1 00:00:09,700 --> 00:00:12,500 You're listening to the identity at the center podcast. 2 00:00:12,800 --> 00:00:15,600 This is a show that talks about identity and access management 3 00:00:15,700 --> 00:00:18,600 and making sure you know who has access to what let's get 4 00:00:18,600 --> 00:00:25,400 started. Welcome to the identity of the 5 00:00:25,400 --> 00:00:27,300 sender podcast, I'm Jeff and that's Jim. 6 00:00:27,300 --> 00:00:30,400 Hey Jim hey Jeff, how are you? Not so bad yourself? 7 00:00:31,200 --> 00:00:32,200 I'm doing good. You know. 8 00:00:32,200 --> 00:00:35,100 We're going to release this podcast, couple days after 9 00:00:35,100 --> 00:00:38,400 Thanksgiving the Monday after Thanksgiving and I'm just kind 10 00:00:38,400 --> 00:00:41,900 of wondering what are you thankful for air conditioning 11 00:00:41,900 --> 00:00:46,100 and fast internet? And here I was thinking you were 12 00:00:46,100 --> 00:00:48,800 going to say family and friends will be crazy man. 13 00:00:49,600 --> 00:00:53,200 No, I was going to go with a tech answer to So my answer is 14 00:00:53,200 --> 00:00:55,400 going to be password. Alice but guess what? 15 00:00:55,400 --> 00:00:59,300 I spent the entire day doing are not the entire day but it was a 16 00:00:59,300 --> 00:01:03,200 good hour and a half. Talking about how we're going to 17 00:01:03,200 --> 00:01:06,100 do is self-service password, resets and password 18 00:01:06,100 --> 00:01:10,400 synchronization and what all the password policies have to be in 19 00:01:10,400 --> 00:01:13,600 order for the synchronization not to break. 20 00:01:13,600 --> 00:01:17,900 And I asked what I started to realize was that all those years 21 00:01:17,900 --> 00:01:21,800 in, I am that kind of made make me the dinosaur that I am. 22 00:01:22,500 --> 00:01:24,800 Sure come in handy, still. Yeah. 23 00:01:24,800 --> 00:01:26,800 I mean password. Oh this is cool, right? 24 00:01:26,800 --> 00:01:29,000 I think it's coming. We've been hearing for a while, 25 00:01:29,300 --> 00:01:31,300 but guess what? There's still people passwords 26 00:01:31,300 --> 00:01:34,300 out there so gotta cover them to and support it so and the only 27 00:01:34,300 --> 00:01:37,500 happy path is the part that most exploits are probably taking 28 00:01:37,500 --> 00:01:40,500 advantage of is, you know, I forgot my password and kind of 29 00:01:40,500 --> 00:01:43,100 going through that or if they've reuse their password and 30 00:01:43,100 --> 00:01:46,800 unfortunately, maybe you're getting, you know, a rainbow 31 00:01:46,800 --> 00:01:49,900 you're part of a rainbow table out there which has pretty much 32 00:01:49,900 --> 00:01:52,900 every breach password, no demand covered. 33 00:01:52,900 --> 00:01:55,200 So it's important. Oughtn't kind of cover is like 34 00:01:55,200 --> 00:01:57,700 okay we know we want to plan and design for the future but we 35 00:01:57,700 --> 00:01:59,900 can't forget the present. Yeah. 36 00:02:00,600 --> 00:02:04,400 You know, the other thing that I find that, you know, having you 37 00:02:04,400 --> 00:02:09,500 know, the good old gray hair experience is that a lot of the 38 00:02:09,500 --> 00:02:16,500 basic fundamentals of it and your, your software development 39 00:02:16,500 --> 00:02:20,200 life cycle, those things come in handy and they play out in. 40 00:02:20,200 --> 00:02:23,900 I am projects over and over again and the example I'm going 41 00:02:23,900 --> 00:02:27,100 to give Right now is something that's come up in one of my 42 00:02:27,100 --> 00:02:32,400 projects where the team working with the Zach asked for access 43 00:02:32,400 --> 00:02:37,400 to the dev environment during their or I'm sorry it's the QA 44 00:02:37,400 --> 00:02:40,900 environment but they want to make changes as they're going 45 00:02:40,900 --> 00:02:45,500 through their QA process and that's very much you know not 46 00:02:45,500 --> 00:02:51,000 how normal software development projects go where the testers 47 00:02:51,000 --> 00:02:55,300 are changing the system right? Because then The developers 48 00:02:55,500 --> 00:02:59,300 don't know what was changed and they're asked to then solve 49 00:02:59,300 --> 00:03:04,700 problems that they're not sure how those came to be. 50 00:03:04,700 --> 00:03:09,300 So the analogy I was using today was imagine that you are asked 51 00:03:09,300 --> 00:03:13,300 to fix a car, you're working on that car and then you step away 52 00:03:13,600 --> 00:03:16,900 and then the owner of the car comes over and starts working on 53 00:03:16,900 --> 00:03:18,900 it. Then you come back and you think 54 00:03:18,900 --> 00:03:23,600 it's in a certain place and the car should start now and you go 55 00:03:23,600 --> 00:03:26,300 to start it. Is not working and you go in and 56 00:03:26,300 --> 00:03:29,200 you discover all these changes were made and you have to kind 57 00:03:29,200 --> 00:03:33,400 of troubleshoot backwards. So I think that's ultimately why 58 00:03:34,000 --> 00:03:35,700 you prevent that from happening, right? 59 00:03:35,700 --> 00:03:39,200 The developers are responsible for creating a working 60 00:03:39,200 --> 00:03:44,100 environment and having other people work on that environment. 61 00:03:44,500 --> 00:03:47,700 You know, behind the scenes is just not acceptable. 62 00:03:47,700 --> 00:03:50,900 So really, that's just basic software development. 63 00:03:50,900 --> 00:03:54,000 That's not specific to I am but you have to be able to bring 64 00:03:54,000 --> 00:03:57,800 that at to the table when you're going into projects because you 65 00:03:57,800 --> 00:04:00,500 never know when these kind of scenarios might pop up. 66 00:04:01,200 --> 00:04:03,200 I think it's basic anything. You know you're telling the 67 00:04:03,200 --> 00:04:06,600 story and for the this is an audio podcast but I was squid 68 00:04:06,600 --> 00:04:11,400 and real hard at you like what that the brow is furrowed like, 69 00:04:11,400 --> 00:04:16,300 this doesn't make any sense. I mean this shouldn't be rocket 70 00:04:16,300 --> 00:04:18,899 science and it shouldn't be it should be common knowledge but 71 00:04:18,899 --> 00:04:20,399 common knowledge isn't so common. 72 00:04:20,399 --> 00:04:23,800 Sometimes you know we did this when I was in the help desk is 73 00:04:23,800 --> 00:04:25,000 like okay. Like a long ticket. 74 00:04:25,000 --> 00:04:28,200 A troubleshooting you were you you needed to document what you 75 00:04:28,200 --> 00:04:31,500 tried. So that as you were going along, 76 00:04:31,500 --> 00:04:34,800 if the ticket need to be migrated to another queue or 77 00:04:34,800 --> 00:04:37,000 whatever it might be, they knew what was already tried and they 78 00:04:37,000 --> 00:04:40,200 weren't wasting their time. I mean this seems kind of like a 79 00:04:40,200 --> 00:04:44,700 no duh. But no da Jim well. 80 00:04:44,700 --> 00:04:47,800 I mean it's one of those things you came with hard-earned 81 00:04:47,800 --> 00:04:50,500 experience, right? Absolute learn it from a book. 82 00:04:50,600 --> 00:04:54,100 Absolutely, let's see. So what else we got? 83 00:04:54,200 --> 00:04:56,700 Got going on before we get to our main topic which is identity 84 00:04:56,700 --> 00:04:58,000 governance. I think we're after 85 00:04:58,000 --> 00:05:01,600 Thanksgiving, will probably be taking a, our normal sort of 86 00:05:01,600 --> 00:05:03,900 holiday break here towards the end of December. 87 00:05:04,800 --> 00:05:09,000 Give my tired weary fingers, and even worse voice, a break for a 88 00:05:09,008 --> 00:05:11,800 couple weeks as we sort of had into Christmas. 89 00:05:11,800 --> 00:05:14,100 But we've got a few more, a few more shows lined up after this 90 00:05:14,100 --> 00:05:17,200 one, but people shouldn't be surprised. 91 00:05:17,200 --> 00:05:19,800 You know, as we normally do every storm or between like 92 00:05:20,400 --> 00:05:23,000 mid-December to like mid-January, take a few weeks 93 00:05:23,000 --> 00:05:26,400 break to kind of restore. Recharge that's using my spot 94 00:05:26,400 --> 00:05:29,200 where I try to get some creative juices flowing and either come 95 00:05:29,200 --> 00:05:33,000 up with a new intro or I think I think I'm okay with the logo 96 00:05:33,000 --> 00:05:34,600 right now. Probably you know, keep that for 97 00:05:34,600 --> 00:05:36,900 a little bit but it's an opportunity for us to kind of 98 00:05:36,900 --> 00:05:40,200 reinvent and you know keep things fresh so keep an eye out 99 00:05:40,200 --> 00:05:41,700 for that. In case something changes. 100 00:05:42,500 --> 00:05:45,400 Yeah, sharpen the saw a little bit but yeah I think even 101 00:05:45,400 --> 00:05:49,800 Slackers like else deserve a couple of weeks off and gives us 102 00:05:49,800 --> 00:05:53,200 an opportunity to kind of come back full steam. 103 00:05:53,500 --> 00:05:56,100 I mean, You think about it, this is going to be episode. 104 00:05:56,100 --> 00:05:58,900 What? 190 up at three and a half 105 00:05:58,900 --> 00:06:02,900 years, not even three and a half years, so we're definitely 106 00:06:02,900 --> 00:06:06,100 exceeding the pace of one episode per week. 107 00:06:06,100 --> 00:06:09,000 Yeah, which is a lot considering this is not our day job. 108 00:06:09,900 --> 00:06:11,900 Exactly. All right well, why don't we 109 00:06:11,907 --> 00:06:13,900 talk a little bit about identity governance. 110 00:06:13,900 --> 00:06:16,600 Some very happy to have our guest on here. 111 00:06:16,700 --> 00:06:19,500 His name is Paul Mazzara. He's the vice president of 112 00:06:19,500 --> 00:06:21,900 strategy with zaevion. Welcome to the show Paul. 113 00:06:22,600 --> 00:06:24,400 All right. Hey, thanks for having me, glad 114 00:06:24,400 --> 00:06:26,400 to be here. Yeah, thanks so much for joining 115 00:06:26,400 --> 00:06:28,100 us. And, you know, one of the things 116 00:06:28,100 --> 00:06:29,700 I like to do when we have someone out for the first time 117 00:06:29,700 --> 00:06:32,500 is kind of find about their identity background in their 118 00:06:32,500 --> 00:06:35,300 origin story. I guess, how did you did you get 119 00:06:35,300 --> 00:06:38,100 into the I am space? Is it something that shows you 120 00:06:38,100 --> 00:06:42,400 or did you choose it? Yeah, kind of combination. 121 00:06:42,400 --> 00:06:46,600 I think, eventually it chose me and then I decided to kind of 122 00:06:47,100 --> 00:06:50,900 stay with it so to speak. Yeah, for me, it started back in 123 00:06:50,900 --> 00:06:53,200 the right. When the kind of internet start 124 00:06:53,200 --> 00:06:58,400 taking off, in terms of not just being a website that had little 125 00:06:58,800 --> 00:07:01,000 pretty things to look at or read. 126 00:07:01,300 --> 00:07:06,400 But so this is around the later 90s and up to then I'd been a 127 00:07:06,400 --> 00:07:09,300 software developer so I actually started out as they call it. 128 00:07:09,300 --> 00:07:13,400 T PF programmers, the Game programmer, the tpf is like a 129 00:07:13,400 --> 00:07:17,800 airline Airline programming and so but I was able to kind of 130 00:07:17,800 --> 00:07:20,600 move into like a more windows programming and learn Visual 131 00:07:20,600 --> 00:07:24,600 Basic and and then I picked up TCP IP sockets. 132 00:07:25,000 --> 00:07:29,100 And so at that point, there was opportunity to, to go with a 133 00:07:29,300 --> 00:07:33,300 start on this B2B Extranet that Visa was working on. 134 00:07:33,900 --> 00:07:38,400 And at that point, they were looking at putting it on 135 00:07:38,400 --> 00:07:41,000 CompuServe, so that's kind of where we're was. 136 00:07:41,200 --> 00:07:44,100 Back then. And so they said, okay, let's 137 00:07:44,100 --> 00:07:46,200 put this thing on the internet and see, you know, what? 138 00:07:46,200 --> 00:07:49,100 We could do with it, see what the, what are member banks, you 139 00:07:49,108 --> 00:07:51,400 know, because basically, it was a way for member banks can share 140 00:07:51,400 --> 00:07:55,000 information with visa and kind of secure fashion, nothing like 141 00:07:55,000 --> 00:07:58,100 top secret or transactions, but just information. 142 00:07:58,700 --> 00:08:03,000 And so it started out with kind of a proprietary kind of a 143 00:08:03,200 --> 00:08:07,800 tunnel firewall bit, the client had to load on their desktop and 144 00:08:07,800 --> 00:08:11,700 then to do that secure Communications before SLE So 145 00:08:11,700 --> 00:08:17,700 then I actually helped Implement Implement SSL and then a single 146 00:08:17,700 --> 00:08:19,800 sign-on. So that's kind of how I got into 147 00:08:19,800 --> 00:08:22,300 the whole I am. And then from there, we had kind 148 00:08:22,300 --> 00:08:24,900 of a custom enrollment entitlement system. 149 00:08:25,500 --> 00:08:27,900 And so that was a lot of fun, right? 150 00:08:27,900 --> 00:08:31,600 During the kind of internet boom in the early 2000s. 151 00:08:32,200 --> 00:08:34,900 And then from there, I kind of evolved more to like an 152 00:08:34,900 --> 00:08:39,000 architecture role. Did some work on some Federation 153 00:08:39,000 --> 00:08:42,900 projects and then eventually Went to over to McKesson in the 154 00:08:42,900 --> 00:08:45,700 healthcare space. That was a lot of fun started. 155 00:08:45,700 --> 00:08:48,600 They're very small Beginnings to and we kind of built out a 156 00:08:49,000 --> 00:08:54,200 shared Service as part of the it group for see I am we built a 157 00:08:54,200 --> 00:08:56,000 whole big platform to kind of hosts. 158 00:08:56,000 --> 00:09:00,300 A lot of different customer and you know patient portals and 159 00:09:02,000 --> 00:09:05,200 Pharmacy portals and a lot of cool stuff using the 160 00:09:05,300 --> 00:09:08,800 Technologies you guys are all familiar with and then a couple 161 00:09:08,800 --> 00:09:12,300 years ago went to Gartner so I have opportunity To cover, IGA, 162 00:09:12,300 --> 00:09:15,500 Pam and see. I am there and talk to a lot of 163 00:09:15,508 --> 00:09:18,900 clients by a lot of people that you know like people that listen 164 00:09:18,900 --> 00:09:22,100 to your podcast around what are the struggles that people are 165 00:09:22,100 --> 00:09:24,700 facing and a lot of the struggles and challenges I had 166 00:09:24,700 --> 00:09:28,300 as a practitioner very similar to what I was hearing out in the 167 00:09:28,300 --> 00:09:30,400 field. So it was kind of really nice to 168 00:09:30,400 --> 00:09:34,400 get that validation confirmation out there that not I wasn't the 169 00:09:34,400 --> 00:09:37,500 only one that kind of going through this, you know, proud of 170 00:09:37,500 --> 00:09:40,800 these challenges. So, so it's been a nice ride and 171 00:09:40,800 --> 00:09:45,900 now I kind of dove into the, to the vendor space now, for about 172 00:09:45,900 --> 00:09:48,100 a year and a half. I've been it would save you kind 173 00:09:48,100 --> 00:09:51,200 of, it's part of their strategy team self, kind of going full 174 00:09:51,200 --> 00:09:53,700 circle. So we'll see what's next. 175 00:09:53,700 --> 00:09:56,100 But yeah, I don't plan on stopping anytime soon. 176 00:09:56,700 --> 00:09:58,600 Yeah, so you've been like, neck-deep and IGA. 177 00:09:58,600 --> 00:10:00,900 Now for a few years, I guess I got to ask about the Gartner 178 00:10:00,900 --> 00:10:04,200 suck because I'm always curious. I guess take me through like a 179 00:10:04,208 --> 00:10:06,100 typical day of what it's like to be. 180 00:10:06,100 --> 00:10:09,200 You know, an analyst in this space where you know like it or 181 00:10:09,200 --> 00:10:12,700 not, the Gartner magic quadrant is One of the tastemakers that's 182 00:10:12,700 --> 00:10:15,800 out there. I'd love to hear more kind of, 183 00:10:16,100 --> 00:10:19,400 you know what's that like? Yeah, actually you lot of people 184 00:10:19,400 --> 00:10:22,200 don't know. I was on a team that was like 185 00:10:22,200 --> 00:10:25,700 the former Burton group if you guys heard of the Burton group 186 00:10:25,800 --> 00:10:28,300 Gartner bought the burden group and they kind of created a 187 00:10:28,300 --> 00:10:30,800 technical, professional part of gardener. 188 00:10:30,800 --> 00:10:33,100 So I was on the I am team for that. 189 00:10:33,400 --> 00:10:37,100 That particular group in our focus is more around, the The 190 00:10:37,100 --> 00:10:40,700 Architects and implementers, and we did the solution scorecard 191 00:10:40,700 --> 00:10:44,800 and of It's met with those. I did a bunch of those for IGA 192 00:10:45,200 --> 00:10:49,600 and we had another team that did the magic quadrants and and some 193 00:10:49,600 --> 00:10:52,200 of those those reports it was great. 194 00:10:52,200 --> 00:10:55,900 Kind of we work together but we didn't really author co-author 195 00:10:56,100 --> 00:11:00,800 any, any any research with them? But yeah, I mean the day in the 196 00:11:00,800 --> 00:11:05,200 life I would say it's it's a lot harder than it kind of looks in 197 00:11:05,208 --> 00:11:08,900 the sense of all the different things you have to juggle, you 198 00:11:08,900 --> 00:11:10,900 know, first of all, prepare for conferences. 199 00:11:11,000 --> 00:11:15,400 Presentations doing yes, x amount of documents that you 200 00:11:15,400 --> 00:11:17,200 have. You gotta crank out plus 201 00:11:17,200 --> 00:11:20,900 co-authoring and then on top of that, you're talking to 202 00:11:21,400 --> 00:11:23,400 hundreds. If not thousands of clients 203 00:11:23,400 --> 00:11:26,400 every year that call and ask well, okay, you wrote about 204 00:11:26,400 --> 00:11:27,900 this. So how does that apply to me or, 205 00:11:27,900 --> 00:11:31,400 you know, what other questions do they have about General? 206 00:11:31,400 --> 00:11:34,000 IGA Pam. See I am then you guys know 207 00:11:34,000 --> 00:11:36,400 those three topics there. You could spend a whole life 208 00:11:36,600 --> 00:11:40,800 just with one of those and so for me it was like, okay just 209 00:11:41,400 --> 00:11:45,500 Constantly reading up on, you know, vendors offerings and 210 00:11:45,800 --> 00:11:49,500 solutions, and plus we have to be thinking on the Forefront to. 211 00:11:49,900 --> 00:11:53,600 So it was it was a lot. It was definitely a change from 212 00:11:53,600 --> 00:11:56,800 being a practitioner to analysts that I really did enjoy it. 213 00:11:56,800 --> 00:11:58,700 I think it's a, it's a really good job. 214 00:11:59,200 --> 00:12:02,200 I would recommend anybody. Who's, you know, who's 215 00:12:02,200 --> 00:12:04,400 interested in, kind of take making a change to kind of 216 00:12:04,400 --> 00:12:07,300 consider that, of course, you have to be a good speaker, a 217 00:12:07,300 --> 00:12:11,400 good writer, and, you know, good technical but, you know, Subject 218 00:12:11,400 --> 00:12:14,900 matter, expert and believe me, there's a lot of talented 219 00:12:15,400 --> 00:12:19,500 analysts out there, and it's a very sort of competitive. 220 00:12:19,500 --> 00:12:22,600 In terms of you have the best and the brightest I think, and 221 00:12:22,600 --> 00:12:26,800 at Gartner and so, if you think you're going to do go in and 222 00:12:26,800 --> 00:12:31,300 kind of, wow, everybody, your kind of I felt sort of humbled, 223 00:12:31,300 --> 00:12:35,600 you know, for I thought well, I'm 20 years and I am and here I 224 00:12:36,000 --> 00:12:39,900 come Waltzing in and tell you just you're the Newbie guy, 225 00:12:39,900 --> 00:12:44,600 okay, we'll see. Yeah, so it was very, very 226 00:12:44,600 --> 00:12:46,400 fulfilling but also very challenging. 227 00:12:47,400 --> 00:12:49,900 I think it's refreshing to hear that everyone gets imposter 228 00:12:49,900 --> 00:12:52,500 syndrome. Sometimes kind of walking into 229 00:12:52,500 --> 00:12:54,500 situations like I think I know what I'm talking about and then 230 00:12:54,500 --> 00:12:56,600 you find out was like, oh man, I don't know anywhere near as much 231 00:12:56,600 --> 00:13:00,200 as I thought I did. Yeah, I so the solution 232 00:13:00,200 --> 00:13:04,100 scorecards in my mind is a lot more detail typically than yes. 233 00:13:04,400 --> 00:13:07,100 The, the magic quadrant. I know, at least let's talk 234 00:13:07,100 --> 00:13:11,100 specifically on the magic quadrant itself Gartner. 235 00:13:11,200 --> 00:13:13,700 Discontinued doing that. I think three years ago I think 236 00:13:13,700 --> 00:13:17,000 2019 was the last one. I think the reason that I heard 237 00:13:17,000 --> 00:13:19,700 was that it was because it was so mature that they just wasn't 238 00:13:19,700 --> 00:13:23,000 really much value and now they've I think pivot into like 239 00:13:23,000 --> 00:13:26,800 a buyer's guide or something like that for that you know, I 240 00:13:26,800 --> 00:13:30,100 guess is that something you agree with is the IGA Market 241 00:13:30,100 --> 00:13:33,300 mature and there really isn't a kind of a need to continue that 242 00:13:33,300 --> 00:13:35,900 research. Or is there something else going 243 00:13:35,900 --> 00:13:37,300 on? Yeah, you're right. 244 00:13:37,300 --> 00:13:40,300 I think they kind of pivoted to a market guy and I think part of 245 00:13:40,300 --> 00:13:44,200 the issue was It seemed as, though, over the last few years 246 00:13:44,200 --> 00:13:48,000 of that report, that there's a lot of same players, and not a 247 00:13:48,000 --> 00:13:50,900 whole lot of interesting developments or changes. 248 00:13:50,900 --> 00:13:54,000 And so, and, you know, because of the criteria for the magic 249 00:13:54,000 --> 00:13:59,100 quadrant the, you kind of have to have X number of dollars in 250 00:13:59,100 --> 00:14:02,600 sales, and, you know, there's a lot of kind of criteria to even 251 00:14:02,600 --> 00:14:05,600 to get on there. And so, the gardener was 252 00:14:05,600 --> 00:14:07,700 thinking it again, I wasn't part of that decision. 253 00:14:07,700 --> 00:14:10,600 It was the kind of the other team, but from my perspective, 254 00:14:11,500 --> 00:14:13,900 What I saw was that, you know, they really wanted to try to 255 00:14:13,908 --> 00:14:16,600 include other people and, you know, include other vendors and 256 00:14:16,600 --> 00:14:20,800 give a kind of wider array of these are the kind of vendors. 257 00:14:20,800 --> 00:14:22,900 Like in the market guide, they'll talk about the IGA 258 00:14:22,900 --> 00:14:26,300 lights and you know the the up-and-comers, the established 259 00:14:26,300 --> 00:14:29,300 and Bo. And so I thought it was good in 260 00:14:29,300 --> 00:14:32,300 that sense. But unfortunately to you know, a 261 00:14:32,308 --> 00:14:35,300 lot of companies rely on that mq upper right. 262 00:14:35,300 --> 00:14:37,300 Right. So you know most of the time 263 00:14:37,300 --> 00:14:40,300 there's there they just kind of circle that upper right and say 264 00:14:40,300 --> 00:14:43,000 okay this is my Ben. I'm not going to look at 265 00:14:43,000 --> 00:14:46,100 anything else and so with the disappearing is like, people 266 00:14:46,100 --> 00:14:47,500 were liking it. What do we do now? 267 00:14:47,600 --> 00:14:50,800 You know, so but I think I think overall it's a good thing 268 00:14:50,800 --> 00:14:54,100 because I don't recommend just circling that upper quadrant. 269 00:14:54,100 --> 00:14:57,000 I mean, you gotta look at your unique use cases, you know, some 270 00:14:57,000 --> 00:15:00,400 of these Niche vendors, you know, maybe they're great but 271 00:15:00,400 --> 00:15:03,200 they only are in Latin America or Europe. 272 00:15:03,200 --> 00:15:05,900 So, but if you're over there, hey, that's to me. 273 00:15:05,900 --> 00:15:08,700 That's almost like an upper right center right there. 274 00:15:08,700 --> 00:15:14,200 So, so I think I think It was a good move in that, you know, 275 00:15:14,200 --> 00:15:18,100 they've kind of broadened, their research to include more vendors 276 00:15:18,100 --> 00:15:20,700 and then at the same time, as you said, we're doing the 277 00:15:20,708 --> 00:15:23,400 scorecards. So the scorecards really giving 278 00:15:23,400 --> 00:15:26,600 you the meat and potatoes about each vendor and comparing them. 279 00:15:27,100 --> 00:15:30,700 And so that was almost okay well you got this score cards now. 280 00:15:30,700 --> 00:15:34,300 So kind of most gave you you know a little bit different 281 00:15:35,000 --> 00:15:38,800 information but I think more focused you know. 282 00:15:38,800 --> 00:15:42,200 So one is a market and the other was more for the Architect 283 00:15:42,200 --> 00:15:45,300 implementers to really look at the capabilities, you know, in 284 00:15:45,300 --> 00:15:48,100 great detail because frankly, the magic quadrant critical 285 00:15:48,100 --> 00:15:50,600 capabilities. You know, they totally kind of 286 00:15:50,600 --> 00:15:53,700 broke down the different capabilities but they were not 287 00:15:53,700 --> 00:15:57,200 as deep. I mean, the scorecard, we did, 288 00:15:57,200 --> 00:16:02,000 was like, 300 or some criteria for each vendor. 289 00:16:02,800 --> 00:16:07,000 So it was pretty massive, and It was good for me because it 290 00:16:07,000 --> 00:16:10,100 really got gave me a chance to look at all the different 291 00:16:10,100 --> 00:16:13,500 vendors capabilities and really understand where the kind of 292 00:16:13,500 --> 00:16:16,300 differences were. And I bet that's probably been 293 00:16:16,300 --> 00:16:18,300 helpful now. You're with Sapient vice 294 00:16:18,300 --> 00:16:21,200 president of strategy. I guess I have, you know I got 295 00:16:21,200 --> 00:16:22,700 two more questions. The first question I'll let you 296 00:16:22,700 --> 00:16:24,500 answer it is. What is the vice president's 297 00:16:24,500 --> 00:16:25,700 strategy? What does that mean? 298 00:16:26,100 --> 00:16:30,100 Yeah, that's a good question. So I think one of the thing 299 00:16:30,100 --> 00:16:34,400 areas that I'm focusing on is kind of trying to look a little 300 00:16:34,400 --> 00:16:37,200 further out And you know what, attracted me to save you. 301 00:16:37,208 --> 00:16:40,500 It really was the kind of innovation culture that they 302 00:16:40,500 --> 00:16:44,000 have there in the, you know, if you just look over time of what 303 00:16:44,100 --> 00:16:48,100 savings done, we've been pretty much on the Forefront of IgA and 304 00:16:48,100 --> 00:16:52,400 now we broke broke into the pan magic quadrant as a Visionary. 305 00:16:52,600 --> 00:16:56,400 So we're kind of looking at that converged solution which we will 306 00:16:56,400 --> 00:17:00,900 get into in a bit later. But so part of it is just making 307 00:17:00,900 --> 00:17:06,000 sure that we're always looking a little bit beyond our Releases 308 00:17:06,000 --> 00:17:09,599 and seeing what are some of the big rocks out there that we need 309 00:17:09,599 --> 00:17:13,800 to either avoid or kind of, you know, incorporate into our 310 00:17:13,800 --> 00:17:16,700 overall strategy. And so might not be because in 311 00:17:16,700 --> 00:17:20,500 my title is product and Market strategy, so there's the market 312 00:17:20,500 --> 00:17:25,700 aspect is like so what should we do from Geo Market standpoint? 313 00:17:26,400 --> 00:17:29,900 You know, it's SMB or kind of big company. 314 00:17:29,900 --> 00:17:32,900 So I'm starting to look at all those and see what we're we're 315 00:17:32,900 --> 00:17:35,500 does. Make sense for Save yet to Enter 316 00:17:35,500 --> 00:17:37,900 into certain markets geographies Etc. 317 00:17:38,400 --> 00:17:43,800 And you know recently we came out with the healthcare identity 318 00:17:43,800 --> 00:17:46,700 Cloud which is basically Our Savior and Enterprise identity 319 00:17:46,700 --> 00:17:50,000 Cloud which name of our product and it's basically it's not a 320 00:17:50,000 --> 00:17:53,000 different offering but it's it's geared towards the healthcare 321 00:17:53,000 --> 00:17:57,000 industry that is kind of an overlay of configurations best 322 00:17:57,000 --> 00:17:59,900 practices accelerators. Kind of things that help you as 323 00:17:59,900 --> 00:18:03,400 a healthcare organization to kind of get your feet off the 324 00:18:03,400 --> 00:18:06,600 ground much more quickly. And kind of cater to your 325 00:18:06,700 --> 00:18:10,000 specific needs like you know, EHR integration for example. 326 00:18:10,000 --> 00:18:13,200 So so those are kind of some of the things that I'm kind of 327 00:18:13,700 --> 00:18:16,500 trying to spearhead their grad Sabian. 328 00:18:16,600 --> 00:18:18,600 And I know the solution comparison just came out from 329 00:18:18,600 --> 00:18:21,000 Gartner to about Stevia and you guys did pretty well in it. 330 00:18:21,300 --> 00:18:22,600 I guess. I don't want to turn this again 331 00:18:22,600 --> 00:18:26,200 into a commercial for Sadie n't. But what were there any kind of 332 00:18:26,200 --> 00:18:29,300 take aways or findings that kind of stuck out for you as you're 333 00:18:29,300 --> 00:18:32,700 kind of looking over what, you know, Gartner is telling telling 334 00:18:32,700 --> 00:18:37,200 you about your product. Now, Yeah, I think I mean it's 335 00:18:37,200 --> 00:18:40,200 sales very similar to the scorecards that that we just 336 00:18:40,200 --> 00:18:44,600 there is kind of two criteria when it's just the basic, what 337 00:18:44,600 --> 00:18:47,600 they call that an exact words, the core criteria and then the 338 00:18:47,600 --> 00:18:50,700 competitive. So core is basically everything 339 00:18:50,700 --> 00:18:54,700 that you as a client expect that you're going to need from an IGA 340 00:18:54,700 --> 00:18:56,200 solution. And if it's not, if it's 341 00:18:56,200 --> 00:19:00,100 missing, then you really need to justify why you would actually 342 00:19:00,100 --> 00:19:01,900 even go forward that kind of solution. 343 00:19:01,900 --> 00:19:05,400 So we did extremely high there and the other one was Additive 344 00:19:05,400 --> 00:19:09,800 which is more differentiators. Other use cases that might be a 345 00:19:09,808 --> 00:19:11,600 little more specialized in nature. 346 00:19:11,900 --> 00:19:17,500 Again we just we were in the 90s for both of those I think not 347 00:19:17,500 --> 00:19:19,300 really a whole lot of surprises there. 348 00:19:19,300 --> 00:19:22,700 In terms of it's very consistent with what the scorecard and it 349 00:19:22,700 --> 00:19:24,200 came out with a couple years ago. 350 00:19:24,600 --> 00:19:28,500 So I think it's more confirmation that you know, that 351 00:19:28,500 --> 00:19:32,600 we're still in a good leadership position in the space and then 352 00:19:32,600 --> 00:19:37,300 hopefully that with this, you know, A lot of more companies 353 00:19:37,300 --> 00:19:41,600 will recognize say Viet and you know, include us in kind of the 354 00:19:42,200 --> 00:19:46,500 as on the short list. So that's I think the goal there 355 00:19:46,500 --> 00:19:50,400 is to really be able to get on those short lists and be able 356 00:19:50,400 --> 00:19:57,300 to, you know, also being kind of as a solution making it easy as 357 00:19:57,300 --> 00:20:00,500 you guys know implementing Solutions is like IG are very 358 00:20:00,500 --> 00:20:04,200 difficult. So I think that's what we're 359 00:20:04,200 --> 00:20:07,800 kind of leading the Lee of the leading the way there, you know, 360 00:20:08,000 --> 00:20:10,900 on those capabilities. But yeah, in terms of particular 361 00:20:10,900 --> 00:20:13,800 things surprises, not a whole lot more confirmation. 362 00:20:14,400 --> 00:20:18,800 So Paul you and I caught up the other day and I was just one 363 00:20:18,800 --> 00:20:21,600 part of your background that I found so fascinating, which was 364 00:20:21,600 --> 00:20:25,800 your whole dive into the sea. I am space. 365 00:20:25,800 --> 00:20:28,000 So customer identity. Access management. 366 00:20:28,100 --> 00:20:31,300 When you're at McKesson and you made the statement. 367 00:20:31,500 --> 00:20:34,900 Yeah, we went out and got forgerock. 368 00:20:35,100 --> 00:20:42,200 Around 2011, and I'm thinking, okay, I got became aware of 369 00:20:42,900 --> 00:20:46,800 forgerock. Run 2013. 2014 McKesson was kind 370 00:20:46,800 --> 00:20:50,800 of like a, like a Marquise logo for them at a time back to. 371 00:20:50,800 --> 00:20:52,800 Yeah. What I realized was that took 372 00:20:52,800 --> 00:20:59,500 guts man to go out there and select a vendor, who was pretty 373 00:20:59,500 --> 00:21:03,000 much knew, right? I mean the product was had just 374 00:21:03,000 --> 00:21:06,600 been spun off, I guess by son. Has open source so that took 375 00:21:06,600 --> 00:21:11,500 some guts and but it must have been fun to to like take this 376 00:21:11,500 --> 00:21:15,700 product and like do all the things that was envisioned to do 377 00:21:16,000 --> 00:21:20,200 and be the kind of a Trailblazer in that respect, but I thought 378 00:21:20,200 --> 00:21:23,500 it was also cool about the conversation was like how many 379 00:21:23,500 --> 00:21:25,800 times you? And I must have passed each 380 00:21:25,800 --> 00:21:29,100 other in the hallway at the Hard Rock conferences and things like 381 00:21:29,100 --> 00:21:34,400 that and I didn't even know each other so but hey eventually we 382 00:21:34,400 --> 00:21:38,100 got to go. To know each other and I'm glad 383 00:21:38,100 --> 00:21:43,400 you're here. And I wanted to actually to and 384 00:21:43,400 --> 00:21:44,800 I'll turn this over to you does that get? 385 00:21:44,800 --> 00:21:48,100 But I wanted to pick on something that you said to 386 00:21:48,100 --> 00:21:53,600 Jeffrey is that you're the VP of product and marketing strategy 387 00:21:53,800 --> 00:21:57,500 and I think that that is pretty cool because one of the big 388 00:21:57,500 --> 00:22:02,700 trends that I see happening in the market is around this 389 00:22:03,200 --> 00:22:06,600 converged. I am Oh, it's taking these these 390 00:22:06,600 --> 00:22:11,500 product Towers whether it was, you know, I think of and I am 391 00:22:11,500 --> 00:22:15,500 like the three major Towers being access management. 392 00:22:17,200 --> 00:22:21,500 IGA or identity management, whichever you want to call it 393 00:22:21,700 --> 00:22:27,200 and privileged privileged access management and I see a shift 394 00:22:27,200 --> 00:22:30,400 away from kind of best-of-breed like this what we do we do it 395 00:22:30,400 --> 00:22:35,800 well and then we partner with the partner with best of breed 396 00:22:35,800 --> 00:22:39,900 in the other areas toward each of the vendors trying to build 397 00:22:39,900 --> 00:22:45,000 capabilities around multiple of these you know Towers if you 398 00:22:45,000 --> 00:22:48,200 will. And so I kind of see where say 399 00:22:48,200 --> 00:22:55,500 vehement started out was around IGA, but also now kind of like 400 00:22:56,000 --> 00:23:01,100 venturing into the into the Pam space, not into the single 401 00:23:01,100 --> 00:23:04,500 sign-on space. So I'm assuming that was an 402 00:23:04,500 --> 00:23:06,500 intentional part of your strategy. 403 00:23:06,800 --> 00:23:09,400 I guess I'll start there as like, is that right? 404 00:23:09,400 --> 00:23:11,200 Yeah, I think you hit the nail on the head there. 405 00:23:11,400 --> 00:23:15,400 Definitely. You know, we've actually started 406 00:23:15,600 --> 00:23:18,600 way back when we're save. You kind of did. 407 00:23:19,700 --> 00:23:23,100 Well, we called our application governance, it's are fine. 408 00:23:23,100 --> 00:23:26,400 Grained entitlements kind of management part of the product 409 00:23:26,400 --> 00:23:31,900 which we started out Genesis was a doing sap more of a Saudi and 410 00:23:31,900 --> 00:23:35,600 kind of compliance angle and then saving it grew more to a 411 00:23:35,600 --> 00:23:39,100 complete IGA sweet. This was in the early days and 412 00:23:39,100 --> 00:23:41,800 you're right. So now we're kind of it's been 413 00:23:41,800 --> 00:23:45,300 several years as I mentioned The, we did debut in the Pam 414 00:23:45,300 --> 00:23:49,400 magic quadrant as a Visionary. So again, I think the, you know, 415 00:23:49,408 --> 00:23:54,800 our Innovation and kind of mindset, we thought, and again, 416 00:23:54,800 --> 00:23:58,900 even myself, when I thought about this at Gartner, we did 417 00:23:58,900 --> 00:24:01,800 some reporting on this. I mean, the Pam, and IGA 418 00:24:01,800 --> 00:24:05,100 traditionally been very separate, but it does make a lot 419 00:24:05,100 --> 00:24:09,700 of sense to have those to be together in that you most 420 00:24:09,700 --> 00:24:13,700 definitely want your privileged users to have a whole It's 421 00:24:13,700 --> 00:24:16,400 controls around them. In fact, those are probably the 422 00:24:16,400 --> 00:24:19,500 most important ones that you want to make sure you have the 423 00:24:19,500 --> 00:24:23,600 whole lifecycle management of those identities in your IGA 424 00:24:23,600 --> 00:24:25,400 system. So it made a lot of sense from 425 00:24:25,400 --> 00:24:28,400 those two to be together. And then the other thing is, 426 00:24:29,200 --> 00:24:33,300 yes, we're kind of going to more of a just-in-time ephemeral type 427 00:24:33,700 --> 00:24:37,400 nature of identities and access rights. 428 00:24:37,600 --> 00:24:41,200 It makes sense that your IG a solution and your Pam solution 429 00:24:41,200 --> 00:24:45,200 are together because they also Are both interfacing with those 430 00:24:45,200 --> 00:24:48,300 endpoint applications. And at times, you know, we can 431 00:24:48,300 --> 00:24:53,200 generate on-the-fly elevate your privilege and that remove it as 432 00:24:53,200 --> 00:24:56,000 part of your privileged access. But then, if you're 433 00:24:56,000 --> 00:24:59,500 non-privileged, we still have that same connectivity to be 434 00:24:59,500 --> 00:25:01,700 able to manage those entitlements. 435 00:25:02,100 --> 00:25:04,800 So we could do privilege and non-privileged with the same 436 00:25:04,800 --> 00:25:07,000 kind of connectivity that we already have. 437 00:25:07,000 --> 00:25:10,500 So based on the risk, if we might decide to have you 438 00:25:11,100 --> 00:25:14,500 elevate, your, if you're An elevated risk. 439 00:25:14,500 --> 00:25:20,000 We might decide to direct you to having session recording and a 440 00:25:20,000 --> 00:25:22,500 bunch of other controls on top. So it's, I think it's going to 441 00:25:22,900 --> 00:25:24,900 continue to be. It's going to evolve into 442 00:25:24,900 --> 00:25:28,800 something much more Dynamic and kind of what we're doing in the 443 00:25:28,800 --> 00:25:31,700 future. What we're starting to look at 444 00:25:31,900 --> 00:25:37,600 is that whole application access layer where you know, we can 445 00:25:37,600 --> 00:25:42,500 dynamically You elevate, you and put those privileged access 446 00:25:42,500 --> 00:25:44,100 controls on the Fly. It's not going to be so 447 00:25:44,100 --> 00:25:46,200 separate, you know. Yeah, yeah. 448 00:25:46,200 --> 00:25:52,400 I'm kind of wondering from Market philosophy, if you will. 449 00:25:52,700 --> 00:25:59,200 It's the was if you rewind the clock for five years ago at the 450 00:25:59,200 --> 00:26:03,600 predominant message was around better together, right? 451 00:26:03,700 --> 00:26:09,200 And it seems to me that this converge I am approach is he's 452 00:26:09,200 --> 00:26:14,500 probably going to push away from that model, right? 453 00:26:14,500 --> 00:26:19,000 Because now companies are competing on on different 454 00:26:19,000 --> 00:26:22,900 fronts, right? It's going to be hard to to find 455 00:26:23,200 --> 00:26:29,800 a Best of breed mix that is the perfect set of capabilities to 456 00:26:29,800 --> 00:26:34,300 to fit my need. I guess and I don't know which 457 00:26:34,300 --> 00:26:38,100 one's better from a customer standpoint but let me put that 458 00:26:38,100 --> 00:26:41,000 question to you. What is Better for customers. 459 00:26:41,000 --> 00:26:44,100 Is it? You know, for this can converge, 460 00:26:44,200 --> 00:26:49,500 I am Trend to continue and to deepen, or is it better? 461 00:26:49,500 --> 00:26:53,000 Or did they have a better before with the Better Together 462 00:26:53,000 --> 00:26:55,900 approach? Yeah, it's great question. 463 00:26:56,300 --> 00:26:59,200 Yeah, I think that, you know, because you had asked to about, 464 00:26:59,200 --> 00:27:03,700 you know, will what about access management and into the mix? 465 00:27:03,700 --> 00:27:07,700 And I think we've decided that we're partnering for that and 466 00:27:07,700 --> 00:27:10,900 that, you know, a lot of organizations, in many cases, 467 00:27:11,300 --> 00:27:14,900 pick their access management solution, as part of, you know, 468 00:27:14,900 --> 00:27:18,500 could be their collaboration Suite or other things. 469 00:27:18,800 --> 00:27:23,100 And, in many cases, why should we kind of try to compete with a 470 00:27:23,108 --> 00:27:25,800 lot of the access management? Current Solutions out there and 471 00:27:25,800 --> 00:27:28,300 they're well established fairly. I don't know. 472 00:27:28,400 --> 00:27:32,800 Commoditize has maybe a ton of the proper word of course, I 473 00:27:32,808 --> 00:27:36,100 don't want to put down any access management vendors but 474 00:27:36,100 --> 00:27:38,800 you know they do a great job and what they do but you know in the 475 00:27:38,800 --> 00:27:41,000 sense you know the single sign-on Federation space is 476 00:27:41,000 --> 00:27:45,900 fairly mature but then it also becomes. 477 00:27:46,000 --> 00:27:49,100 It's almost like a different kind of a discipline, IGA and 478 00:27:49,100 --> 00:27:52,000 Pam are almost a different discipline that requires. 479 00:27:52,000 --> 00:27:58,800 I think a real Send how you you kind of implement IGA. 480 00:27:59,100 --> 00:28:02,500 So I think we've had a lot of success in that and so I would 481 00:28:02,500 --> 00:28:06,100 recommend for customers to you know definitely if they want to 482 00:28:06,100 --> 00:28:10,300 try to reduce the number of tools that they have in the 483 00:28:10,300 --> 00:28:13,500 course at the cisos. You know I hear that there's 80 484 00:28:13,500 --> 00:28:15,200 plus tools that they have to worry about. 485 00:28:15,200 --> 00:28:18,400 So definitely there's there's that push in the probably at the 486 00:28:18,400 --> 00:28:21,600 top level of the organization. They're going to want to have 487 00:28:21,600 --> 00:28:25,900 less tools and maybe one or two. Throws to choke and you know 488 00:28:25,900 --> 00:28:29,200 have have overall, you know, better. 489 00:28:30,700 --> 00:28:36,400 You know said spend you know, it's reduce spending total cost 490 00:28:36,400 --> 00:28:38,300 of ownership. That's the word I was looking 491 00:28:38,300 --> 00:28:42,200 for but no. Yeah I think that's right. 492 00:28:42,200 --> 00:28:44,600 I think that's right. You know I think what you're 493 00:28:44,600 --> 00:28:48,700 saying there is that an organization or that's a buyer. 494 00:28:49,100 --> 00:28:50,700 We've got to figure out what we need. 495 00:28:50,700 --> 00:28:53,300 Right? And yeah, not over by just 496 00:28:53,300 --> 00:28:56,600 because hey, something Got all these bells and whistles, but I 497 00:28:56,608 --> 00:28:58,700 will say, is an interesting time. 498 00:28:59,100 --> 00:29:04,800 That is converged identity. Converged, I am movement is 499 00:29:04,800 --> 00:29:09,300 taking place because at the same time, each one of those Towers, 500 00:29:09,700 --> 00:29:13,400 all three of them are becoming much more complex than they've 501 00:29:13,400 --> 00:29:16,600 ever been. I mean, look at access 502 00:29:16,600 --> 00:29:20,800 management with password List. Look at ya, you know, identity 503 00:29:20,800 --> 00:29:24,900 management with verified credential, you know, I Oh and 504 00:29:24,900 --> 00:29:28,300 identity proofing. Look at I think that's the 505 00:29:28,300 --> 00:29:30,600 biggest one privileged access management. 506 00:29:30,700 --> 00:29:35,200 The space is just humongous when you think about managing 507 00:29:35,200 --> 00:29:38,400 privilege in the cloud which basically all Cloud 508 00:29:38,400 --> 00:29:41,900 infrastructure access is privileged access. 509 00:29:42,100 --> 00:29:47,100 So exactly, you know, like as much as we might want to go from 510 00:29:47,100 --> 00:29:51,400 80 products to one that might not be the right answer, you 511 00:29:51,400 --> 00:29:52,200 know. Yeah. 512 00:29:52,200 --> 00:29:55,900 Having one 30-minute trip. We all felt Kind of understand 513 00:29:55,900 --> 00:29:59,200 what that's all about, but that's not necessarily the right 514 00:29:59,200 --> 00:30:00,500 answer, right? Yeah. 515 00:30:00,700 --> 00:30:04,200 And I think for today, if you're looking at Solutions today, I 516 00:30:04,200 --> 00:30:08,500 would definitely, you know, obviously if you could do a 517 00:30:08,508 --> 00:30:11,900 converge solution with with as many solutions as possible, 518 00:30:11,900 --> 00:30:16,000 that's obviously great for Matty Co and cost and support, but I 519 00:30:16,000 --> 00:30:19,100 would definitely don't compromise the functionality 520 00:30:19,400 --> 00:30:23,100 that you need, you know, for a system such as IGA and Pam and 521 00:30:23,100 --> 00:30:24,900 access management man there. Important. 522 00:30:24,900 --> 00:30:28,500 So they could really make or break your security posture. 523 00:30:28,500 --> 00:30:32,100 So you got, you know, it's not like you're you're getting some 524 00:30:32,100 --> 00:30:34,100 other software that's not Mission critical. 525 00:30:34,100 --> 00:30:38,000 So, I would definitely say you don't compromise and your 526 00:30:38,000 --> 00:30:40,500 requirements. And, and frankly up to this 527 00:30:40,500 --> 00:30:42,900 point, I have not seen. You know, those that are offered 528 00:30:42,900 --> 00:30:45,800 kind of a lightweight lightweight IGA is part of 529 00:30:45,800 --> 00:30:47,600 access management or other solutions. 530 00:30:48,200 --> 00:30:51,800 That I haven't seen a lot of progress where they really are, 531 00:30:52,600 --> 00:30:57,000 are providing the depth of The functionality that that's a 532 00:30:57,000 --> 00:30:59,100 Sapient. And other IGA companies are 533 00:30:59,100 --> 00:31:01,600 providing. So again, so there is an 534 00:31:01,600 --> 00:31:03,100 acknowledgement there that is hard. 535 00:31:03,100 --> 00:31:03,700 You know. All right. 536 00:31:03,700 --> 00:31:07,100 Gia is not easy. Why I want to get into governs 537 00:31:07,100 --> 00:31:09,000 Logan. I think you hit on something 538 00:31:09,000 --> 00:31:12,600 that I tend to have a bone to pick with vendors and in any 539 00:31:12,600 --> 00:31:16,300 space is they're selling you way more than you'll ever actually 540 00:31:16,300 --> 00:31:18,800 need or use. So, I think of smaller IGA 541 00:31:18,800 --> 00:31:23,200 players that are out there like, I Lantus secure and, you know, 542 00:31:23,200 --> 00:31:27,300 Etc, that have Very good products and they might be good 543 00:31:27,300 --> 00:31:30,200 enough for the vast majority of the use cases, that, that 544 00:31:30,200 --> 00:31:33,700 organization is trying to solve. So I find it interesting as we 545 00:31:33,700 --> 00:31:36,000 kind of had this conversation, go along and you know, obviously 546 00:31:36,000 --> 00:31:38,300 got the established dominant players, like yourself and say, 547 00:31:38,300 --> 00:31:43,500 0.0 Mata and kind of others. And it's almost like we've gone 548 00:31:43,500 --> 00:31:46,300 full circle here, where we started off with platforms 549 00:31:46,500 --> 00:31:48,600 about. I don't know 20 years ago where 550 00:31:48,600 --> 00:31:54,300 it was like I am CA Oracle parapsychology don't even fit 551 00:31:54,500 --> 00:31:56,000 Events are not flexible enough, right? 552 00:31:56,000 --> 00:31:58,700 And then you have the upstarts, these little startups like sale 553 00:31:58,700 --> 00:32:00,100 Point. Nobody knows who the heck, they 554 00:32:00,100 --> 00:32:01,800 are right. They came in and kind of help 555 00:32:01,800 --> 00:32:04,600 disrupt things. And now, it's like we could go. 556 00:32:04,600 --> 00:32:09,100 We need an IGA tool and now the industry is again shifting 557 00:32:09,100 --> 00:32:11,400 towards. Okay, well, we need a, a 558 00:32:11,400 --> 00:32:14,100 converged tool which in my mind, I hear that was cool. 559 00:32:14,100 --> 00:32:15,500 That sounds like a platform to me. 560 00:32:16,300 --> 00:32:18,200 We have a bunch of these texts that, you know, things that are 561 00:32:18,208 --> 00:32:21,700 kind of working together. I want to get specifically into 562 00:32:21,700 --> 00:32:25,000 the governance, I think gay. Thank a lot of organizations 563 00:32:25,000 --> 00:32:27,400 struggle with just basic identity. 564 00:32:27,400 --> 00:32:31,500 Governance, that's where, you know, your cells sale point 565 00:32:31,500 --> 00:32:36,000 omata. I Lantus secure ends, IBM one, 566 00:32:36,000 --> 00:32:37,800 identity. I mean, there are dozens of 567 00:32:37,800 --> 00:32:42,200 products in this space and through I guess I'm curious you 568 00:32:42,200 --> 00:32:45,200 know what from your perspective sitting in the shoes that you've 569 00:32:45,200 --> 00:32:48,600 had as both a Gartner analyst and now you know on the vendor 570 00:32:48,600 --> 00:32:50,700 side of things with stadion? What is it? 571 00:32:50,708 --> 00:32:56,200 That makes it so hard for people to Actually do and do right? 572 00:32:56,200 --> 00:32:59,600 Yeah, that's a great question. And, you know, I was privileged 573 00:32:59,600 --> 00:33:03,700 to one of my first report was a gardener was guidance for 574 00:33:03,700 --> 00:33:08,100 successful, IGA, implementations and got chance to talk a lot of 575 00:33:08,500 --> 00:33:13,400 lot of Gartner clients about this document and in, yeah, the 576 00:33:13,600 --> 00:33:17,400 there's definitely there's so many parts to to answer that 577 00:33:17,400 --> 00:33:20,900 question, but I think it's always comes down to, if you 578 00:33:20,900 --> 00:33:26,000 think about IGA it's almost like a I think of the The garbage in 579 00:33:26,000 --> 00:33:30,200 garbage out kind of Paradigm in that you know your IGA is as 580 00:33:30,200 --> 00:33:34,100 good as the data that comes into it and the and the data that 581 00:33:34,100 --> 00:33:38,500 comes out and there's so many opportunities to make mistakes 582 00:33:38,500 --> 00:33:41,300 that could be resolved in hundreds, if not thousands of 583 00:33:41,308 --> 00:33:44,100 people losing access or getting the wrong access and then you 584 00:33:44,100 --> 00:33:47,300 getting a black eye because of its you know, Asia as the I am 585 00:33:47,300 --> 00:33:49,800 architect. And you know I've been there not 586 00:33:49,800 --> 00:33:52,700 at that scale but I've been on the side of you. 587 00:33:52,800 --> 00:33:55,600 Oops. You know somehow All those 50 588 00:33:55,600 --> 00:33:59,300 people got deeper vision, sees, and a lot of times, it's okay. 589 00:33:59,300 --> 00:34:03,300 Well HR you know, kicked something off and we did what HR 590 00:34:03,300 --> 00:34:07,100 said, you know? So a lot of it is, is 591 00:34:07,800 --> 00:34:10,300 understanding the data and making sure you have good data 592 00:34:10,300 --> 00:34:13,400 governance from all the way from your sources of Truth, all the 593 00:34:13,400 --> 00:34:18,100 way to the applications and really from a people process 594 00:34:18,300 --> 00:34:22,100 standpoint, you even before you get an IGA solution, I should 595 00:34:22,100 --> 00:34:25,800 tell clients this that gardener You know, document and 596 00:34:25,800 --> 00:34:29,199 understand all those business processes and make sure, you 597 00:34:29,199 --> 00:34:32,900 know, who's responsible for what information and who's 598 00:34:32,900 --> 00:34:35,900 responsible for that business process and get them on your 599 00:34:35,900 --> 00:34:38,199 side. Because you're essentially 600 00:34:38,500 --> 00:34:40,800 automating a lot of that and IGA tool. 601 00:34:41,300 --> 00:34:44,800 So I'd say that's one thing. The other is your, you always 602 00:34:44,800 --> 00:34:47,300 want to start with your business drivers. 603 00:34:47,300 --> 00:34:49,400 You know, and Garner. We had the kind of this 604 00:34:49,400 --> 00:34:55,500 Foursquare chart that said, one was risk and Risk and compliance 605 00:34:55,500 --> 00:34:59,000 the other was security, and the other one other was operational 606 00:34:59,000 --> 00:35:01,900 efficiency and not forget the other one. 607 00:35:01,900 --> 00:35:08,000 But anyway, but my point is that you should always start from 608 00:35:08,000 --> 00:35:10,500 what are your business drivers? What are you trying to achieve? 609 00:35:10,500 --> 00:35:14,400 And what is the top management want to see in this solution, 610 00:35:14,600 --> 00:35:17,500 you know and it could it could change over time. 611 00:35:17,500 --> 00:35:20,100 It could be one of those you know one year and then it 612 00:35:20,100 --> 00:35:23,200 changes to another but if you're able to start and then Define 613 00:35:23,200 --> 00:35:26,800 those use cases. From the top drivers, all the 614 00:35:26,808 --> 00:35:30,200 way down that's going to help you kind of scope and prioritize 615 00:35:30,500 --> 00:35:33,900 your deployment and that's kind of the other part of this answer 616 00:35:33,900 --> 00:35:36,800 is that your deployment should be very well. 617 00:35:37,000 --> 00:35:41,500 This is as thinly or kind of scoped, you know, very carefully 618 00:35:41,500 --> 00:35:45,800 to, you know, minimize the damage that if something goes 619 00:35:45,800 --> 00:35:49,700 wrong that it's kind of minute minimal minimized so to speak. 620 00:35:49,700 --> 00:35:54,300 So and I look at IGA, it's kind of a novice Swiss army knife but 621 00:35:54,400 --> 00:35:57,400 So many little bells and whistles that are part of these 622 00:35:57,400 --> 00:36:00,200 tools. That it's easy to, okay, I got 623 00:36:00,200 --> 00:36:04,700 this new tool and I'm just going to click the buttons and do a 624 00:36:04,707 --> 00:36:07,500 bunch of cool stuff, but that's really a mistake. 625 00:36:07,500 --> 00:36:10,500 And there's no manual that's going to tell you what to do at, 626 00:36:10,500 --> 00:36:12,100 what time, that's where you guys come in. 627 00:36:12,100 --> 00:36:14,800 That's where, you know, implementers and people who are 628 00:36:14,800 --> 00:36:18,800 experienced at deployments come in and that's kind of the last 629 00:36:18,800 --> 00:36:22,400 thing I'll say is bring someone in that really knows what 630 00:36:22,400 --> 00:36:24,100 they're doing. They have some Battle Scars. 631 00:36:24,100 --> 00:36:27,000 They I work in your industry, they've deployed the tools that 632 00:36:27,000 --> 00:36:31,300 you've selected and you know, it's all about minimizing the 633 00:36:31,300 --> 00:36:34,800 risk of going sideways, may you bring up a good point there. 634 00:36:34,800 --> 00:36:36,600 I think there's something that, you know, we talked with our 635 00:36:36,607 --> 00:36:39,600 clients all the time is, you know, a lot of times, yes, you 636 00:36:39,600 --> 00:36:41,900 know, your personal technology and kind of, you know what, you 637 00:36:41,900 --> 00:36:44,400 want to get out of it. When your experience, with that 638 00:36:44,400 --> 00:36:47,800 technology will be greatly impacted by whoever's putting it 639 00:36:47,800 --> 00:36:49,400 in place. So having people have that 640 00:36:49,400 --> 00:36:51,900 experience and do have those Battle Scars as you mentioned, 641 00:36:51,900 --> 00:36:52,500 right? Yeah. 642 00:36:52,700 --> 00:36:54,300 You kind of helped me kind of keep things. 643 00:36:54,500 --> 00:36:56,300 On the straight and narrow. Keep you honest formica 644 00:36:56,300 --> 00:36:59,900 capability standpoint. I got kind of will side question 645 00:36:59,900 --> 00:37:03,900 here because you know I think there is there are still a lot 646 00:37:03,900 --> 00:37:08,300 of companies that have not taken the plunge into an IGA platform 647 00:37:09,000 --> 00:37:11,500 for whatever reason. It may be, it could be, you 648 00:37:11,500 --> 00:37:13,700 know, the company size is really small and they're getting by 649 00:37:13,700 --> 00:37:16,200 with just a can full of people and it's probably Overkill at 650 00:37:16,200 --> 00:37:20,000 that point, I still see a lot of organizations that are quite big 651 00:37:20,100 --> 00:37:22,800 hundreds. Thousands of users that are not 652 00:37:22,800 --> 00:37:24,500 in the IGA space. Ali. 653 00:37:24,500 --> 00:37:27,800 They might have something like Microsoft, identity, manager or 654 00:37:27,800 --> 00:37:33,200 some sort of, you know, kind of homegrown sort of semi identity 655 00:37:33,800 --> 00:37:35,100 thing. Maybe it doesn't do the 656 00:37:35,100 --> 00:37:37,500 governance and maybe just to keep it as tration, right, 657 00:37:37,600 --> 00:37:38,100 right. Yes. 658 00:37:38,800 --> 00:37:43,900 What I I'm curious to hear your perspective on is when is it the 659 00:37:43,900 --> 00:37:49,100 right time for an organization to invest in an IGA platform and 660 00:37:49,100 --> 00:37:53,400 say okay you know ex-service? Well I'll just pick on him, you 661 00:37:53,400 --> 00:37:55,000 know, Microsoft a manager. Art as well. 662 00:37:55,000 --> 00:37:57,800 We get by with it fine. But when is the right time to 663 00:37:57,800 --> 00:37:59,800 say? Okay we need to kind of graduate 664 00:37:59,800 --> 00:38:03,700 into modern identity management and we think IG is the right 665 00:38:03,700 --> 00:38:06,200 space to go. Yeah. 666 00:38:06,200 --> 00:38:07,800 Yeah, definitely. I think yeah there's a couple 667 00:38:07,800 --> 00:38:11,400 factors there. One would be as you said most in 668 00:38:11,400 --> 00:38:15,400 most cases that you'll see the tools like ma'am or maybe even 669 00:38:15,400 --> 00:38:18,000 spreadsheets like people are doing access certifications by 670 00:38:18,000 --> 00:38:21,600 doing you know, CSV extracts and putting a dumping it all into a 671 00:38:21,607 --> 00:38:26,300 database and and so there's As a number of areas, I think where 672 00:38:26,300 --> 00:38:29,300 companies are just going to start to see the feel the pain, 673 00:38:29,400 --> 00:38:33,600 you know of either they're going to get an audit finding or God, 674 00:38:33,600 --> 00:38:37,400 forbids, something happens and you know, compromise of some 675 00:38:37,400 --> 00:38:39,900 kind. So, this, hopefully there's not 676 00:38:39,900 --> 00:38:43,800 that event that that turns people to IGA, but I think a lot 677 00:38:43,800 --> 00:38:48,600 of it is the pain and definitely at around 1,000 or so. 678 00:38:49,300 --> 00:38:51,600 Employees is where I think most people. 679 00:38:51,900 --> 00:38:55,100 Most companies will feel that pain because it just Too hard to 680 00:38:55,107 --> 00:38:59,000 manage that manually, and it's kind of Jim alluded to the cloud 681 00:38:59,000 --> 00:39:02,600 infrastructure. Every user is an entitled, every 682 00:39:02,600 --> 00:39:06,600 users a privileged user. And if you look at the cloud and 683 00:39:06,600 --> 00:39:09,100 Timeless themselves, that's kind of hundreds of thousands of 684 00:39:09,100 --> 00:39:11,700 entitlements that nobody really knows. 685 00:39:12,100 --> 00:39:15,600 If it's being used out there being used or not and they are 686 00:39:15,600 --> 00:39:18,400 you overprivileged, which the answers 99%. 687 00:39:18,400 --> 00:39:22,000 Yes. So there's a lot of reasons why 688 00:39:22,000 --> 00:39:24,200 it makes sense for kind of those. 689 00:39:24,300 --> 00:39:27,200 And those organizations to start looking at IGA and the other 690 00:39:27,200 --> 00:39:30,600 thing is, you know, given now that these Solutions are SAS 691 00:39:30,600 --> 00:39:34,200 delivered called a gardener basically, you know, consumable 692 00:39:34,200 --> 00:39:36,500 in the cloud you don't need to stand up servers and 693 00:39:36,500 --> 00:39:39,000 infrastructure. Which you guys know back in the 694 00:39:39,008 --> 00:39:41,400 day was a pain in the pain in the rear. 695 00:39:41,800 --> 00:39:45,400 And so that with that also comes, you know, with these 696 00:39:45,400 --> 00:39:47,700 smaller organizations. They just don't have the staff 697 00:39:47,700 --> 00:39:52,400 to stand up a, I am solution. So now that they have a SAS 698 00:39:52,400 --> 00:39:56,200 solution, I think there's very little Reasons why not to, you 699 00:39:56,200 --> 00:39:59,500 know, if you are kind of at that size to where it's just too 700 00:39:59,500 --> 00:40:04,900 painful to manage manually, you know, and or regulations, I 701 00:40:04,900 --> 00:40:09,500 heard a stat, the couple weeks ago about the Privacy, there's 702 00:40:09,500 --> 00:40:13,800 like 75% of the world now has some sort of privacy regulations 703 00:40:13,800 --> 00:40:16,600 and I know that's kind of more on the consumer side of things, 704 00:40:16,600 --> 00:40:19,800 but it's not going to go away anytime soon. 705 00:40:19,800 --> 00:40:23,500 There's there's going to be more regulations and, and there's 706 00:40:23,500 --> 00:40:27,800 going to be Riley. Some new cyber security laws and 707 00:40:28,200 --> 00:40:32,300 Reporting and responsibilities of reporting things so I think 708 00:40:32,300 --> 00:40:33,700 it's just going to get even more. 709 00:40:34,300 --> 00:40:39,200 So imperative for every company to be you know, cyber have a 710 00:40:39,207 --> 00:40:42,400 good cyber hygiene. The IGA is definitely one of the 711 00:40:42,400 --> 00:40:45,100 tools that'll help you in that journey. 712 00:40:45,900 --> 00:40:48,400 I think that was a great answer is like as you're going I was 713 00:40:48,400 --> 00:40:50,300 like up, but did you think of it? 714 00:40:50,800 --> 00:40:54,100 Now we just answer that but the way I was going to put it was 715 00:40:55,100 --> 00:40:57,500 When did you IGA before? It's too late. 716 00:40:57,500 --> 00:41:01,300 So that was the, that major event item that you brought up, 717 00:41:01,300 --> 00:41:05,800 or, I mean, before you hit some kind of rapid growth. 718 00:41:05,800 --> 00:41:08,200 I move we worked with the company, Jeff. 719 00:41:08,200 --> 00:41:13,200 And I, that quickly became 10,000 employees and did not 720 00:41:13,200 --> 00:41:17,900 have an IGA system in place that's Way Beyond, you know, too 721 00:41:17,900 --> 00:41:21,500 late. And I'll say one quick thing on 722 00:41:21,500 --> 00:41:27,000 that, sorry to interrupt, but Ma Days and companies that do merge 723 00:41:27,600 --> 00:41:32,700 or divest without IGA solution. It's like a very difficult 724 00:41:32,700 --> 00:41:35,800 because you don't know what user has access to what, you know, 725 00:41:35,800 --> 00:41:38,400 like you guys say you're beginning your podcast, it's all 726 00:41:38,400 --> 00:41:42,800 about who has access to what you and I that's what I GA gives you 727 00:41:42,800 --> 00:41:48,300 that answer and for those kind of m&a, situations, or you just 728 00:41:48,600 --> 00:41:52,300 there's no way that you can figure that out easily when 729 00:41:52,300 --> 00:41:56,300 you're doing those sorts of mas. And And maybe even Partnerships, 730 00:41:56,600 --> 00:41:58,800 you know, more and more, especially smaller companies are 731 00:41:58,800 --> 00:42:01,300 partnering with other companies. So there's a lot of B2B 732 00:42:01,500 --> 00:42:04,400 relationships sticks. Here's what happens. 733 00:42:04,400 --> 00:42:08,000 Here's what happened. So we got this phrase in in our 734 00:42:08,000 --> 00:42:13,300 industry of jml Joyner, move earlier, I always love to fall 735 00:42:13,300 --> 00:42:17,800 back on ads, remove changes but it's the same thing, right? 736 00:42:18,600 --> 00:42:23,400 You have to be able to provision access when people join remove 737 00:42:23,400 --> 00:42:27,300 access when they leave the company and you need to change 738 00:42:27,300 --> 00:42:29,100 our success when they move around. 739 00:42:29,100 --> 00:42:32,600 So as you grow, if you don't have automation, the first thing 740 00:42:32,600 --> 00:42:34,600 to die of is that we deal with changes. 741 00:42:35,000 --> 00:42:38,700 The second thing to die off is that we remove people when they 742 00:42:38,700 --> 00:42:41,200 don't meet access anymore. When they've left the 743 00:42:41,200 --> 00:42:44,600 organization, we're always going to give people access because 744 00:42:44,900 --> 00:42:46,400 this creaky wheel gets the grease. 745 00:42:46,400 --> 00:42:49,100 If somebody doesn't have the access, they're going to squeak. 746 00:42:49,100 --> 00:42:53,200 So as you grow, well beyond that, that ability to manage it 747 00:42:53,200 --> 00:42:57,600 manually is Those processes fall off and you just do the minimum 748 00:42:57,600 --> 00:43:00,300 to get by. You become very insecure. 749 00:43:00,500 --> 00:43:03,600 So that was my answer. I'm gonna say before it's too 750 00:43:03,600 --> 00:43:08,600 late but not until you have the time to devote to doing it, 751 00:43:08,600 --> 00:43:11,500 right? Because if you start a project 752 00:43:11,500 --> 00:43:14,200 and your smes don't have the bandwidth to support the 753 00:43:14,200 --> 00:43:18,900 project, you wind up spending a bunch of money for people to 754 00:43:19,100 --> 00:43:22,500 follow up with people to try and get things to work when they've 755 00:43:22,500 --> 00:43:25,300 got other priorities. And so I see see this in my 756 00:43:25,300 --> 00:43:28,600 project sometimes where it's like, hey we've got the budget 757 00:43:28,600 --> 00:43:34,100 for implementing an IGA right now, but our HR team can't 758 00:43:34,100 --> 00:43:37,500 really support it and are as your team, can't really support 759 00:43:37,500 --> 00:43:39,800 it and our ticketing management team. 760 00:43:39,800 --> 00:43:43,600 Can't really support it. So, use the IEM and this is on 761 00:43:43,600 --> 00:43:46,200 the integrator size like you just sit there and you bug 762 00:43:46,200 --> 00:43:49,700 people and you send reminder emails and you join calls and 763 00:43:49,700 --> 00:43:53,400 nobody joins on the other side. So if your, when you go into a 764 00:43:53,400 --> 00:43:57,500 project to implement, IGA just make sure you remember it's 765 00:43:57,500 --> 00:44:00,300 Middle where it doesn't do stuff by itself. 766 00:44:00,300 --> 00:44:05,600 It requires integration to all these other systems and if the 767 00:44:05,600 --> 00:44:10,000 teams on the other end on time to support it is going to cost a 768 00:44:10,008 --> 00:44:15,200 lot more it's going to go a lot slower degree and if you made a 769 00:44:15,207 --> 00:44:18,100 good point around, that's another kind of tentative 770 00:44:18,200 --> 00:44:20,100 successful implementation, is it? 771 00:44:20,300 --> 00:44:21,700 Yeah. If you're able to start like a 772 00:44:21,700 --> 00:44:25,500 year ahead of even choosing a vendor, And you just start 773 00:44:25,500 --> 00:44:28,800 socializing it and you start getting the HRS and all the 774 00:44:28,800 --> 00:44:32,900 right teams kind of onboard and then they can kind of standing. 775 00:44:32,900 --> 00:44:34,400 Yeah. And then they Coulda say, okay, 776 00:44:34,400 --> 00:44:37,900 I'm going to kind of carve out a few hours or something. 777 00:44:38,100 --> 00:44:40,900 Make sure that my Engineers have availability for you. 778 00:44:41,200 --> 00:44:43,900 You know, next quarter, you know, the worst thing is to kind 779 00:44:43,900 --> 00:44:46,100 of come up last minute and say you know, I'm implementing the 780 00:44:46,100 --> 00:44:47,900 system this weekend, can you support me? 781 00:44:48,400 --> 00:44:51,700 You know, that's the way to make enemies very quick make enemies 782 00:44:51,700 --> 00:44:54,700 like to not succeed. Exactly one. 783 00:44:54,900 --> 00:44:56,800 Stereo that I wanted to touch on. 784 00:44:57,000 --> 00:45:00,700 Ignore, you know, going along those converged identity and you 785 00:45:00,700 --> 00:45:05,700 guys really take it at least a secondary focus on privileged 786 00:45:05,700 --> 00:45:08,400 access management. However, you want to find that 787 00:45:09,000 --> 00:45:13,600 I'm not trying to put words in your mouth, but in terms of this 788 00:45:13,600 --> 00:45:17,900 privileged access management and the cloud specifically was 789 00:45:17,900 --> 00:45:21,100 really it's so here's my perspective is that the IM 790 00:45:21,100 --> 00:45:25,800 practitioners are inheriting a cloud, Environment at some 791 00:45:25,800 --> 00:45:30,000 point. So typically what I see is that 792 00:45:30,400 --> 00:45:34,700 some development team, had a project to launch some 793 00:45:34,700 --> 00:45:40,000 applications in. They get an AWS account and 794 00:45:40,000 --> 00:45:44,000 start doing it more in a modern way where they're doing 795 00:45:44,000 --> 00:45:47,400 containerization. They're doing devops. 796 00:45:47,800 --> 00:45:51,800 And then the it the the I am will call it. 797 00:45:51,800 --> 00:45:54,700 The I am team comes along and it's like we've got a secure. 798 00:45:54,800 --> 00:45:57,100 This. You got to take all the controls 799 00:45:57,100 --> 00:46:00,100 that we have in our on-prem environment. 800 00:46:00,100 --> 00:46:02,600 We need to apply those in the cloud. 801 00:46:03,800 --> 00:46:06,400 But they're behind there behind the curve, right? 802 00:46:06,400 --> 00:46:07,900 All this stuff is already been built. 803 00:46:07,900 --> 00:46:12,200 So my question is, where do you think they should start? 804 00:46:12,400 --> 00:46:16,600 So should they start by doing, you know, taking their existing, 805 00:46:17,100 --> 00:46:21,500 I am tools and you know, trying to see how far they can get in 806 00:46:21,500 --> 00:46:26,000 the cloud with those. Is it that they should, you 807 00:46:26,000 --> 00:46:29,300 know, really just I don't know. Let me know that question. 808 00:46:29,300 --> 00:46:33,300 You, where do you think the practitioner should start? 809 00:46:33,400 --> 00:46:34,700 Art. Yeah. 810 00:46:34,700 --> 00:46:38,700 And and I think that's really why some of these Solutions. 811 00:46:38,700 --> 00:46:42,000 You know, I wrote a paper on on this before they actually called 812 00:46:42,000 --> 00:46:45,100 it. See I am or Kim but there's 813 00:46:45,100 --> 00:46:50,100 emergence of these these vendors that address that specific use 814 00:46:50,100 --> 00:46:51,700 case around the cloud entitlements. 815 00:46:51,700 --> 00:46:54,600 And I think that's somewhat came up. 816 00:46:54,800 --> 00:46:58,600 From fact, I think I don't know the status like, 80 years 90 817 00:46:58,600 --> 00:47:02,400 percent of organizations are multi-cloud and so yeah you 818 00:47:02,400 --> 00:47:06,300 might have a strategy Around your AWS or Azure kind of access 819 00:47:06,300 --> 00:47:09,300 management. But once your multi-cloud, how 820 00:47:09,300 --> 00:47:11,500 is it that you're going to kind of make sense of all of those 821 00:47:11,700 --> 00:47:15,700 entitlements and kind of from that again, from that place to 822 00:47:15,700 --> 00:47:18,200 answer who has access to, what were they doing with it. 823 00:47:18,500 --> 00:47:24,300 So, in some cases, if you have, I mean, right now, I believe 824 00:47:24,700 --> 00:47:28,400 will at least save you and we had we've already had some sort 825 00:47:28,400 --> 00:47:32,900 of this built into our product around the cloud entitlements. 826 00:47:33,400 --> 00:47:37,600 And but other salute, other vendors have kind of done some 827 00:47:37,600 --> 00:47:40,700 Acquisitions, you know, like Microsoft acquired Cloud Knox. 828 00:47:40,800 --> 00:47:44,300 So that's part of their permissions management and so, I 829 00:47:44,300 --> 00:47:47,700 think there's some kind of movement going on in the market. 830 00:47:47,700 --> 00:47:50,800 I would participate there be similar things going on there. 831 00:47:50,800 --> 00:47:54,700 Sale Point acquired, something, cyborg built built their own 832 00:47:54,800 --> 00:47:58,300 kind of Kim capability. So it's definitely an area that 833 00:47:58,300 --> 00:48:00,800 has arisen. So if you have a product 834 00:48:00,800 --> 00:48:03,700 already, obviously, you may already have some Those 835 00:48:03,700 --> 00:48:09,800 capabilities built-in and therefore like us again we have 836 00:48:10,100 --> 00:48:13,500 we have that capability to. So I would recommend that if you 837 00:48:13,500 --> 00:48:17,200 don't and you already have Solutions built in and you're 838 00:48:17,200 --> 00:48:21,000 looking for a kind of specialized Solutions, make sure 839 00:48:21,000 --> 00:48:24,300 that they have supported Integrations with a lot of the 840 00:48:24,300 --> 00:48:26,800 different, you know, the vendors. 841 00:48:27,500 --> 00:48:30,500 So the answer, you're more or less going with is is the key, 842 00:48:30,500 --> 00:48:32,500 man. Sir, and I was interesting 843 00:48:32,500 --> 00:48:36,200 because those kind of Thinking that you're going to go with 844 00:48:36,200 --> 00:48:41,100 more of the, the governance IGA answer, which is like, hey, make 845 00:48:41,100 --> 00:48:45,500 sure that in your IGA system, you kind of know who has access 846 00:48:45,500 --> 00:48:50,600 to what, which may be that. I kind of feel like Keem bolts 847 00:48:50,600 --> 00:48:52,100 onto that. It exactly. 848 00:48:52,500 --> 00:48:53,900 I mean, that was always my opinion. 849 00:48:53,900 --> 00:48:56,900 When we kind of came up with the acronym its Cloud 850 00:48:56,900 --> 00:48:59,400 infrastructure, entitlement management it to me. 851 00:48:59,400 --> 00:49:04,700 That's IGA, but the Market vendors, Is kind of taken a 852 00:49:04,707 --> 00:49:06,800 different kind of approach. You know. 853 00:49:06,800 --> 00:49:11,000 Pam vendors are jumping on the him bandwagon so I guess from a 854 00:49:11,500 --> 00:49:14,900 vendor perspective may not always be inherent in the Kim. 855 00:49:14,900 --> 00:49:19,300 Still in a IG, a solution ours is so I always thought that 856 00:49:19,300 --> 00:49:22,200 that's your right there. Kind of they should be very 857 00:49:22,200 --> 00:49:25,100 tightly integrated or within the same solution that would be my 858 00:49:25,500 --> 00:49:29,600 my recommendation for sure. So I have three questions for 859 00:49:29,600 --> 00:49:34,900 you is it Linux or line x 2? Tomato or tomato. 860 00:49:35,200 --> 00:49:36,700 Kim. Or key more? 861 00:49:36,700 --> 00:49:39,600 Just answer that third one. Yeah, it's definitely Kim. 862 00:49:40,000 --> 00:49:41,700 Yeah. So we came up with instead of 863 00:49:41,800 --> 00:49:47,600 see I am which sounds a lot like see I am so we said okay also I 864 00:49:47,600 --> 00:49:51,000 think there was another way we're looking at a cloud access 865 00:49:51,000 --> 00:49:53,600 management cam or something. We should know that's the not 866 00:49:53,600 --> 00:49:56,000 going to work, soak it. So we thought Kim was kind of a 867 00:49:56,008 --> 00:50:00,900 cute way of, you know, calling see IEM without trying to 868 00:50:00,900 --> 00:50:03,300 confuse it. You put a name on a very complex 869 00:50:03,400 --> 00:50:04,900 Problem. Yeah, exactly. 870 00:50:05,100 --> 00:50:07,700 Exactly. I know we're running out of time 871 00:50:07,700 --> 00:50:08,900 here. So I want to make sure that we 872 00:50:08,900 --> 00:50:10,800 are. We have enough time to talk 873 00:50:10,800 --> 00:50:14,600 about another passion of yours which is classic cars. 874 00:50:15,100 --> 00:50:17,300 So we kind of end on a lighter note around here, that's going 875 00:50:17,300 --> 00:50:19,600 to bring things up from the very heavy identity governance 876 00:50:19,600 --> 00:50:22,500 talked. We just had I guess here's my 877 00:50:22,500 --> 00:50:25,000 first question for you. I guess how do you define a 878 00:50:25,000 --> 00:50:28,900 classic car and then the second part of that is, what is your 879 00:50:28,900 --> 00:50:31,000 ultimate classic car? Yeah. 880 00:50:31,900 --> 00:50:33,200 Yeah we'll definitely a classic car. 881 00:50:33,400 --> 00:50:36,100 I kind of am from a career standpoint, would be something 882 00:50:36,100 --> 00:50:42,100 that's kind of, at least is older than like a 70. 883 00:50:42,900 --> 00:50:45,700 Don't know as funny because I'm in a car club and we just 884 00:50:45,700 --> 00:50:52,400 updated our inclusion criteria. This from like a 72 and older to 885 00:50:52,400 --> 00:50:55,200 like 79. So, I think somewhere in the 70s 886 00:50:55,200 --> 00:50:58,100 that a, You could argue, I'm sure there's people that want to 887 00:50:58,100 --> 00:51:00,100 make it, you know, if some 80s cars. 888 00:51:00,100 --> 00:51:03,300 But frankly, I think the 80s is really where things. 889 00:51:03,400 --> 00:51:07,600 Going downhill with the terms of cars and performance, but really 890 00:51:07,600 --> 00:51:11,300 those classic cars youth least the way I look at it is, you 891 00:51:11,300 --> 00:51:16,100 know, they have super big engines that don't get good gas 892 00:51:16,100 --> 00:51:17,900 mileage. Unfortunately, for those of you 893 00:51:17,900 --> 00:51:20,100 out there, don't mean to offend anyone. 894 00:51:20,400 --> 00:51:25,400 But it's so it's basically and then they're, they're like weigh 895 00:51:25,400 --> 00:51:28,900 a ton that you look at them demand, they're just huge. 896 00:51:29,100 --> 00:51:32,700 You know, cars and they have really good looking Interiors. 897 00:51:32,700 --> 00:51:35,200 A lot of them. Um, maybe even more modeled 898 00:51:35,200 --> 00:51:38,000 after airplanes and stuff, the airplane interiors and things. 899 00:51:38,000 --> 00:51:42,200 So there's a lot of kind of different approaches to classic 900 00:51:42,200 --> 00:51:44,800 cars, but I would say, definitely something in the 70s 901 00:51:44,800 --> 00:51:47,900 or earlier goes back all the way to the 30s. 902 00:51:48,400 --> 00:51:54,300 And something that could possibly be really fast and loud 903 00:51:54,700 --> 00:51:58,100 and a lot of different colors to, you know, two-tone 904 00:51:58,100 --> 00:52:00,600 interiors, and those kind of things. 905 00:52:00,600 --> 00:52:04,300 So my favorite of course, is I'm going to say The class car that 906 00:52:04,300 --> 00:52:10,700 I have is a 1964 Buick Riviera. And so the Riviera that's first 907 00:52:10,700 --> 00:52:14,100 year they came out with 63, I got a 64, they call those. 908 00:52:14,100 --> 00:52:17,300 The first Generations, they had a number of generations where 909 00:52:17,300 --> 00:52:19,900 they kind of changed the body style but that's my favorite 910 00:52:20,300 --> 00:52:23,900 from 63 to 65. The body style is I think the 911 00:52:23,900 --> 00:52:27,000 coolest so you guys you know can can check those out on the 912 00:52:27,000 --> 00:52:31,700 internet but very different from the other 60s cars at the time. 913 00:52:31,700 --> 00:52:34,900 If you look at like the Impalas Or the the Thunderbird was kind 914 00:52:34,900 --> 00:52:37,300 of the first. The Ford Thunderbird was kind of 915 00:52:37,308 --> 00:52:42,200 the first what they call a personal luxury vehicle and that 916 00:52:42,200 --> 00:52:43,900 was kind of what Ford was wanting to do. 917 00:52:44,300 --> 00:52:47,200 So you know I'm sleepy awaken others came out with their 918 00:52:47,200 --> 00:52:50,000 version. So definitely the Buick Riviera 919 00:52:50,000 --> 00:52:55,000 is my favorite So far, if I get another one, I'll let you know 920 00:52:55,000 --> 00:52:58,500 as I might change my mind. Jim. 921 00:52:58,500 --> 00:53:00,000 How about yourself? What do you got for a classic 922 00:53:00,000 --> 00:53:04,100 car. So if I had to pick one, it 923 00:53:04,100 --> 00:53:10,300 would be the 57 Corvette. It's kind of a roadster. 924 00:53:10,700 --> 00:53:15,000 I mean those cars are just like they just scream luxury and 925 00:53:15,300 --> 00:53:19,200 performance but not luxury. They scream performance from 926 00:53:19,200 --> 00:53:23,700 that era and they're just You can't help but turn your head 927 00:53:23,700 --> 00:53:27,600 when one goes by. So but the thing is I'm not that 928 00:53:27,600 --> 00:53:31,000 handy so I'd have to buy one to somebody else restored. 929 00:53:31,100 --> 00:53:34,500 I don't have to have a mechanic. Who would come in, do repairs on 930 00:53:34,500 --> 00:53:36,500 it. So it would be a lot more 931 00:53:36,500 --> 00:53:40,600 expensive than, than just, you know, getting one and restoring 932 00:53:40,600 --> 00:53:42,400 it myself. That's not going to happen. 933 00:53:43,600 --> 00:53:46,300 Couple you Jeff. Well I'm not much of a car guy 934 00:53:47,200 --> 00:53:49,300 and we were kind of joking about this before we hit record is 935 00:53:49,300 --> 00:53:51,600 like you know mine is going to be, you know, we're probably 936 00:53:51,600 --> 00:53:54,900 like oh it's you know the first Tesla Roadster some like that 937 00:53:54,900 --> 00:53:59,600 because I have a big family like you know, if I could have my fun 938 00:53:59,600 --> 00:54:02,300 answer will be the door and from Back to the Future, I'm going to 939 00:54:02,308 --> 00:54:05,300 call that classic only because it's from my past, my youth. 940 00:54:06,100 --> 00:54:07,600 I've always been a fan of the Lamborghini. 941 00:54:07,600 --> 00:54:10,700 Diablo, I just love the way it looks. 942 00:54:10,700 --> 00:54:12,800 I'm more of like a Supercar kind of classic. 943 00:54:13,800 --> 00:54:17,000 You know, I think that, I think that the whole point of that 944 00:54:17,000 --> 00:54:19,300 vehicle was that it had to be as fast as possible. 945 00:54:19,500 --> 00:54:21,300 I think I like had to wake be, at least. 946 00:54:21,800 --> 00:54:24,800 I'm not sure what the mph were, but I had to be a be able to go 947 00:54:24,800 --> 00:54:28,500 at least 315 km/h, which is crazy. 948 00:54:28,500 --> 00:54:32,000 Fast is fast. Yeah, so I was, that would 949 00:54:32,000 --> 00:54:33,600 probably be like my classic card. 950 00:54:34,200 --> 00:54:35,900 I don't think that was goes back to the 70s. 951 00:54:35,900 --> 00:54:39,500 I can't be part of Paul's Club, but it's like any other. 952 00:54:39,600 --> 00:54:41,400 It's like any other industry, where you a classic, write all 953 00:54:41,400 --> 00:54:43,200 the music that I used to listen in high school? 954 00:54:43,500 --> 00:54:46,400 Is now on classic, you know, radio stations. 955 00:54:46,400 --> 00:54:49,600 So at some point you know, you'll hear Nirvana on the 956 00:54:49,600 --> 00:54:51,900 oldies station and you're going to realize what the hell 957 00:54:51,900 --> 00:54:54,700 happened to my life souls and take? 958 00:54:54,700 --> 00:54:57,000 It was just yesterday. So whenever a Lamborghini 959 00:54:57,000 --> 00:54:59,200 Diablo, we, my will be my answer. 960 00:55:01,100 --> 00:55:04,200 Well, I like the Countach man. That was like the 80s. 961 00:55:04,200 --> 00:55:08,800 Yeah, like the Miami Vice kind of Swing the door swing and all 962 00:55:08,800 --> 00:55:12,300 the Lamborghinis are sweet. All right, we've had a lot of 963 00:55:12,300 --> 00:55:14,300 good conversation today. Say, you know, Paul, I know we 964 00:55:14,300 --> 00:55:16,600 want a little bit longer than we probably anticipated, but really 965 00:55:16,600 --> 00:55:19,300 appreciate you kind of helping be part of this conversation, 966 00:55:19,300 --> 00:55:21,300 kind of share your expertise and viewpoints. 967 00:55:22,500 --> 00:55:23,700 We're going to go ahead and leave it. 968 00:55:23,700 --> 00:55:26,800 I think for this week, we know now with our classic car 969 00:55:26,800 --> 00:55:29,700 selections, are we know a lot more about the IGA space and 970 00:55:29,700 --> 00:55:32,200 some of the things that people should be considering when it 971 00:55:32,200 --> 00:55:35,900 comes to deployments and selecting products and so forth. 972 00:55:35,900 --> 00:55:38,400 We also got some scoop on some Gartner stuff which is pretty 973 00:55:38,400 --> 00:55:40,500 cool and kind of pulling back the curtain a little bit. 974 00:55:40,800 --> 00:55:43,100 So, thank you for that and also in our show notes, I'll have a 975 00:55:43,100 --> 00:55:45,800 link To Paul, hopefully he's okay with me asking him for the 976 00:55:45,800 --> 00:55:48,500 first time on air since he's okay with connecting with people 977 00:55:48,500 --> 00:55:49,900 on LinkedIn. So I won't do that. 978 00:55:50,300 --> 00:55:53,100 Also have a link to Sabian and their website and kind of find 979 00:55:53,100 --> 00:55:56,800 out more about what CBN sup to from an identity perspective in 980 00:55:56,800 --> 00:55:59,200 our show notes as well as links for Jim. 981 00:55:59,200 --> 00:56:01,500 And I if people want to connect their and we're also have to 982 00:56:01,500 --> 00:56:04,600 continue the conversation. So you can also find us on the 983 00:56:04,600 --> 00:56:06,100 web. We're at identity at the 984 00:56:06,107 --> 00:56:10,100 center.com. We're on Twitter at idac podcast 985 00:56:10,500 --> 00:56:12,300 and with that. Thanks everyone for listening 986 00:56:12,400 --> 00:56:14,300 and we'll talk with everyone. One in the next one. 987 00:56:17,700 --> 00:56:20,600 Thanks for listening to the identity at the center podcast. 988 00:56:20,700 --> 00:56:23,000 If you like what you heard, don't forget to subscribe and 989 00:56:23,000 --> 00:56:25,800 visit us on the web and identity at the center.com.