had like a top level swag which. 48 00:02:29,250 --> 00:02:33,970 Was like a packing bag, one of those, like fancy bags where you 49 00:02:33,970 --> 00:02:38,250 put your clothes in and then put it in your luggage so you 50 00:02:38,250 --> 00:02:39,890 couldn't. I like, I was like, well, what 51 00:02:39,890 --> 00:02:41,250 do you have to do to get that one? 52 00:02:41,450 --> 00:02:43,690 Because other over here you have these camera covers. 53 00:02:43,690 --> 00:02:45,450 I think they're for everybody, right? 54 00:02:46,140 --> 00:02:48,180 Well they let you scan your badge and you trade up your 55 00:02:48,180 --> 00:02:52,580 e-mail in exchange for 1000 emails from from BD person to 56 00:02:52,620 --> 00:02:53,860 you get the camera to get on the door. 57 00:02:54,180 --> 00:02:55,420 Yeah, but one thing I've noticed also. 58 00:02:55,420 --> 00:02:59,300 Now I'm not out here telling people not to let them scan your 59 00:02:59,300 --> 00:03:04,900 badge, but some places some vendors will scan your badge and 60 00:03:04,900 --> 00:03:06,700 then they will call you on the phone. 61 00:03:07,100 --> 00:03:09,340 Let's start getting these personal phone calls and like. 62 00:03:09,620 --> 00:03:11,540 Never call me on the phone. Do not call me on my. 63 00:03:11,580 --> 00:03:14,490 Phone is not for phone calls. You're not my father or my 64 00:03:14,490 --> 00:03:16,450 mother. I do not want phone calls from 65 00:03:16,450 --> 00:03:18,410 you. You can send something to my 66 00:03:18,410 --> 00:03:22,610 e-mail, hopefully my personal e-mail, hopefully my Hotmail 67 00:03:22,610 --> 00:03:25,210 account that I opened 25 years. Yeah. 68 00:03:25,210 --> 00:03:26,450 That's that's that's good. That's good. 69 00:03:27,970 --> 00:03:28,650 Yeah. So I gotta go. 70 00:03:28,930 --> 00:03:32,090 I'm judging conferences, as you know, based on two things, swag 71 00:03:32,090 --> 00:03:34,890 and the quality of cookies. I've yet to see cookies, but we 72 00:03:34,890 --> 00:03:37,290 did have custom doughnuts last night we talked about in 73 00:03:37,290 --> 00:03:39,770 previous episode. We'll see what the swag 74 00:03:39,770 --> 00:03:42,290 situation looks like. Do you want to talk about 75 00:03:42,290 --> 00:03:44,190 Microsoft? We thought we were going to talk 76 00:03:44,190 --> 00:03:45,430 about dessert the whole time, but. 77 00:03:45,430 --> 00:03:48,910 OK, let's do it. We probably shouldn't talk about 78 00:03:48,910 --> 00:03:51,510 them behind their backs, so why don't we invite Pam Dingell, 79 00:03:51,510 --> 00:03:54,190 director of identity standards at Microsoft, to the show? 80 00:03:54,190 --> 00:03:54,870 Welcome Pam. Well. 81 00:03:55,150 --> 00:03:58,230 Hello, thank you for having me. This is a conversation that has 82 00:03:58,230 --> 00:04:00,710 been a long time coming. I feel like we've been like 2 83 00:04:00,710 --> 00:04:02,870 ships in the night passing through conferences. 84 00:04:02,870 --> 00:04:05,910 Never actually don't think met until behind stage. 85 00:04:06,230 --> 00:04:10,630 Last night as you were coming off, we were going up and it's 86 00:04:10,630 --> 00:04:13,700 great to have you here. I know that you've been in the 87 00:04:13,700 --> 00:04:17,459 space for a while, but one of the things we do as ritual for 88 00:04:17,459 --> 00:04:21,620 first time guests is understand the origin story of our identity 89 00:04:21,620 --> 00:04:23,380 superheroes. Like how I did that. 90 00:04:23,860 --> 00:04:26,140 Can you tell us, how did you get into the identity space? 91 00:04:26,140 --> 00:04:28,380 Is it something that you chose or did it choose you? 92 00:04:28,820 --> 00:04:31,860 Yes, how many hours do we have? We have 5 1/2, OK. 93 00:04:32,020 --> 00:04:33,100 No problem. No problem. 94 00:04:33,580 --> 00:04:36,020 You might want to speed me up like the little chipmunk 95 00:04:36,020 --> 00:04:39,820 chipmunk you know. No, I got into identity quite a 96 00:04:39,820 --> 00:04:42,570 long time ago. I started off. 97 00:04:42,570 --> 00:04:47,530 So I I was born in Canada, I am a Canadian, and I went to, you 98 00:04:47,530 --> 00:04:50,850 know, a local university, got a computer science degree there. 99 00:04:50,850 --> 00:04:53,850 And so I was working right out of school as a System 100 00:04:53,850 --> 00:05:01,130 Administrator for an oil company in Calgary, Canada and ended up 101 00:05:01,210 --> 00:05:04,130 getting snapped up by a.com Darling. 102 00:05:04,130 --> 00:05:06,370 So that tells you how long ago this was. 103 00:05:06,370 --> 00:05:09,850 So it was 1999 and they actually sent me to. 104 00:05:10,420 --> 00:05:13,060 California for the first time in my entire life to do training 105 00:05:13,060 --> 00:05:17,300 with Netscape. Again, with the ageing, you 106 00:05:17,300 --> 00:05:21,180 know, metaphors. But but I ended up training up 107 00:05:21,180 --> 00:05:25,380 in Directory Services then and I started to work in what they 108 00:05:25,380 --> 00:05:29,060 call middleware, which at the time was mail servers, web 109 00:05:29,060 --> 00:05:32,780 servers and directory servers. And it was just, you know, we 110 00:05:32,780 --> 00:05:37,540 were the imported Canadian talent because it was the.com 111 00:05:37,540 --> 00:05:40,350 boom and you could not get. Anyone to do anything. 112 00:05:41,350 --> 00:05:43,510 Everyone was all taken, shall we say. 113 00:05:43,990 --> 00:05:48,350 And so they used to fly us in and we used to hang out in 114 00:05:48,590 --> 00:05:50,430 computer rooms and install middleware. 115 00:05:51,150 --> 00:05:53,910 And I didn't think of it, you know, the mail servers, web 116 00:05:53,910 --> 00:05:55,950 servers, director, servers, whatever. 117 00:05:55,950 --> 00:06:01,790 And then I ended up moving to a consulting firm that sent me to 118 00:06:01,790 --> 00:06:05,830 a conference and this was 2001 and I went to the Burton Group 119 00:06:06,030 --> 00:06:07,750 conference, the Catalyst Conference. 120 00:06:08,410 --> 00:06:11,490 Which, you know, some of your listeners might have I've been 121 00:06:11,490 --> 00:06:13,450 to. Catalyst the highlight for me 122 00:06:13,450 --> 00:06:16,090 was it's it's on the Bay in San Diego. 123 00:06:16,410 --> 00:06:18,170 Location is perfect. That will get me to a 124 00:06:18,170 --> 00:06:19,490 conference. Oh, yes, yes. 125 00:06:19,490 --> 00:06:20,970 Well, this one was in San Francisco. 126 00:06:20,970 --> 00:06:25,970 It was at the Hilton in San Francisco, and it changed my 127 00:06:25,970 --> 00:06:29,650 life. I mean, it was people who were 128 00:06:30,130 --> 00:06:34,970 debating why things happened and talking about the consequences 129 00:06:35,370 --> 00:06:37,210 of these implementations and and. 130 00:06:37,740 --> 00:06:39,860 You know, why would it was important for people to have 131 00:06:39,860 --> 00:06:44,740 good experiences logging in? And for whatever reason, I got 132 00:06:44,740 --> 00:06:48,300 there and I did not like what people were saying on the stage. 133 00:06:48,660 --> 00:06:52,860 And so I stood up and asked questions in the conference and 134 00:06:52,860 --> 00:06:56,780 I asked question after question. And at the end of that 135 00:06:56,780 --> 00:07:00,060 conference, Jamie Lewis, who ran Burton Group at the time, said, 136 00:07:00,060 --> 00:07:05,260 hey, you should present a talk, you should apply to talk next 137 00:07:05,260 --> 00:07:07,800 year. And for me, that was the light 138 00:07:07,800 --> 00:07:09,920 bulb going off. You know, I had loved the 139 00:07:09,920 --> 00:07:12,800 experience. I got invested in what identity 140 00:07:12,800 --> 00:07:14,880 management even was at that conference. 141 00:07:15,320 --> 00:07:18,440 But the idea that I could be part of that community just lit 142 00:07:18,440 --> 00:07:20,720 me up like a, you know, like a firework. 143 00:07:20,720 --> 00:07:24,320 And so I spent the whole year excited and already and I 144 00:07:24,320 --> 00:07:26,640 applied to speak at the conference and they rejected me. 145 00:07:27,610 --> 00:07:29,570 They rejected me and then please. 146 00:07:29,570 --> 00:07:32,330 Submit this so we can say no. Exactly. 147 00:07:32,330 --> 00:07:34,530 No, no, it was. I mean, it wasn't funny at the 148 00:07:34,530 --> 00:07:36,810 time. I was devastated, but four years 149 00:07:36,810 --> 00:07:41,010 straight, they rejected me. So just for anyone who is 150 00:07:41,010 --> 00:07:44,370 listening, who wants to speak at one of these identity 151 00:07:44,370 --> 00:07:48,170 conferences, just know that the people you see up there who are 152 00:07:48,170 --> 00:07:51,890 doing, you know, who just look like it's a piece of cake, and 153 00:07:52,170 --> 00:07:54,890 they were born to it. They they weren't they. 154 00:07:55,480 --> 00:07:59,560 Had to get rejected and they had to work their way through all of 155 00:07:59,560 --> 00:08:02,240 those same issues. And so that really kicked me 156 00:08:02,240 --> 00:08:05,760 off. I ended up moving from Calgary, 157 00:08:05,760 --> 00:08:09,520 Canada to go work for Ping Identity and in the office of 158 00:08:09,520 --> 00:08:11,880 the CTO. And that's what got me really 159 00:08:11,880 --> 00:08:15,080 connecting to customers specializing in federation. 160 00:08:15,320 --> 00:08:18,520 Got me into the standards world and of course that's where I am 161 00:08:18,520 --> 00:08:20,040 now. So I you know, I worked in the 162 00:08:20,040 --> 00:08:23,400 office of the CTO there and then transitioned to Microsoft as 163 00:08:23,400 --> 00:08:26,370 Director of Identity Standards. So what does that mean? 164 00:08:26,370 --> 00:08:29,690 Director of Identity Standards. It's the best job ever. 165 00:08:30,410 --> 00:08:34,730 Absolutely the best job ever. So I have a highly skilled team 166 00:08:35,250 --> 00:08:38,169 of folks who work in various different standards bodies, 167 00:08:38,169 --> 00:08:41,570 including i.e. T, FW3C, the Decentralized 168 00:08:41,570 --> 00:08:44,090 Identity Foundation, you name it. 169 00:08:44,210 --> 00:08:48,490 We go in and we try to write the standards in conjunction with 170 00:08:48,490 --> 00:08:53,610 our engineering teams that we think will power our platform 171 00:08:53,770 --> 00:08:57,160 for the next 10 years. And so that can involve 172 00:08:57,160 --> 00:09:01,080 standards like Oauth, Open ID Connect. 173 00:09:01,880 --> 00:09:06,680 Right now we're working on Open ID for BC, which is the sort of 174 00:09:06,680 --> 00:09:09,760 the umbrella for a lot of the decentralized integrations with 175 00:09:09,760 --> 00:09:12,000 Open ID Connect. So that's a really big one. 176 00:09:12,000 --> 00:09:13,680 We're working in the international standards 177 00:09:13,680 --> 00:09:19,400 organization on ISO18O13-5. Do you like how I can just 178 00:09:19,400 --> 00:09:22,800 rattle that up, which is mobile driver's licenses, which we 179 00:09:22,800 --> 00:09:24,160 think is going to have a huge impact? 180 00:09:24,520 --> 00:09:28,440 Going forward in the future, and yeah, the, you know, the goal is 181 00:09:28,440 --> 00:09:33,800 to understand in advance how the world will need to connect and 182 00:09:33,800 --> 00:09:35,800 then find the ways to do that securely. 183 00:09:35,800 --> 00:09:38,800 And of course, we collaborate with everyone else in the 184 00:09:38,800 --> 00:09:41,000 industry. So Microsoft is in there. 185 00:09:41,000 --> 00:09:45,200 But also all of the other big identity players are trying to 186 00:09:45,200 --> 00:09:48,200 accomplish the same thing. You should see my notes that I 187 00:09:48,200 --> 00:09:52,040 just made as you're talking. So my first identity conference 188 00:09:52,040 --> 00:09:56,940 was O6 digital ID world right and it was Kim Cameron on stage 189 00:09:57,540 --> 00:10:01,780 talking about the the laws of identity, right. 190 00:10:01,780 --> 00:10:04,900 And I was like revolutionary. And that's where I got sucked 191 00:10:04,900 --> 00:10:06,660 in. I was like whoa, this isn't 192 00:10:06,660 --> 00:10:09,740 just, you know plug this into there. 193 00:10:09,980 --> 00:10:14,340 It this is like philosophical layered on top of technology and 194 00:10:14,340 --> 00:10:17,100 these guys are trying to solve the problems of the world with. 195 00:10:17,380 --> 00:10:19,860 So anyway, I see how you got sucked in. 196 00:10:20,100 --> 00:10:23,260 One thing I noticed in that conference there, and this is 197 00:10:23,260 --> 00:10:26,540 2006, right? You said you ain't no one, there 198 00:10:26,540 --> 00:10:31,060 are very few women. You're kind of that triggered to 199 00:10:31,060 --> 00:10:33,580 me. You're kind of a trailblazer. 200 00:10:34,140 --> 00:10:36,180 You know, I don't want to make you feel weird by saying that, 201 00:10:36,180 --> 00:10:39,900 but it's the truth. I mean, there were less than 5% 202 00:10:39,900 --> 00:10:42,180 of the audience. I mean, I still think it's 203 00:10:42,180 --> 00:10:46,220 pretty lopsided when you go to conferences, but I mean, night 204 00:10:46,220 --> 00:10:49,660 and day difference now versus 20 years ago, right? 205 00:10:49,660 --> 00:10:51,060 It really is a night and day difference. 206 00:10:51,060 --> 00:10:55,000 I mean, I. Yeah, there were often ten women 207 00:10:55,000 --> 00:10:57,840 and I knew all their names. We all knew each other, still 208 00:10:57,840 --> 00:11:00,360 know each other. For that matter, a lot of them 209 00:11:00,360 --> 00:11:01,880 are still in identity. Doesn't matter. 210 00:11:01,880 --> 00:11:05,640 Like once you're in, you stick. And now you're right. 211 00:11:05,640 --> 00:11:11,360 It's much, much more balanced. And I love that I do work, do a 212 00:11:11,360 --> 00:11:14,600 lot of volunteer work for the Women in Identity organization. 213 00:11:15,200 --> 00:11:18,280 Of which we are members. Yes, that's fantastic. 214 00:11:18,870 --> 00:11:20,870 And yeah, it's really fun to see. 215 00:11:20,870 --> 00:11:22,550 I mean, there's a lot more opportunity. 216 00:11:22,550 --> 00:11:26,190 But the thing that I was lacking at that time, I really did feel 217 00:11:26,190 --> 00:11:28,470 isolated. I was almost always the only 218 00:11:28,470 --> 00:11:30,910 woman in the room. And you, you get used to that. 219 00:11:30,910 --> 00:11:35,430 I mean, part of my consulting background, which was that sort 220 00:11:35,430 --> 00:11:39,390 of first job, beats it into you. You have to be the authoritative 221 00:11:39,630 --> 00:11:43,070 voice in a room. And so you figure out how to do 222 00:11:43,070 --> 00:11:47,510 that. But I don't know. 223 00:11:47,510 --> 00:11:51,130 I mean. Right now at Microsoft, the 224 00:11:51,130 --> 00:11:55,330 identity division at Microsoft has an amazing amount of 225 00:11:55,330 --> 00:11:58,290 diversity to it. And so I am almost never the 226 00:11:58,290 --> 00:12:00,530 only woman in any meeting I attend. 227 00:12:00,530 --> 00:12:04,850 And I never knew that to be grateful for that until I had 228 00:12:04,850 --> 00:12:09,450 it, well, proper to you because somebody had to be, you know, 229 00:12:09,450 --> 00:12:11,690 the first, right? Or I'm not even saying you're 230 00:12:11,690 --> 00:12:15,650 the first, but Trail Blazers, like the role that you play like 231 00:12:15,650 --> 00:12:19,000 yourself, so important to what's happened. 232 00:12:20,240 --> 00:12:23,080 Let's kind of get into some of the, you know, what's going on 233 00:12:23,080 --> 00:12:26,520 with Microsoft today. I think I've been a Microsoft 234 00:12:26,520 --> 00:12:31,480 person since my original IT certification was in Windows NT4 235 00:12:31,480 --> 00:12:34,360 desktop, right. So I've kind of been a Microsoft 236 00:12:34,360 --> 00:12:37,760 person, but I've kind of gotten away from that with being in 237 00:12:37,760 --> 00:12:41,120 identity management because Microsoft solutions 238 00:12:41,960 --> 00:12:46,010 traditionally and been the leading ones and I think a lot 239 00:12:46,010 --> 00:12:51,130 of them, a lot of it was around very proprietary solutions for 240 00:12:51,130 --> 00:12:52,890 like Access management for example. 241 00:12:52,890 --> 00:12:59,930 Just think of WS Fed right and but it seems like there's been a 242 00:12:59,930 --> 00:13:05,410 major shift, major shift at Microsoft and towards its stance 243 00:13:05,410 --> 00:13:07,850 on standards. Specifically, the ones I have my 244 00:13:07,850 --> 00:13:10,090 eye on are the identity standards. 245 00:13:10,370 --> 00:13:14,110 But to you what? What's the story behind that? 246 00:13:14,550 --> 00:13:17,310 Yeah, I agree. And I will say that I've only 247 00:13:17,310 --> 00:13:18,910 worked for Microsoft for five years. 248 00:13:19,430 --> 00:13:23,830 So I kind of came in in the the golden days, right, where where 249 00:13:23,830 --> 00:13:26,150 that stance had changed and there was investment. 250 00:13:26,470 --> 00:13:28,830 I do think the fact that they hired a director of identity 251 00:13:28,830 --> 00:13:33,310 standards was in part of an expression of the fact that they 252 00:13:34,190 --> 00:13:36,670 could see that this was a a serious requirement. 253 00:13:37,710 --> 00:13:39,110 So I can't really speak about, you know. 254 00:13:39,430 --> 00:13:41,750 Why that change occurred because I came in after. 255 00:13:41,990 --> 00:13:46,350 But it is certainly the case now that we very much recognize that 256 00:13:47,190 --> 00:13:51,430 nobody wants to be locked in. That is the bottom line. 257 00:13:51,430 --> 00:13:56,830 Nobody wants to be locked in. And so knowing that you can 258 00:13:57,270 --> 00:14:01,430 bring in the tools you need at the time you want and connect 259 00:14:01,430 --> 00:14:05,150 them all together is the reason why people feel comfortable 260 00:14:05,470 --> 00:14:07,430 signing up for some of these technologies. 261 00:14:08,560 --> 00:14:12,680 One of the things, the thoughts I have is moving or violating 262 00:14:12,680 --> 00:14:15,120 standards, if you will, is not just coming up with a new 263 00:14:15,120 --> 00:14:18,520 standard or ignoring a standard. It's changing a standard. 264 00:14:18,880 --> 00:14:21,240 Let's just add an attribute to SAML. 265 00:14:21,760 --> 00:14:24,880 Let's just make it a little like tweak it a little bit. 266 00:14:25,240 --> 00:14:27,760 Do you talk to us about how it works at Microsoft? 267 00:14:27,760 --> 00:14:29,400 Is the are you like the traffic cop? 268 00:14:29,400 --> 00:14:33,320 Like, no, no, no, no no. Well if anyone tries to suggest 269 00:14:33,320 --> 00:14:37,880 we change SAML then I mean there is no changing SAML. 270 00:14:38,240 --> 00:14:41,160 You can absolutely try. I mean the the real truth is 271 00:14:41,160 --> 00:14:46,200 that the the forces that are applied are almost immutable 272 00:14:46,200 --> 00:14:48,800 forces. For example, Saml's a perfect 273 00:14:48,800 --> 00:14:54,000 example that that stuff is old. It works so well. 274 00:14:55,240 --> 00:14:57,960 But nobody's going to go in and tweak those implementations 275 00:14:57,960 --> 00:15:00,080 unless there's a real business reason to do it. 276 00:15:00,080 --> 00:15:05,600 And so you know, there's a there's almost a time to value. 277 00:15:07,630 --> 00:15:08,790 Back and forth that you have to do. 278 00:15:08,790 --> 00:15:10,670 I mean, can you try to change SAML? 279 00:15:10,670 --> 00:15:14,390 Yes. Will you get adoption in any 280 00:15:14,390 --> 00:15:18,590 kind of size or anytime soon? No. 281 00:15:19,110 --> 00:15:22,990 And so, So what we can do versus what we can do and gain adoption 282 00:15:22,990 --> 00:15:26,990 is really that that's the metric that my team often talks through 283 00:15:27,430 --> 00:15:31,110 and it's easier with newer things, for example, the the 284 00:15:31,110 --> 00:15:34,350 decentralized world right now we have a lot of flexibility. 285 00:15:34,860 --> 00:15:38,540 And or or for example another one is proof of Possession. 286 00:15:38,740 --> 00:15:43,940 So that's a specification that just ratified and one of my team 287 00:15:43,940 --> 00:15:48,100 members was very heavily involved in that and they it was 288 00:15:48,100 --> 00:15:51,340 actually incredibly valuable. We took all of our knowledge of 289 00:15:51,340 --> 00:15:56,460 what we're doing in our in our token protection work right. 290 00:15:56,460 --> 00:16:02,660 So token protection is a feature of of the intra suite but but 291 00:16:02,660 --> 00:16:06,520 the Depop spec. Utilized a bunch of those 292 00:16:06,720 --> 00:16:10,600 learnings right from when the engineers realized something 293 00:16:10,600 --> 00:16:13,480 couldn't work right. So there is this, there's if you 294 00:16:13,480 --> 00:16:19,240 do it right, you're helping all of this knowledge make its way 295 00:16:19,280 --> 00:16:22,520 to the public world. But yeah, if you do it wrong, 296 00:16:23,120 --> 00:16:26,800 you end up making things that no one will adopt or making things 297 00:16:26,800 --> 00:16:30,560 that that you know come out after your product has already 298 00:16:30,560 --> 00:16:32,400 put something in. And and that's the big thing, 299 00:16:32,400 --> 00:16:33,640 right? You have to know that. 300 00:16:35,100 --> 00:16:37,780 These things happen on cycles. You release it once, so you're 301 00:16:37,780 --> 00:16:40,980 not going to go in back and tune it six months later. 302 00:16:40,980 --> 00:16:44,460 So there's a huge problem there because the standards come out 303 00:16:44,460 --> 00:16:46,260 in advance. But if they don't, if you're, 304 00:16:47,420 --> 00:16:48,980 you know, developing the standards at the same time 305 00:16:48,980 --> 00:16:52,260 you're developing the software, right, you really do have to 306 00:16:52,260 --> 00:16:55,620 have a tight, tight coupling. How do you make the decision of 307 00:16:55,620 --> 00:16:59,860 which standards to throw support behind and which ones are? 308 00:16:59,860 --> 00:17:01,220 Maybe it's not the right time yet. 309 00:17:01,890 --> 00:17:03,810 Right. That's an excellent question. 310 00:17:04,250 --> 00:17:06,010 A lot of it is product alignment. 311 00:17:06,170 --> 00:17:09,730 So you know, you can create a standard for something that you 312 00:17:09,730 --> 00:17:14,609 have no plans to implement. But yeah, it's and it's a lovely 313 00:17:14,609 --> 00:17:16,050 idea and it certainly has happened. 314 00:17:16,050 --> 00:17:18,650 Sometimes you're so far ahead in your vision. 315 00:17:19,650 --> 00:17:22,569 But yeah, you, you need to be able to justify what you do and 316 00:17:22,569 --> 00:17:25,010 why you do it. We certainly do. 317 00:17:25,970 --> 00:17:29,050 My boss is Alex Simons, who, by the way, should really come on 318 00:17:29,050 --> 00:17:30,290 this show. You need to. 319 00:17:30,290 --> 00:17:31,530 Open invite. Come on, Alex. 320 00:17:33,010 --> 00:17:36,730 But you know, it's really in many ways Alex's vision because 321 00:17:36,730 --> 00:17:41,050 he he runs the product management office, so he's, you 322 00:17:41,050 --> 00:17:44,650 know, he's working with the rest of our executive team to decide 323 00:17:44,930 --> 00:17:47,610 where our, our large priorities are. 324 00:17:47,850 --> 00:17:52,850 But the other thing is we can't just, we can't just lead. 325 00:17:53,250 --> 00:17:56,450 Just because it's convenient for us doesn't mean that anyone else 326 00:17:56,450 --> 00:17:57,690 cares. And so there. 327 00:17:57,690 --> 00:18:00,970 So the real judgement is what kind of momentum exists. 328 00:18:01,250 --> 00:18:04,330 Is there community momentum? Because if there's community 329 00:18:04,330 --> 00:18:08,610 momentum and we're not ready, we will likely still participate 330 00:18:09,290 --> 00:18:11,930 because otherwise otherwise the standard gets developed and we 331 00:18:11,930 --> 00:18:15,370 don't have input, right. So that momentum piece is what's 332 00:18:15,530 --> 00:18:19,290 a really interesting question, Like for example, right now, 333 00:18:19,290 --> 00:18:22,610 authorization huge, so big, right. 334 00:18:22,850 --> 00:18:26,410 It's, you know, everyone's interested suddenly. 335 00:18:26,570 --> 00:18:29,570 And I for anyone who's been in the industry for a while, I mean 336 00:18:29,570 --> 00:18:33,310 authorization. Has had its ups and downs, shall 337 00:18:33,310 --> 00:18:34,990 we say. You know, I don't know if either 338 00:18:34,990 --> 00:18:39,790 of you remember DSML. Yeah, very vaguely. 339 00:18:39,990 --> 00:18:41,350 I think it came out on parchment. 340 00:18:41,710 --> 00:18:44,950 Yeah, it might have, it might have and of course exact MO and 341 00:18:44,950 --> 00:18:46,990 so. So that's an example of 342 00:18:46,990 --> 00:18:51,110 something where you know we have interest, but there's also 343 00:18:51,110 --> 00:18:55,870 momentum and that momentum may grow faster than what we would 344 00:18:55,870 --> 00:18:57,710 normally try to push it into being. 345 00:18:58,450 --> 00:19:00,970 But you you got to run with it. You got to roll with the flow 346 00:19:01,850 --> 00:19:04,530 over here at the Fido Authenticate conference. 347 00:19:04,530 --> 00:19:08,090 So passkeys. What's Microsoft's stance on 348 00:19:08,090 --> 00:19:10,810 passkeys? We are huge supporters of 349 00:19:10,810 --> 00:19:13,610 passkeys. We have been working, you know, 350 00:19:14,490 --> 00:19:17,610 for quite some time on the ideas. 351 00:19:17,610 --> 00:19:19,690 You know, we're working in all of this in that technical 352 00:19:19,690 --> 00:19:23,490 working group and within the web auth and working group in W3C on 353 00:19:23,490 --> 00:19:26,540 that. Tim Capelli is is the team 354 00:19:26,540 --> 00:19:28,860 member on our team who's really shepherding that. 355 00:19:29,780 --> 00:19:30,980 Yeah, we think it's really important. 356 00:19:30,980 --> 00:19:35,820 We still completely support 5O2 credentials of all kinds, right? 357 00:19:35,820 --> 00:19:38,540 So it's not like we have shifted our interest. 358 00:19:38,540 --> 00:19:42,020 We are expanding our interest to make sure that synced pass keys 359 00:19:42,500 --> 00:19:45,220 are something that can work, security keys are something that 360 00:19:45,220 --> 00:19:48,740 can work, you know, platform authenticators or something that 361 00:19:48,740 --> 00:19:50,860 can work. So we see those three channels. 362 00:19:51,450 --> 00:19:55,290 As being a way that we can cover a ton of the population and have 363 00:19:55,290 --> 00:19:57,410 them have a fishing resistant credential. 364 00:19:58,170 --> 00:20:02,770 Is it easier or harder having such a huge install base to do 365 00:20:02,770 --> 00:20:05,330 stuff like that? Oh, it's harder. 366 00:20:05,530 --> 00:20:09,770 It's absolutely harder. I mean that because the platform 367 00:20:09,770 --> 00:20:13,930 is so critical like the platform is what make passkeys a fishing 368 00:20:14,130 --> 00:20:17,810 resistant credential, you have to have that proximity element 369 00:20:17,810 --> 00:20:22,490 to be able to, to prevent secrets from being copied, 370 00:20:22,490 --> 00:20:25,650 right. So, So yes, changing the 371 00:20:25,650 --> 00:20:30,570 platform is a non trivial thing and and it's expensive and it's 372 00:20:31,290 --> 00:20:34,850 it takes a lot of cross company commitment to do that. 373 00:20:35,290 --> 00:20:38,410 But the great thing is that our Windows team, I'm not on the 374 00:20:38,410 --> 00:20:41,690 Windows team, I'm in the IDNA group, the Identity and Network 375 00:20:41,690 --> 00:20:44,330 Access group. But you know, we have very 376 00:20:44,330 --> 00:20:48,680 strong commitment from the Windows 11 team on all sorts of 377 00:20:48,680 --> 00:20:52,640 security related pieces. And we also have a huge amount 378 00:20:52,640 --> 00:20:58,240 of support from our internal IT group, right, which of course is 379 00:20:58,240 --> 00:21:02,000 on the front lines of protecting, you know, not just 380 00:21:02,120 --> 00:21:04,600 Microsoft as a company, but Microsoft as a product and the 381 00:21:04,600 --> 00:21:08,560 platform that we represent. And so, yeah, so there's sort of 382 00:21:08,560 --> 00:21:13,040 a virtuous cycle there of needing needing phishing 383 00:21:13,040 --> 00:21:16,610 resistant authentication just for ourselves, but also wanting 384 00:21:16,610 --> 00:21:19,610 to enable it for everyone else. We're a customer. 385 00:21:19,970 --> 00:21:25,530 I think one of the interesting factors is that Microsoft is so 386 00:21:25,530 --> 00:21:29,010 global, so many product lines. It's like it has to work for 387 00:21:29,010 --> 00:21:33,490 everyone. So you have cultural challenges. 388 00:21:33,570 --> 00:21:35,610 You also have like disability challenges. 389 00:21:35,610 --> 00:21:39,010 I mean, it's like the government's problem, but even 390 00:21:39,010 --> 00:21:41,140 larger. Yeah, I agree. 391 00:21:41,140 --> 00:21:44,020 And This is why I really strongly believe that security 392 00:21:44,020 --> 00:21:48,540 keys are absolutely critical for the passkey ecosystem. 393 00:21:48,540 --> 00:21:53,220 Because the security keys are the pluggable piece, right? 394 00:21:53,300 --> 00:21:57,060 If you platform authenticators like Windows Hello and Face ID 395 00:21:57,060 --> 00:22:01,220 on Apple, those things are what are going to enable the massive 396 00:22:01,580 --> 00:22:04,740 part of the distribution curve to be successful. 397 00:22:05,460 --> 00:22:08,770 But there is no reason why you can't create a security key that 398 00:22:08,770 --> 00:22:12,490 addresses a certain disability, right, or a security key that 399 00:22:12,890 --> 00:22:15,730 innovates incredibly and takes us to the next level. 400 00:22:15,730 --> 00:22:20,770 So without that plug ability and that ability to to not have to 401 00:22:21,450 --> 00:22:25,130 completely depend on the interface of the platform, I 402 00:22:25,130 --> 00:22:29,330 think we would be limited in how we could innovate in the future. 403 00:22:30,250 --> 00:22:33,130 Can you give an example of what an alternative security key 404 00:22:33,130 --> 00:22:35,010 might look like? Because I know Microsoft has 405 00:22:35,010 --> 00:22:37,690 spent a lot of time on hardware and things like that, like Xbox 406 00:22:37,810 --> 00:22:39,400 has. Specific controllers for 407 00:22:39,400 --> 00:22:42,640 example, that are built with that population in mind. 408 00:22:42,800 --> 00:22:45,040 What would a security key look like in that? 409 00:22:45,320 --> 00:22:47,640 Well, I can only tell you personally I, you know, I'm not 410 00:22:47,640 --> 00:22:50,720 aware of of the different projects that are actually 411 00:22:50,720 --> 00:22:53,840 officially going on. But I will say I did buy an Xbox 412 00:22:53,840 --> 00:22:57,000 Adaptive controller and the little button kit, and I do have 413 00:22:57,000 --> 00:23:01,560 this dream that one day you could actually, for example, you 414 00:23:01,560 --> 00:23:03,760 know, click a certain set of buttons in a certain certain 415 00:23:03,760 --> 00:23:08,660 sequence to unlock your security key hardware in it and send a 416 00:23:08,660 --> 00:23:12,060 secure credential. But you know, I'm not aware of 417 00:23:12,060 --> 00:23:16,340 anything official, but wouldn't. It be cool but if anyone wants 418 00:23:16,340 --> 00:23:19,940 to you know try it let me know. Yeah, Microsoft has made a lot 419 00:23:19,940 --> 00:23:26,700 of, a lot of investment in those adoptions of those adaptable 420 00:23:26,700 --> 00:23:28,700 methods. The Surface Line has been with 421 00:23:28,700 --> 00:23:30,500 that. I have a new Surface Book or 422 00:23:30,500 --> 00:23:32,700 sorry Surface Laptop Studio Two at home. 423 00:23:33,220 --> 00:23:34,940 Right. The haptic feedback and being 424 00:23:34,940 --> 00:23:38,620 able to change the mouse pad based on your own ability to 425 00:23:38,620 --> 00:23:42,620 sense the touches, it's like a duh, right? 426 00:23:42,620 --> 00:23:44,020 Like, why didn't we think about that before? 427 00:23:45,140 --> 00:23:46,700 Yeah, that's so true. And I find it impressive. 428 00:23:47,300 --> 00:23:50,380 I want to switch over to Microsoft Intra because every 429 00:23:50,380 --> 00:23:54,460 time I hear the word Microsoft Intra, it's always some news 430 00:23:54,460 --> 00:23:56,380 announcement of OK, what do they do now? 431 00:23:57,280 --> 00:24:00,600 There was some recent, you know, announcements made and 432 00:24:00,600 --> 00:24:04,120 rebranding or name changes. I'm never, I'm never quite sure 433 00:24:04,120 --> 00:24:07,280 what the announcement is, so please take this with all the 434 00:24:07,280 --> 00:24:09,920 love in my heart. What is Microsoft Entra doing? 435 00:24:10,120 --> 00:24:14,080 Who's this for? All right, so Microsoft Entra is 436 00:24:14,360 --> 00:24:18,080 is the identity product portfolio that we own. 437 00:24:18,400 --> 00:24:21,760 So we we basically got into an issue where Azure Active 438 00:24:21,760 --> 00:24:25,720 Directory was our brand but directory was in the name. 439 00:24:26,390 --> 00:24:30,670 And the problem is we have expanded so much farther out 440 00:24:30,670 --> 00:24:35,150 from directories that we needed a way to sort of start 441 00:24:35,150 --> 00:24:37,550 differentiating between the different things within the 442 00:24:37,550 --> 00:24:39,670 identity portfolio that we delivered. 443 00:24:39,670 --> 00:24:45,470 And So what we ended up doing is Entra is the is the umbrella 444 00:24:45,470 --> 00:24:49,510 portfolio and within that we have Entra ID which is the 445 00:24:49,510 --> 00:24:53,110 original Azure Active Directory. So that's where users are stored 446 00:24:53,110 --> 00:24:56,880 and groups and all the amazing things that happen in any 447 00:24:56,880 --> 00:24:59,640 directory. And then we have expanded into 448 00:24:59,640 --> 00:25:02,400 the the set of other products which are the things you're 449 00:25:02,400 --> 00:25:06,280 hearing about. So for example, there's intra ID 450 00:25:06,280 --> 00:25:09,840 governance. So that's your IGA tool. 451 00:25:10,200 --> 00:25:12,760 I don't want to list them all because you all would have your 452 00:25:12,760 --> 00:25:14,560 eyes rolled back in your head and you'd fall asleep. 453 00:25:15,440 --> 00:25:18,440 However, the you know things like team, so we have a cloud 454 00:25:20,000 --> 00:25:24,600 entitlement management piece, we have intra verified ID which is 455 00:25:24,600 --> 00:25:26,680 our decentralized identity offering. 456 00:25:27,080 --> 00:25:30,080 And so the idea is that these things can now have their own 457 00:25:30,080 --> 00:25:33,960 identities, they can grow and have features added, and people 458 00:25:33,960 --> 00:25:39,080 can easily differentiate, but also have the the sense that we 459 00:25:39,080 --> 00:25:41,960 are integrating everything, that it is all part of a family. 460 00:25:43,080 --> 00:25:47,240 So my experience with Microsoft's interest so far has 461 00:25:47,240 --> 00:25:49,360 been if you're in the Microsoft ecosystems are great. 462 00:25:50,280 --> 00:25:52,000 Tool, right. There's a lot of capabilities 463 00:25:52,720 --> 00:25:55,400 when you start to go away from the Microsoft ecosystem that 464 00:25:55,400 --> 00:25:59,560 there are some gaps there. Is that a fair criticism of 465 00:25:59,560 --> 00:26:02,400 Microsoft's intra as a whole? Is that something that's being 466 00:26:02,400 --> 00:26:05,040 addressed or are there things that I'm just not aware of that 467 00:26:05,840 --> 00:26:07,640 maybe it's just a bad rap and it's not warranted? 468 00:26:08,160 --> 00:26:09,480 Well, we're definitely working hard. 469 00:26:09,800 --> 00:26:12,200 I mean, we have heard that criticism before. 470 00:26:12,480 --> 00:26:16,000 We are definitely working hard to make sure that it isn't 471 00:26:16,200 --> 00:26:19,430 actually true. So you know we are obviously 472 00:26:19,430 --> 00:26:21,990 standards forward as standards forward as we can be. 473 00:26:22,230 --> 00:26:26,350 So we integrate via federation, we integrate provisioning via 474 00:26:26,350 --> 00:26:30,310 skim, we integrate and you know we're working on shared signals 475 00:26:30,310 --> 00:26:33,350 right now. So you know we're we're making 476 00:26:33,350 --> 00:26:37,510 sure that we are modular and and that goes a long way towards 477 00:26:37,510 --> 00:26:42,830 that and we are a stand alone identity product but we also are 478 00:26:42,830 --> 00:26:45,990 the backbone for the entire Microsoft platform. 479 00:26:45,990 --> 00:26:51,640 So we serve identity for Azure and for Office and for Dynamics, 480 00:26:52,160 --> 00:26:54,240 all of that as well. So there, there's a balance 481 00:26:54,240 --> 00:26:59,840 there, but the way that we're really working on expanding, you 482 00:26:59,840 --> 00:27:02,160 know we can already federate to any application up there. 483 00:27:02,160 --> 00:27:05,440 So that piece is done. We can have folks federate into 484 00:27:05,440 --> 00:27:07,520 us. So we have you know folks like 485 00:27:07,520 --> 00:27:11,080 Duo and Okta and Ping have always been able to federate 486 00:27:11,080 --> 00:27:17,750 into the platform and then the the interesting piece right now 487 00:27:17,750 --> 00:27:21,470 where we're heavily expanding is in the multi cloud area, right. 488 00:27:21,470 --> 00:27:26,630 So we can now govern GCP right or Google cloud resources, 489 00:27:27,030 --> 00:27:29,190 Amazon resources and that sort of stuff. 490 00:27:29,190 --> 00:27:32,590 So yes, we are. You know, we are moving in many 491 00:27:32,590 --> 00:27:33,830 directions. Yeah. 492 00:27:34,110 --> 00:27:37,390 So you're taking on the identity, governance and 493 00:27:37,710 --> 00:27:41,230 administration. That is a big nut to crack. 494 00:27:42,940 --> 00:27:46,820 Do you guys have a road map? Are you planning to kind of 495 00:27:47,060 --> 00:27:48,900 build it with the existing tools? 496 00:27:48,940 --> 00:27:51,500 I'm assuming you wouldn't be able to tell me even if you were 497 00:27:51,500 --> 00:27:55,660 going out to acquire something, but I mean that's all a multi 498 00:27:55,660 --> 00:27:58,820 year road map to get to kind of best of breed. 499 00:27:59,540 --> 00:28:01,260 Yeah it is. It's definitely a multi year 500 00:28:01,260 --> 00:28:04,740 road map. You know we what we're trying to 501 00:28:04,740 --> 00:28:10,220 do is begin or center ourselves I guess is the right way to say 502 00:28:10,580 --> 00:28:13,630 with things being built in and inherent. 503 00:28:13,710 --> 00:28:20,310 So for example historically in governance there were concepts 504 00:28:20,310 --> 00:28:24,270 of access certifications and access reviews and so we are 505 00:28:24,270 --> 00:28:26,710 working more on the self-service side of the house. 506 00:28:27,030 --> 00:28:30,510 We have a concept called access packages, which I think is 507 00:28:30,510 --> 00:28:33,790 really a useful concept, not not just for Microsoft, but for 508 00:28:33,790 --> 00:28:36,310 anyone, right? Which is groupings of resources 509 00:28:36,310 --> 00:28:39,350 that people can self-service request so that we can then 510 00:28:39,350 --> 00:28:43,590 manage and we can also do machine learning, anomaly 511 00:28:43,590 --> 00:28:47,430 detection on right. So you know, the way that we 512 00:28:47,430 --> 00:28:50,630 think this is going to work is, is to be able to, to keep that 513 00:28:50,630 --> 00:28:56,670 governance centralized, be able to tell what's happening no 514 00:28:56,670 --> 00:29:01,350 matter how far out your governance world goes, but do it 515 00:29:01,350 --> 00:29:05,290 with simple concepts. So you know, we aren't to my 516 00:29:05,290 --> 00:29:06,650 knowledge. Am I going to get fired for 517 00:29:06,650 --> 00:29:07,450 saying this? Maybe. 518 00:29:07,850 --> 00:29:09,250 I don't think so, you know. I'll. 519 00:29:10,730 --> 00:29:12,810 Beat this out. If we need to delete this, no, 520 00:29:13,570 --> 00:29:17,130 you know, to my knowledge, it isn't our plan to go and make 521 00:29:17,130 --> 00:29:19,890 sure we're doing role mining in every single part. 522 00:29:19,890 --> 00:29:23,450 We have partners who are really good at that and we love our 523 00:29:23,450 --> 00:29:25,370 partners. And so, yeah, what we're trying 524 00:29:25,370 --> 00:29:29,170 to do is make sure that there is an intuitive way for people to 525 00:29:29,650 --> 00:29:32,690 perform anomaly detection, which is really what governance is. 526 00:29:32,690 --> 00:29:35,720 We never talk about it that way and we talk about governance as 527 00:29:35,720 --> 00:29:42,160 it's as if it's this sort of salty outside thing, right, like 528 00:29:42,160 --> 00:29:45,040 reports and and all that. But it's not, It's anomaly 529 00:29:45,040 --> 00:29:47,960 detection, it's finding risk in your organization. 530 00:29:48,480 --> 00:29:53,280 And so, you know, we think that there's just a ton to do there 531 00:29:53,640 --> 00:29:57,600 that is maybe great value. I love what you said there about 532 00:29:58,120 --> 00:30:03,160 we love our partners, the idea that be a platform people. 533 00:30:03,880 --> 00:30:06,480 Companies can build solutions that plug in. 534 00:30:06,680 --> 00:30:11,920 To me, that's the fastest way to provide a solution and to expand 535 00:30:11,920 --> 00:30:16,120 the platform, you know, said Octane 2 weeks ago. 536 00:30:16,360 --> 00:30:20,360 They're talking a lot about the road map for Workforce Identity 537 00:30:20,360 --> 00:30:25,480 Cloud and it's just a very big road map. 538 00:30:26,080 --> 00:30:29,520 And can it be achieved by developing it themselves? 539 00:30:29,520 --> 00:30:33,600 I think so, since they get a lot of R&D dollars though and. 540 00:30:33,970 --> 00:30:37,090 You know, I think it was kind of platform focus and people could 541 00:30:37,090 --> 00:30:40,570 build the solutions. The customer still gets what 542 00:30:40,570 --> 00:30:43,210 they need, right? And the nice thing is then you 543 00:30:43,210 --> 00:30:45,570 can build things that are specific to your verticals, 544 00:30:45,570 --> 00:30:49,650 specific to your needs, right. If if your success is dependent 545 00:30:50,050 --> 00:30:54,130 on us adding a bespoke feature, that's not a good way to go, 546 00:30:54,250 --> 00:30:56,370 right? This just isn't how a platform 547 00:30:56,410 --> 00:30:59,810 generally works. And so yes, I mean our partner 548 00:30:59,970 --> 00:31:04,650 ecosystem is how we managed to, to have everyone get what they 549 00:31:04,650 --> 00:31:08,930 need without that, without the massive backlog of, you know, 550 00:31:08,930 --> 00:31:10,650 tiny features for this or for that. 551 00:31:10,770 --> 00:31:12,530 Yeah. For this industry or for that 552 00:31:12,530 --> 00:31:16,530 industry, I mean when you start breaking down what an IGA can do 553 00:31:16,530 --> 00:31:20,250 and for each different industry, it can be enormous now. 554 00:31:20,890 --> 00:31:23,410 You and I were talking about this, I think a few episodes ago 555 00:31:23,970 --> 00:31:26,610 where we would start if we were going to build an IM product. 556 00:31:26,610 --> 00:31:29,680 I think we settled on IGA. Is like that's where we would 557 00:31:29,680 --> 00:31:32,080 start, because it feels like that's the hardest thing to do 558 00:31:32,560 --> 00:31:35,080 because we already have standards for authentication. 559 00:31:35,560 --> 00:31:38,440 We already have, you know, ideas around how to do authorizations 560 00:31:38,440 --> 00:31:42,360 and things like that. But IGA is just this big hairy 561 00:31:42,360 --> 00:31:45,400 beast. Yeah, and I honestly feel like 562 00:31:46,880 --> 00:31:49,200 I'm not trying to dictate what your road map should be, but 563 00:31:49,200 --> 00:31:51,200 it's just please. Tell Microsoft what they should 564 00:31:51,200 --> 00:31:55,000 be doing here's. What Microsoft should do now, I 565 00:31:55,000 --> 00:31:57,610 think the. Identity administration, like 566 00:31:57,610 --> 00:32:02,410 the request approve workflow, it's like, you know, there's so 567 00:32:02,410 --> 00:32:08,210 much already there in traditional Azure AD that does 568 00:32:08,210 --> 00:32:10,850 what people need. But the ability to kind of like 569 00:32:10,850 --> 00:32:13,530 go through and either self-service request or manage 570 00:32:13,530 --> 00:32:17,930 your request access, to me that's one of the areas that 571 00:32:18,290 --> 00:32:20,890 people want the most. Yeah, I completely agree. 572 00:32:20,890 --> 00:32:25,930 I I mean, I think this is where the machine learning comes in of 573 00:32:26,350 --> 00:32:30,230 trying to understand what people are trying to do and give them 574 00:32:30,870 --> 00:32:34,070 whatever ceremony they need to be successful, right, And 575 00:32:34,070 --> 00:32:37,550 understand it in advance. I think that's, you know, one of 576 00:32:37,550 --> 00:32:41,190 the ways that this industry is going to innovate in the next 577 00:32:41,190 --> 00:32:44,110 three years. I would say though to me the 578 00:32:44,110 --> 00:32:47,830 most difficult thing for our for the industry's future right now 579 00:32:47,830 --> 00:32:52,550 is actually ITDR, the identity threat detection and response 580 00:32:53,990 --> 00:32:57,190 because you have to have signal, you have to signal to operate on 581 00:32:57,710 --> 00:33:01,670 and there is and that that signal can be extremely low 582 00:33:01,670 --> 00:33:05,390 level signal right have. A ton of data to work with. 583 00:33:05,470 --> 00:33:09,830 We have so much, but we we do and and we're working very hard 584 00:33:10,030 --> 00:33:11,790 on leveraging it. I mean, you know, the number 585 00:33:11,790 --> 00:33:16,990 that I think we're giving is 65 trillion signals or something 586 00:33:17,430 --> 00:33:19,670 insane like that. That's it, That's it. 587 00:33:19,710 --> 00:33:22,230 But a trillion? I don't even know what comes 588 00:33:22,230 --> 00:33:24,800 after a trillion. Do you know quadrillion? 589 00:33:25,120 --> 00:33:29,200 I guess a quadrillion. I'll just ask Bing with ChatGPT 590 00:33:29,200 --> 00:33:32,320 or Open AI integration, right. How's that for a plug or? 591 00:33:32,400 --> 00:33:38,400 Bing, right? Who is intra for? 592 00:33:38,520 --> 00:33:41,200 And more importantly, that sets me up for my follow up question 593 00:33:41,200 --> 00:33:45,000 is who is Intra not for? That's a really good question. 594 00:33:45,280 --> 00:33:47,280 Also possibly a question that could get me fired, but I'm 595 00:33:47,280 --> 00:33:49,000 going to go for it. What the heck. 596 00:33:49,840 --> 00:33:55,370 So I think Intra Intra has a really interesting dual role in 597 00:33:55,370 --> 00:33:59,210 my opinion, right. The great thing about Intra is 598 00:33:59,210 --> 00:34:04,770 that you can stand it up with almost nothing else. 599 00:34:04,850 --> 00:34:08,050 If you're a small company, you can stand up Intra that you know 600 00:34:08,050 --> 00:34:11,250 there's a free tier that you can stand up that is going to get 601 00:34:11,250 --> 00:34:13,449 you single sign on. It's going to get you managing 602 00:34:13,449 --> 00:34:16,130 your users. And so, you know, so I think 603 00:34:16,130 --> 00:34:22,000 that if you're someone who's willing to embrace that idea, 604 00:34:22,000 --> 00:34:25,760 who wants some of this rigor, you can have that rigor even if 605 00:34:25,760 --> 00:34:28,639 you're a tiny customer. And of course if you want 606 00:34:28,639 --> 00:34:31,080 premium features, you still have to pay for premium features, 607 00:34:31,080 --> 00:34:34,760 right. However, what you don't have to 608 00:34:34,760 --> 00:34:38,120 be as a big customer because it's a platform and everything 609 00:34:38,239 --> 00:34:41,679 is generally self-service. So and there's a lot of 610 00:34:41,679 --> 00:34:44,320 community and you can go in and learn what's going on. 611 00:34:44,320 --> 00:34:47,920 So there's I think the accessibility for a smaller 612 00:34:47,920 --> 00:34:52,969 company is great. I do think that the there's a 613 00:34:52,969 --> 00:34:57,370 lot of complexity to running any large scale identity management 614 00:34:58,730 --> 00:35:00,450 enterprise. I mean I think you both know 615 00:35:00,450 --> 00:35:02,890 you're both living that every single day. 616 00:35:02,890 --> 00:35:08,130 It's difficult for anyone to understand how to deploy access 617 00:35:08,290 --> 00:35:11,690 packages and access certifications and all of these 618 00:35:11,690 --> 00:35:18,090 incredibly complex concepts. However, what Entra is very, 619 00:35:18,090 --> 00:35:21,330 very good at is the top end, right. 620 00:35:21,330 --> 00:35:25,730 We work a lot with large multinational companies. 621 00:35:26,090 --> 00:35:31,010 We work a lot with companies who need to integrate their identity 622 00:35:31,010 --> 00:35:34,010 world with their security world and that's you know that's 623 00:35:34,010 --> 00:35:37,330 another place where intra can be extremely valuable. 624 00:35:37,930 --> 00:35:43,250 But generally speaking you know we we are we suit those 625 00:35:43,250 --> 00:35:47,110 professional you know cases if you if you have a see so and you 626 00:35:47,110 --> 00:35:51,870 have a an identity management dedicated team then intro's a 627 00:35:51,870 --> 00:35:59,430 really good option for. You so in my day job I and the 628 00:35:59,430 --> 00:36:02,510 Identity strategies, but to stay sharp, one of the things I do is 629 00:36:02,510 --> 00:36:05,390 I get heavily involved in a lot of our projects. 630 00:36:05,670 --> 00:36:11,150 I got involved with AB to C Azure AD implementation over the 631 00:36:11,150 --> 00:36:14,630 past year. Plus, the product's really good. 632 00:36:15,440 --> 00:36:19,800 One thing, notice when Intra basically said OK, we're not 633 00:36:19,800 --> 00:36:27,320 calling you Azure AD anymore, but the subtext to it was B to C 634 00:36:27,520 --> 00:36:31,720 is not affected by this. So still B to C Azure AD or 635 00:36:31,720 --> 00:36:36,440 Azure ADB to CI think is more rightly, but why is that? 636 00:36:36,440 --> 00:36:38,120 Why didn't you just roll that in as well? 637 00:36:38,640 --> 00:36:43,360 We so B to C is considered a legacy product at this time 638 00:36:43,360 --> 00:36:47,900 because we actually have a new rolled out product in preview 639 00:36:48,380 --> 00:36:53,540 called Intra external ID. So you know we are still 640 00:36:53,540 --> 00:36:56,220 supporting B to C obviously we're still working a ton with 641 00:36:56,220 --> 00:37:00,500 customers on it, but intra external ID will is our sort of 642 00:37:00,500 --> 00:37:04,900 future direction in that case and it's you know they obviously 643 00:37:04,900 --> 00:37:08,860 do much of the same thing, but we have changed some of our 644 00:37:08,860 --> 00:37:13,220 fundamental architecture that we think is going to really benefit 645 00:37:13,220 --> 00:37:16,000 people moving forward. One of the things, one of the, I 646 00:37:16,000 --> 00:37:17,680 don't know if you would call it a feature because I think it's 647 00:37:17,680 --> 00:37:22,440 core to the product is the Graph API and building that on top of 648 00:37:22,440 --> 00:37:24,600 that. Building B to C on top of the 649 00:37:24,600 --> 00:37:28,720 Graph API just opened it up to it can do whatever you want. 650 00:37:29,800 --> 00:37:32,040 I thought that was really cool. I wanted to call that out. 651 00:37:32,120 --> 00:37:35,160 Yeah, it's interesting that I mean what it's really good for 652 00:37:35,160 --> 00:37:39,960 both entry ID, external ID and and B to C are amazing because 653 00:37:39,960 --> 00:37:43,400 everything is programmatic. So you, you know you don't have 654 00:37:43,400 --> 00:37:47,000 to be in heavily working with any UI if you don't want to. 655 00:37:47,000 --> 00:37:49,840 You can automate everything because a lot of our largest 656 00:37:49,840 --> 00:37:53,760 customers, they're not touching this thing with a 10 foot pole, 657 00:37:54,560 --> 00:37:56,360 right. Without like there isn't, 658 00:37:56,360 --> 00:38:00,120 there's no chance for typos. They have this thing regimented. 659 00:38:00,120 --> 00:38:02,800 They do roll outs and you know and change management windows 660 00:38:03,280 --> 00:38:06,240 and so you know so the automation piece is a huge value 661 00:38:06,360 --> 00:38:09,760 for our customers and that you know that's that's a size thing 662 00:38:10,080 --> 00:38:14,100 at some point, right. How how much of A machine is 663 00:38:14,100 --> 00:38:17,100 your retail website? That kind of thing. 664 00:38:17,980 --> 00:38:19,300 Can we talk a little bit about AI? 665 00:38:19,940 --> 00:38:23,300 Because I feel like Microsoft has made a lot of investment 666 00:38:23,300 --> 00:38:26,460 obviously from AAI perspective with Open AI. 667 00:38:27,740 --> 00:38:29,660 I've been a big fan of it for a while now. 668 00:38:29,820 --> 00:38:33,740 I think it's captured the minds and maybe the hearts of a lot of 669 00:38:33,740 --> 00:38:37,540 people. Bing was very much early on in 670 00:38:37,540 --> 00:38:39,690 adopting that. I don't want to get into like 671 00:38:39,690 --> 00:38:43,770 product, but I'm just curious where do you see AI fitting into 672 00:38:44,570 --> 00:38:47,810 what you do from an identity perspective for Microsoft, 673 00:38:48,050 --> 00:38:49,930 right. Yeah, it's really exciting. 674 00:38:50,050 --> 00:38:55,170 It's very exciting. I'm not the authority, so you 675 00:38:55,210 --> 00:38:57,210 know, I what I say I believe is true. 676 00:38:57,890 --> 00:39:02,250 Others may disagree, but where we're really excited in identity 677 00:39:02,730 --> 00:39:06,890 about AI is that, you know, we've had machine learning for a 678 00:39:06,890 --> 00:39:10,560 long time, I don't know, maybe as long as 10 years, something 679 00:39:10,560 --> 00:39:12,640 like that. Where we're going in, we're 680 00:39:12,640 --> 00:39:15,880 doing the trend analysis, we're doing the the detection of 681 00:39:15,880 --> 00:39:17,560 anomalies. All of that stuff has been 682 00:39:17,560 --> 00:39:21,440 around for a long time. Where the generative AI comes in 683 00:39:22,120 --> 00:39:25,080 is being able in some sense to put a face on it. 684 00:39:25,640 --> 00:39:29,240 So you know, sense making is a huge problem in the industry 685 00:39:29,240 --> 00:39:31,040 right now. We're churning out the the 686 00:39:31,040 --> 00:39:34,560 signals, we're churning out the data, but it doesn't help if we 687 00:39:34,560 --> 00:39:37,490 can't make sense of it. And that's really where the Gen. 688 00:39:37,490 --> 00:39:40,850 AI piece that you know that that you know we have generally 689 00:39:40,850 --> 00:39:44,530 branded as Co pilot becomes really interesting because now 690 00:39:44,530 --> 00:39:48,970 we can take all of that amazing trend analysis and use 691 00:39:49,370 --> 00:39:53,610 interactive conversation and interactive questioning to help 692 00:39:53,610 --> 00:39:57,330 people make use of it. So that's you know that's for me 693 00:39:57,330 --> 00:40:00,190 at least that's the really exciting piece and of course Co 694 00:40:00,190 --> 00:40:04,690 pilot is a very intentional branding decision not. 695 00:40:05,110 --> 00:40:09,270 Not for selling stuff, but because it is not meant to 696 00:40:09,270 --> 00:40:11,630 replace people. It is meant to help people. 697 00:40:11,950 --> 00:40:16,150 And so it's really all about people working with the AI to 698 00:40:16,150 --> 00:40:19,710 learn and to grow and to leverage rather than, you know, 699 00:40:19,790 --> 00:40:23,590 the machine taking over. I do think that that is a rather 700 00:40:23,590 --> 00:40:30,150 brilliant branding of Co pilot. Did your definition of AI 701 00:40:30,150 --> 00:40:33,350 changed? Change when you saw what large 702 00:40:33,350 --> 00:40:37,180 language models and generative? Could do or have you like yeah, 703 00:40:37,180 --> 00:40:39,300 that's just sort of the next. Yeah, for me it was a 704 00:40:39,300 --> 00:40:42,620 revelation. I had no idea like I I am 705 00:40:42,700 --> 00:40:48,780 absolutely the person who would say AIML as if it was one, right 706 00:40:48,780 --> 00:40:49,980 AIML. This, you're not alone. 707 00:40:49,980 --> 00:40:52,380 I think everybody was doing it. I was doing that, right? 708 00:40:53,220 --> 00:40:58,220 And then I saw the demo from Open AI and I was like, what? 709 00:40:58,420 --> 00:41:00,140 Right? Like that is going to change 710 00:41:00,180 --> 00:41:01,500 things. And I think even Microsoft has 711 00:41:01,500 --> 00:41:05,210 jumped into having, you know. Organizations be able to run 712 00:41:05,210 --> 00:41:10,170 their own large language models in their own tenant so that 713 00:41:10,170 --> 00:41:12,330 their data is not getting somewhere else, which I think is 714 00:41:12,330 --> 00:41:17,730 brilliant because I do see this battle for dominance over who 715 00:41:17,730 --> 00:41:22,530 has the best model and I don't think it's going to be A1 size 716 00:41:22,530 --> 00:41:24,010 fits all. I think you'll have a general 717 00:41:24,210 --> 00:41:28,090 model that is sort of like this, interfaced everything, and then 718 00:41:28,530 --> 00:41:32,530 some sort of segregation of company data running within 719 00:41:32,530 --> 00:41:35,280 another model. So I absolutely see the value 720 00:41:35,280 --> 00:41:37,760 there. That's not the final level of 721 00:41:37,760 --> 00:41:41,040 security then having a classification model that you 722 00:41:41,040 --> 00:41:45,440 then enforce to say this data can't show up in Jeff's. 723 00:41:46,920 --> 00:41:48,040 Yeah, I question. Yeah. 724 00:41:48,040 --> 00:41:50,640 And his copilot, right. He doesn't need to know the 725 00:41:50,640 --> 00:41:53,520 secret HR data. Yeah, and obviously identity 726 00:41:53,520 --> 00:41:58,800 controls are going to be needed to separate what bits and which 727 00:41:58,800 --> 00:42:01,460 model I can. Manipulator. 728 00:42:01,460 --> 00:42:02,300 See. Yes. 729 00:42:02,300 --> 00:42:04,580 Well, the other big investment we've been making for a very 730 00:42:04,580 --> 00:42:08,860 long time is responsible AI. So it's not just a matter of, 731 00:42:09,180 --> 00:42:11,900 you know, creating the robot robots and letting them March on 732 00:42:11,900 --> 00:42:14,780 the village, right. We have for a very long time 733 00:42:14,780 --> 00:42:18,860 been looking at where the guard guardrails need to be so that 734 00:42:18,860 --> 00:42:21,500 this technology can be safely deployed. 735 00:42:21,500 --> 00:42:25,060 And you know, oversight, you have to have oversight. 736 00:42:25,460 --> 00:42:28,420 So all of those things have to work together before the 737 00:42:28,420 --> 00:42:31,220 business tool becomes the accelerator we know it can be. 738 00:42:31,820 --> 00:42:35,820 How often do you use AI? Well you know The funny thing is 739 00:42:35,820 --> 00:42:41,620 I took a photography course a couple of weeks ago and so not 740 00:42:41,620 --> 00:42:47,380 tech, not geeky anything and the instructor just on a whim opened 741 00:42:47,380 --> 00:42:51,980 up Adobe Photoshop, highlighted a a circle on a top of building 742 00:42:51,980 --> 00:42:54,620 and said remove the crane like that. 743 00:42:55,100 --> 00:42:57,740 Yeah, Firefly and Sensei are pretty amazing. 744 00:42:58,390 --> 00:43:01,590 Yeah. I mean that's I think that in 745 00:43:01,590 --> 00:43:06,790 daily life that is that kind of value is going to change how 746 00:43:06,790 --> 00:43:11,510 people use it. I certainly use it at work a 747 00:43:11,510 --> 00:43:14,310 little bit and I think that will grow quite a bit. 748 00:43:15,230 --> 00:43:17,510 Yeah, I think it's still, I mean, I use it quite a bit for a 749 00:43:17,510 --> 00:43:19,630 variety of things every kind of everywhere, right. 750 00:43:19,670 --> 00:43:21,870 It's a good starting point if you're starting something. 751 00:43:22,840 --> 00:43:25,400 It still will hallucinate which is a friendly term for straight 752 00:43:25,400 --> 00:43:28,960 up lie of information you know that comes through. 753 00:43:28,960 --> 00:43:31,960 So I still think that there is you still need to know your 754 00:43:31,960 --> 00:43:34,720 subject. I don't know if I would trust it 755 00:43:34,880 --> 00:43:37,800 to really go down the path of learning something. 756 00:43:38,720 --> 00:43:41,200 It's probably good to a certain degree and then it starts kind 757 00:43:41,200 --> 00:43:42,760 of going off the rails. I'm sure that'll get better 758 00:43:42,760 --> 00:43:44,200 overtime kind of figure that out. 759 00:43:44,600 --> 00:43:45,680 But I use it for a variety of things. 760 00:43:45,680 --> 00:43:48,840 I use it for work. I use it for this podcast that 761 00:43:48,840 --> 00:43:51,760 helps with things like show notes and. 762 00:43:52,260 --> 00:43:55,300 Audio editing and there's just so many different things that 763 00:43:55,300 --> 00:43:57,620 it's gonna be interesting to see how this is gonna roll through 764 00:43:58,220 --> 00:44:00,900 the next five years. I think it's gonna be crazy. 765 00:44:00,900 --> 00:44:03,580 I mean, we have enough audio at this point where, you know, I've 766 00:44:03,580 --> 00:44:07,860 toyed with making an episode with Jim and I using nothing, 767 00:44:07,860 --> 00:44:10,660 just a script. I have enough audio to train, 768 00:44:10,740 --> 00:44:13,220 you know, a voice to sound and all of our. 769 00:44:13,220 --> 00:44:16,420 Subscribers start unsubscribing. Right. 770 00:44:16,780 --> 00:44:18,780 But I think this is something you're gonna see is this. 771 00:44:18,780 --> 00:44:21,040 It's almost like. You know, you see a lot of, like 772 00:44:21,040 --> 00:44:25,600 articles that were like, it was generated by AI and they're of 773 00:44:25,600 --> 00:44:29,160 varying quality. And big news organizations have 774 00:44:29,160 --> 00:44:32,200 started to adopt this where they say, OK, well, we can't possibly 775 00:44:32,200 --> 00:44:34,080 cover every high school sports game in the world. 776 00:44:34,400 --> 00:44:37,640 So they have AI write some little blurb about some data 777 00:44:37,640 --> 00:44:41,000 that was fed to it by something. I think you're going to see that 778 00:44:41,000 --> 00:44:45,080 with video, with audio, where it's like, oh, I have this idea 779 00:44:45,080 --> 00:44:48,840 for a thing, you know, create a YouTube video that talks about 780 00:44:48,840 --> 00:44:52,290 this. And next thing you know you're 781 00:44:52,290 --> 00:44:56,530 watching this thing, it's interesting I'm I'm on the 782 00:44:56,530 --> 00:44:58,890 program committee for a couple of the different identity 783 00:44:58,890 --> 00:45:04,290 conferences and at least right now and it may not last very 784 00:45:04,290 --> 00:45:09,930 long, there are certain percentage of the abstracts that 785 00:45:09,930 --> 00:45:11,930 might be wrong. I mean, I might be, it might be 786 00:45:11,930 --> 00:45:15,490 that the that I'm only identifying a fraction of the 787 00:45:15,650 --> 00:45:18,450 like, some of them might be so well written that I can't even 788 00:45:18,450 --> 00:45:21,650 tell. And if so, more power to 789 00:45:21,650 --> 00:45:24,410 everyone, right? But yeah, it's it's into a 790 00:45:24,410 --> 00:45:27,410 certain thing where you get an abstract that talks about things 791 00:45:27,410 --> 00:45:31,170 and uses all the right terms, but they're not actually related 792 00:45:31,170 --> 00:45:34,490 to each other in a way that would make sense to a rational 793 00:45:34,490 --> 00:45:37,770 human being. I like the keyword rational 794 00:45:37,770 --> 00:45:40,090 human being. You spent a lot of time with us 795 00:45:40,090 --> 00:45:41,370 here. We definitely appreciate it. 796 00:45:41,370 --> 00:45:43,850 We hope you'll come back, but we want to end on a lighter note. 797 00:45:44,770 --> 00:45:46,810 We kind of talked about some different ideas before we hit 798 00:45:46,810 --> 00:45:48,700 record. You mentioned that you're in the 799 00:45:48,700 --> 00:45:53,660 process of renovating A Victorian home, and it sounds 800 00:45:53,660 --> 00:45:56,740 like you've been doing that for a while and maybe we'll be doing 801 00:45:56,740 --> 00:46:02,460 that for a while. What is the thing that you 802 00:46:02,460 --> 00:46:06,500 discovered that you just weren't prepared for when you started 803 00:46:06,500 --> 00:46:10,020 this journey? Well, so yes, we have. 804 00:46:10,020 --> 00:46:17,900 A San Francisco Victorian home was built in 1891, if I remember 805 00:46:17,900 --> 00:46:22,060 correctly. 1891, yeah. And so I think the thing that 806 00:46:22,060 --> 00:46:26,420 surprised me the most, which kind of tells what kind of IQ I 807 00:46:26,420 --> 00:46:30,980 have, but I all of the trim in the house is Redwood first 808 00:46:30,980 --> 00:46:32,820 growth Redwood. They were mowing down the 809 00:46:32,820 --> 00:46:35,540 Redwood trees and to build these homes back then. 810 00:46:36,020 --> 00:46:41,340 And I, it was my job to strip all the paint off of the trim. 811 00:46:42,460 --> 00:46:46,310 And I had the worst time because they were, you know, it's a lot 812 00:46:46,310 --> 00:46:48,190 of paint that you can apply to this stuff and it's all 813 00:46:48,190 --> 00:46:50,470 different chemical makeups and all that kind of stuff. 814 00:46:50,470 --> 00:46:54,710 And so I started with the Eco friendly paint, trim paint 815 00:46:55,390 --> 00:46:56,670 dissolver. That did not work. 816 00:46:57,230 --> 00:46:59,870 And I tried every single thing. And finally I figured out the 817 00:46:59,870 --> 00:47:04,190 heat gun was the way to go. And so I spent two years, not 818 00:47:04,190 --> 00:47:06,150 even kidding, two years stripping off. 819 00:47:06,830 --> 00:47:10,070 Not once did I think that maybe there could be lead in that 820 00:47:10,070 --> 00:47:15,250 paint. Not once until my husband's 821 00:47:15,250 --> 00:47:19,330 daughter showed up one day and she said, you know, should you 822 00:47:19,330 --> 00:47:22,650 check? And, and we were almost done. 823 00:47:22,730 --> 00:47:25,530 I mean, I had been breathing those fumes for, for two years 824 00:47:25,530 --> 00:47:28,050 at that time. And then we freaked out. 825 00:47:28,170 --> 00:47:30,130 We freaked out. We didn't touch it for four 826 00:47:30,130 --> 00:47:33,850 months. We went in with hazmat suits to 827 00:47:33,850 --> 00:47:38,050 finish the last pieces of it. So yeah, not my finest moment. 828 00:47:38,330 --> 00:47:40,490 So there's a chance that you may actually glow in the dark. 829 00:47:40,530 --> 00:47:42,130 It's possible. It is possible. 830 00:47:42,130 --> 00:47:44,730 We did test it after the fact and there wasn't very much. 831 00:47:44,730 --> 00:47:47,250 Left Well, one of the greatest things when you do an older 832 00:47:47,250 --> 00:47:49,290 house. So my mother bought an older 833 00:47:49,290 --> 00:47:52,330 house when I was a young teenager. 834 00:47:52,730 --> 00:47:56,650 And you peel back the carpet like this Harvard floors there. 835 00:47:56,650 --> 00:47:58,970 You're like, who put a carpet who for this. 836 00:47:59,050 --> 00:48:02,330 But you just feel like you just discovered found gold. 837 00:48:03,010 --> 00:48:05,250 Yeah, it's such a wonderful feeling. 838 00:48:05,250 --> 00:48:10,040 We preserved as much as we could and we tried to stick with the 839 00:48:10,040 --> 00:48:13,240 same feel, but now we're we've finished the inside and now 840 00:48:13,240 --> 00:48:16,360 we're trying to do the outside and that involves recreating 841 00:48:16,360 --> 00:48:20,320 corbels and recreating trim and it's really nerve wracking 842 00:48:20,320 --> 00:48:24,200 because we don't know if we're going to do it justice. 843 00:48:24,520 --> 00:48:30,680 Or not now Pam, I didn't know you were a Calgary native and I 844 00:48:30,680 --> 00:48:36,080 was in Calgary last weekend and went to Bam for the weekend and. 845 00:48:36,940 --> 00:48:38,780 One of the greatest places I've ever been. 846 00:48:39,060 --> 00:48:43,340 But you know you must have some fond memories. 847 00:48:43,340 --> 00:48:46,540 So what is your fondest Banff memory? 848 00:48:46,660 --> 00:48:49,900 Oh gosh, yeah, I I misspent my youth in Banff. 849 00:48:50,820 --> 00:48:53,140 I'm not sure it's my fondest memory, but one of my strongest 850 00:48:53,140 --> 00:48:58,460 memories is actually probably the trip I had where I we were 851 00:48:58,460 --> 00:49:01,420 mountain climbing, climbing a mountain called Mount Yamnuska. 852 00:49:01,500 --> 00:49:04,620 I don't know if you saw that. It's on the way in, on the way 853 00:49:04,620 --> 00:49:10,850 to Banff and I fell off and I broke my ankle in two places, 854 00:49:10,930 --> 00:49:16,610 broke the tibia and wait tibia and yeah, something like that. 855 00:49:17,370 --> 00:49:20,170 Anyways, I got helicoptered off the mountain and so I have this 856 00:49:20,170 --> 00:49:25,330 huge memory that the helicopter couldn't land and you know we 857 00:49:25,330 --> 00:49:27,370 had climbers came from all over the mountain. 858 00:49:27,530 --> 00:49:33,340 It's an amazing thing that that whole community because was way 859 00:49:33,340 --> 00:49:36,260 back, it's 1996, it was a long time ago and so there weren't 860 00:49:36,260 --> 00:49:37,660 just cell phones you could call on. 861 00:49:37,660 --> 00:49:40,460 And so and we didn't have cell service up on the mountain. 862 00:49:40,460 --> 00:49:44,980 And so probably 20 different climbers gave up their climbs 863 00:49:44,980 --> 00:49:49,780 that day because they ran a relay down the mountain. 864 00:49:49,780 --> 00:49:51,940 So the people at the top turned around. 865 00:49:52,060 --> 00:49:53,220 They were just coming to the top. 866 00:49:53,220 --> 00:49:54,780 They turned around, they ran down till they met. 867 00:49:54,780 --> 00:49:57,900 The next climbers said somebody's in trouble getting 868 00:49:57,900 --> 00:50:00,770 ambulance and then those people turned around, they ran to the 869 00:50:00,770 --> 00:50:04,450 next people and so they did this crazy relay down just to be able 870 00:50:04,450 --> 00:50:07,170 to call the air ambulance to pick me up. 871 00:50:07,530 --> 00:50:11,250 And then they couldn't land the the helicopter on the apron. 872 00:50:11,690 --> 00:50:16,090 So they attached me to a stretcher that was hanging below 873 00:50:16,130 --> 00:50:19,250 the helicopter. And on a beautiful, beautiful 874 00:50:19,250 --> 00:50:24,850 day I got flown over the valley and that was great. 875 00:50:24,850 --> 00:50:27,290 I, you know, I was a little preoccupied at the time, but my 876 00:50:27,290 --> 00:50:31,150 climbing partner, they had to, you know, they sort of sent me 877 00:50:31,150 --> 00:50:34,190 in a stretcher with one attendant, and there was another 878 00:50:34,190 --> 00:50:37,670 attendant there. And so they actually let my 879 00:50:37,670 --> 00:50:40,870 climbing partner clip his harness into the rope. 880 00:50:41,550 --> 00:50:46,030 And so he flew over the valley suspended on his climbing 881 00:50:46,030 --> 00:50:49,150 hardness, just underneath the helicopter. 882 00:50:49,150 --> 00:50:52,630 And so he got to the hospital and I'm groggy and I'm in pain 883 00:50:52,630 --> 00:50:55,230 and all of this, and he gets to the to the bedside. 884 00:50:55,230 --> 00:50:58,050 He's like, damn, I'm so sorry this happened to me or to you, 885 00:50:58,050 --> 00:51:01,650 but that was the best experience of my whole life. 886 00:51:01,690 --> 00:51:04,410 His fondest memory? Not yours, exactly. 887 00:51:04,650 --> 00:51:07,530 I was going to say like, people probably had Banff on their 888 00:51:07,850 --> 00:51:10,170 bucket list. You just gave you that. 889 00:51:10,170 --> 00:51:14,050 That is your fondest story. And they're just like there's so 890 00:51:14,050 --> 00:51:15,850 much more. I mean Emerald Lake for example. 891 00:51:15,930 --> 00:51:18,970 If you go a little bit farther past, Banff is something you'll 892 00:51:18,970 --> 00:51:21,490 never forget if. You go Lake Louise, Lake Louise. 893 00:51:21,490 --> 00:51:24,570 We got all the way up there and the parking lot was full. 894 00:51:25,110 --> 00:51:28,830 But my funny story was we were going through the town, there's 895 00:51:28,830 --> 00:51:34,510 a place that sold bear spray 1295, and we just thought, get 896 00:51:34,510 --> 00:51:38,190 that. And we told we I was there with 897 00:51:38,190 --> 00:51:41,590 my girlfriend Denise, and we started to say, yeah, if we get 898 00:51:41,590 --> 00:51:43,630 killed by a bear, the story will go. 899 00:51:43,750 --> 00:51:46,910 They're too cheap to buy 1295 worth of bear spray. 900 00:51:47,230 --> 00:51:51,630 They kind of had a cup, right? Yeah, we did have definitely had 901 00:51:51,670 --> 00:51:54,860 some bear encounters, but generally speaking, if you leave 902 00:51:54,860 --> 00:51:56,580 them alone, they usually leave you alone. 903 00:51:56,580 --> 00:51:57,740 We're. Talking about brown bears or 904 00:51:57,740 --> 00:51:59,380 black bears, Oh yeah, very different. 905 00:51:59,380 --> 00:52:02,900 So brown bear you can scare away unless it's really, really, 906 00:52:02,900 --> 00:52:05,860 really, really hungry. And so if if a brown bear starts 907 00:52:05,860 --> 00:52:08,500 to follow you, it probably wants to eat you. 908 00:52:08,700 --> 00:52:10,940 So there's it is really important to know the 909 00:52:10,940 --> 00:52:12,860 difference. Whereas a grizzly bear will 910 00:52:12,860 --> 00:52:14,740 charge you if it feels threatened and you can play 911 00:52:14,740 --> 00:52:19,860 dead, but if a brown bear charges you it, you know, if you 912 00:52:19,860 --> 00:52:21,780 play dead, you're kind of just offering yourself a business. 913 00:52:22,020 --> 00:52:23,300 Yeah, I saw Revenant. That didn't work. 914 00:52:25,290 --> 00:52:27,490 Pam, you've been really just of your time and I'm really glad 915 00:52:27,490 --> 00:52:30,810 we're able to get this conversation in long time coming 916 00:52:30,850 --> 00:52:33,050 long overdue. I hope you'll come back. 917 00:52:34,290 --> 00:52:35,490 Any final thoughts before we wrap up? 918 00:52:36,610 --> 00:52:39,650 No, only that I'm really glad you exist in this industry. 919 00:52:40,250 --> 00:52:41,770 It matters a lot. Thank you. 920 00:52:41,770 --> 00:52:43,890 I'm happy I exist too, and I'm sure Jim is too. 921 00:52:45,650 --> 00:52:47,130 We'll go and leave it there for this week. 922 00:52:47,210 --> 00:52:50,170 You can find us on the web at idacpodcast.com. 923 00:52:50,650 --> 00:52:54,290 We're on Twitter or X or whatever at IDAC Podcast. 924 00:52:54,690 --> 00:52:58,410 We're on Mastodon at IDAC Podcast, at infosec dot 925 00:52:58,410 --> 00:53:00,930 exchange. We'll have links in our show 926 00:53:00,930 --> 00:53:02,730 notes. You can connect with Pam 927 00:53:03,090 --> 00:53:08,610 ourselves, whoever you'd like, subscribe like thumbs up, 928 00:53:08,890 --> 00:53:11,290 review, whatever it is. Yeah, that's that's all stuff 929 00:53:11,290 --> 00:53:16,530 that helps us get great guests like Pam, and hopefully we get 930 00:53:16,530 --> 00:53:17,690 more. So we'll leave it there. 931 00:53:18,180 --> 00:53:20,220 Thanks everyone for listening and we'll talk with everyone in 932 00:53:20,220 --> 00:53:22,980 the next. You've been listening to 933 00:53:22,980 --> 00:53:26,860 Identity at the Center. We hope you've enjoyed the show. 934 00:53:27,060 --> 00:53:31,260 Make sure to like, rate and review and we'll be back soon. 935 00:53:31,420 --> 00:53:33,700 But in the meantime, hit the website at 936 00:53:33,700 --> 00:53:40,820 identity@thecenter.com and find us on Twitter at IDAC Podcast. 937 00:53:41,260 --> 00:53:45,380 See you next time on identity at the center.