1 00:00:00,080 --> 00:00:03,400 If you go to a mom and pop shop and say, hey, bring your own 2 00:00:03,400 --> 00:00:05,760 identity, they're just going to be looking at you. 3 00:00:05,760 --> 00:00:09,160 Like, yeah, sure. Here's my driver's license, 4 00:00:09,160 --> 00:00:10,120 Yeah. Exactly. 5 00:00:10,120 --> 00:00:11,960 Here's my passport. Yeah, have fun, right. 6 00:00:13,520 --> 00:00:18,320 And then it is the the matter of how do you actually control who 7 00:00:19,000 --> 00:00:21,040 has which access is in your system. 8 00:00:21,920 --> 00:00:27,800 So let's say you on board a partner, they are predominantly 9 00:00:27,800 --> 00:00:30,600 doing something, some infrastructure project for you. 10 00:00:31,280 --> 00:00:35,880 How do you ensure that that project doesn't give them access 11 00:00:35,880 --> 00:00:42,680 to, to confidential information? If you have a milk supplier who, 12 00:00:42,680 --> 00:00:45,840 who brings in fresh milk every day, right? 13 00:00:46,320 --> 00:00:51,480 How do you make sure that they have access to their sales 14 00:00:51,480 --> 00:00:54,800 numbers and and all that, but can't see the the competitive 15 00:00:55,280 --> 00:00:58,600 competitors information? So. 16 00:00:58,880 --> 00:01:01,720 So yeah. So Eve Mailer was on the stage 17 00:01:01,720 --> 00:01:04,680 yesterday. She talks about treating 18 00:01:04,680 --> 00:01:07,720 identity as a product, right? Because you have all these 19 00:01:07,720 --> 00:01:10,840 different stakeholders who want different things and essentially 20 00:01:10,840 --> 00:01:15,800 become a product manager. You know, you're a security 21 00:01:15,800 --> 00:01:19,200 practitioner in one sense, but you're also thinking about 22 00:01:19,720 --> 00:01:24,560 marketing and the the customer experience and prioritizing 23 00:01:24,560 --> 00:01:26,360 that. Did a lot of what she talked 24 00:01:26,360 --> 00:01:29,920 about yesterday bring true from your perspective of how do I 25 00:01:29,920 --> 00:01:34,920 balance all these stakeholders to get to what I'm going to be 26 00:01:34,920 --> 00:01:38,440 releasing next month? From an enhancement perspective, 27 00:01:38,680 --> 00:01:42,960 how do you keep up with the authentication or the delegated 28 00:01:42,960 --> 00:01:47,040 administration or hey, the users are having a problem with this, 29 00:01:47,040 --> 00:01:49,200 like how do you balance all that? 30 00:01:54,800 --> 00:01:59,960 This is identity at the center if it has anything to do with 31 00:02:00,000 --> 00:02:04,600 IAM. This is the go to podcast now 32 00:02:04,600 --> 00:02:08,479 your hosts Jim McDonald and Jeff Steadman. 33 00:02:14,520 --> 00:02:16,120 Welcome to the Identity Center Podcast. 34 00:02:16,120 --> 00:02:17,440 I'm Jeff, and that's Jim. Hey, Jim. 35 00:02:17,640 --> 00:02:18,600 Hey. Jeff, how are you? 36 00:02:18,600 --> 00:02:23,280 Oh, not so bad yourself. Doing great EIC 2025. 37 00:02:23,400 --> 00:02:25,320 Berlin, Germany. We made it to the stage. 38 00:02:25,520 --> 00:02:27,520 We made it to We're on the keynote stage. 39 00:02:27,840 --> 00:02:31,640 We are on the keynote stage with an audience of literally four 40 00:02:31,640 --> 00:02:32,360 people. I think. 41 00:02:32,480 --> 00:02:35,120 Yes, exactly. So, yeah, good time. 42 00:02:35,120 --> 00:02:37,440 So thank you very much to Marina, who is just over there 43 00:02:37,440 --> 00:02:39,440 behind the camera. Give us a thumbs up for helping 44 00:02:39,440 --> 00:02:41,600 us set this up. Obviously, Martin, for, you 45 00:02:41,600 --> 00:02:43,840 know, inviting us out here and it's been a great conference so 46 00:02:43,840 --> 00:02:46,960 far for first time being in Berlin, first time being at AIC, 47 00:02:47,960 --> 00:02:49,800 I'm sure. No surprise, this is one of the 48 00:02:50,000 --> 00:02:53,320 best organized conferences I've ever been to. 49 00:02:53,320 --> 00:02:58,000 Everything's like clockwork. And you know me, the snacks. 50 00:02:58,280 --> 00:03:00,240 Let me do a rating of the snacks right now. 51 00:03:00,560 --> 00:03:05,720 Fantastico the the cooler with the soda. 52 00:03:05,720 --> 00:03:07,920 Pop, that's the highlight for me because I don't drink coffee, I 53 00:03:07,920 --> 00:03:10,200 don't drink tea, but if there's cola or something like that 54 00:03:10,280 --> 00:03:13,040 where I can get my coffee, chips, orange soda, thumbs up 55 00:03:13,040 --> 00:03:15,680 for that. I will say I'm so far been 56 00:03:15,680 --> 00:03:18,600 disappointed by one thing and that is the lack of cookies. 57 00:03:19,240 --> 00:03:22,160 I everyone knows I judge the conference on the quality of 58 00:03:22,160 --> 00:03:23,920 their cookies and I have not seen a cookie yet. 59 00:03:24,160 --> 00:03:25,120 Maybe they'll make an appearance. 60 00:03:25,120 --> 00:03:27,680 This is only two. Different cookies here they're 61 00:03:27,720 --> 00:03:29,920 they're over by the coffee. That's a problem. 62 00:03:29,920 --> 00:03:32,400 OK all. Right, I stand corrected. 63 00:03:32,440 --> 00:03:35,280 Apologies to. Wonderful butter cookies this 64 00:03:35,280 --> 00:03:36,880 morning. Oh, you missed out. 65 00:03:36,920 --> 00:03:39,000 OK. All right, why don't we get into 66 00:03:39,000 --> 00:03:40,080 it? Because we have our gentleman 67 00:03:40,360 --> 00:03:42,560 guest sitting here next to us. He is Jerome Thorsensen. 68 00:03:42,560 --> 00:03:44,560 He is the I am architect with Selling group. 69 00:03:44,560 --> 00:03:46,560 We're going to find out what that means, but welcome to the 70 00:03:46,560 --> 00:03:47,280 show. Thanks. 71 00:03:48,480 --> 00:03:52,680 So thank you guys for having me. It's been a pleasure to meet you 72 00:03:52,680 --> 00:03:57,200 in in life a long time listener. So I was really psyched when you 73 00:03:57,200 --> 00:03:59,720 guys reached out and and asked me to come on the show. 74 00:03:59,720 --> 00:04:01,680 Well. We're so appreciative you taking 75 00:04:01,680 --> 00:04:03,400 the time. I know that this is a busy time. 76 00:04:03,640 --> 00:04:06,400 You're going to be giving a a presentation I think later this 77 00:04:06,400 --> 00:04:07,520 week we're going to talk about that. 78 00:04:07,520 --> 00:04:09,920 But if you're a listener, you know what our first question is 79 00:04:09,920 --> 00:04:10,680 going to be. Oh yes. 80 00:04:10,720 --> 00:04:13,160 How did you get into identity? Is it something that you chose 81 00:04:13,160 --> 00:04:18,720 or did it choose you? I think we kind of trauma bonded 82 00:04:18,959 --> 00:04:23,160 identity and, and I so back in the day, I started out as a 83 00:04:23,160 --> 00:04:27,560 techie, I was heavy into infrastructure, servers, some 84 00:04:27,560 --> 00:04:29,440 network firewalls, all that stuff. 85 00:04:30,760 --> 00:04:37,000 And if you asked me like 10 years ago that if I saw a future 86 00:04:37,000 --> 00:04:42,240 in I am, I might have been smiling and saying, Nah, that's 87 00:04:42,240 --> 00:04:48,040 just user management right? Then I I've got on boards doing 88 00:04:48,040 --> 00:04:54,360 cybersecurity, did a pen test on a fairly big international 89 00:04:54,880 --> 00:05:01,800 client and to my horror I was like 5 minutes in doing it 90 00:05:01,880 --> 00:05:05,320 enumeration on Active Directory where I started pulling out 91 00:05:05,320 --> 00:05:09,000 passwords and clear text in the description fields and found 92 00:05:09,000 --> 00:05:12,680 custom attributes with initial password set. 93 00:05:12,680 --> 00:05:14,920 So people always hear about this story, right? 94 00:05:14,920 --> 00:05:16,560 Oh, there's clear text passwords. 95 00:05:16,560 --> 00:05:19,280 Yeah, it is legit. It happens in real life. 96 00:05:19,600 --> 00:05:22,720 Oh yes, Oh yes, to this day it. Still happens. 97 00:05:23,240 --> 00:05:25,720 So for people not familiar with selling group, give us a little 98 00:05:25,720 --> 00:05:27,520 bit about what selling group is. And I just realized my 99 00:05:27,520 --> 00:05:29,760 microphone was like over here. So I'm going to try to make this 100 00:05:29,760 --> 00:05:31,240 a little bit better for me. Yeah. 101 00:05:31,840 --> 00:05:34,640 So selling group is kind of a fun size. 102 00:05:34,640 --> 00:05:40,000 So to to compare it for the US listeners, it is kind of like 103 00:05:40,000 --> 00:05:46,200 having a parent company that operates Target, operates 104 00:05:46,640 --> 00:05:52,080 Nordstrom, operates LD, Trader Joe's, stuff like that, right. 105 00:05:52,640 --> 00:05:58,160 So we have 5 major labels that we fully own. 106 00:05:58,800 --> 00:06:03,480 And then we do franchises for stuff like Starbucks, we do some 107 00:06:03,480 --> 00:06:08,400 flowers, food delivery servers, fresh fish to your doorstep, 108 00:06:08,480 --> 00:06:12,920 stuff like that. And we are located in 109 00:06:13,160 --> 00:06:17,320 Scandinavia, so we have the HQ in Denmark. 110 00:06:17,920 --> 00:06:22,640 We are represented here in Germany, Poland, and we just 111 00:06:22,640 --> 00:06:27,520 acquired Remy Baltic, so now we're in the Baltics as well, 112 00:06:27,840 --> 00:06:30,080 heavily. So it's a small company is what 113 00:06:30,080 --> 00:06:31,920 you're. Trying to say small company 114 00:06:31,920 --> 00:06:33,800 72,000 employees. Oh, that's it. 115 00:06:33,960 --> 00:06:34,720 All right. Yeah. 116 00:06:35,920 --> 00:06:39,120 So tell us about you're here to present. 117 00:06:39,120 --> 00:06:42,280 You'll be on this very stage Friday, right? 118 00:06:42,360 --> 00:06:43,640 Yeah. And you're going to be talking 119 00:06:43,640 --> 00:06:47,720 about securing and navigating B to B. 120 00:06:48,040 --> 00:06:50,800 So that's. Your focus within the identity 121 00:06:50,800 --> 00:06:55,400 suites, Well, tell us about that, that presentation, what is 122 00:06:55,920 --> 00:06:59,040 the main topic? Oh, I'm, I'm going to be 123 00:06:59,040 --> 00:07:02,720 standing here on the stage and, and sharing my, my pain points 124 00:07:02,720 --> 00:07:07,440 with the managing B2B. So basically it is all about how 125 00:07:07,440 --> 00:07:12,760 do you take your supply chain and making sure that they are 126 00:07:12,760 --> 00:07:16,880 just as compliant and as, as secure as you are, because it, 127 00:07:17,520 --> 00:07:21,360 it comes down to, to trust at the moment. 128 00:07:21,360 --> 00:07:24,040 Then we have the the NS-2 hitting us. 129 00:07:26,160 --> 00:07:29,200 It's just a past as a law in Denmark like 2 weeks ago or 130 00:07:29,200 --> 00:07:32,920 something like that. So it is the whole how do you 131 00:07:32,920 --> 00:07:36,360 fast track and this to implementation? 132 00:07:36,840 --> 00:07:41,640 How do you make sure that you have cybersecurity resilience 133 00:07:41,640 --> 00:07:45,200 within your supply chain and how do you on board and off board 134 00:07:45,200 --> 00:07:48,240 vendors because we have everything from small mom and 135 00:07:48,240 --> 00:07:51,640 pop shops to to big corporate climates. 136 00:07:52,840 --> 00:07:56,920 So I knew said the the title of your presentation starts with 137 00:07:56,920 --> 00:08:00,200 identity first, which I think really means their identity at 138 00:08:00,200 --> 00:08:02,200 the centre. I think they're somewhat 139 00:08:02,200 --> 00:08:05,760 interchangeable. Feel free to disagree with that, 140 00:08:07,040 --> 00:08:10,960 but why did you start the presentation title identity 141 00:08:10,960 --> 00:08:12,880 first? Well, because I'm a strong 142 00:08:12,880 --> 00:08:17,840 believer that the identity first approach is the key in this 143 00:08:18,640 --> 00:08:21,320 modern tech stack we we worked in today. 144 00:08:21,720 --> 00:08:24,080 I mean, we don't have any perimeters anymore. 145 00:08:24,560 --> 00:08:27,280 We moved everything or slowly moving everything to, to the 146 00:08:27,280 --> 00:08:30,080 cloud. So that parameter is long gone. 147 00:08:31,160 --> 00:08:33,600 And that's why you you need to kind of look at. 148 00:08:33,600 --> 00:08:42,320 So how can I manage security and what are the, this, this stuff I 149 00:08:42,320 --> 00:08:45,600 can deal with, right? So for us it is definitely 150 00:08:45,600 --> 00:08:50,240 identities. We can manage and control access 151 00:08:51,120 --> 00:08:58,600 on identities and on devices and all that more easily today than 152 00:08:59,120 --> 00:09:02,520 than just applying the old logic of perimeter first rank. 153 00:09:02,800 --> 00:09:06,600 So there's a lot of, I guess, struggle sometimes where you 154 00:09:06,600 --> 00:09:11,240 have these external partners and I guess how do you make sure 155 00:09:11,240 --> 00:09:13,760 that they're on board with what it is that you're doing? 156 00:09:14,000 --> 00:09:18,200 So, you know, it's a challenge is you've set up this, you know, 157 00:09:18,200 --> 00:09:20,960 maybe it's a federation or maybe you're studying up SAML or open 158 00:09:20,960 --> 00:09:24,680 ID connect or whatever it may be, but you're still reliant on 159 00:09:25,000 --> 00:09:27,760 the vendor, the partner, the B to B side of things or B, you 160 00:09:27,760 --> 00:09:31,760 know, whatever it may be to actually hook up and then follow 161 00:09:31,760 --> 00:09:34,960 your own policies and standards. How do you essentially train 162 00:09:35,400 --> 00:09:38,120 your partners to do it that way with you? 163 00:09:38,480 --> 00:09:40,520 Oh, it's a headache. It's a headache. 164 00:09:41,200 --> 00:09:44,400 No so, so you usually if you look at retail, we are really 165 00:09:44,400 --> 00:09:47,400 good at doing something like private label or white labeling 166 00:09:47,400 --> 00:09:51,320 stuff. So instead of a fully on boarded 167 00:09:52,160 --> 00:09:57,400 partner, we could potentially say, let's say we have a line of 168 00:09:57,400 --> 00:10:00,920 products that we sell at a discounted price because it's 169 00:10:00,920 --> 00:10:07,520 our brand, but all the, all the product descriptions and 170 00:10:07,520 --> 00:10:10,560 everything we get from whoever made the product. 171 00:10:11,360 --> 00:10:14,440 So we would like to onboard them and say, OK, so if any product 172 00:10:14,440 --> 00:10:19,400 changes happens, then you have the ability to to go in and and 173 00:10:19,400 --> 00:10:22,800 edit this. I won't say real time, but but 174 00:10:22,800 --> 00:10:29,040 close to, to real time, right? And the thing here is for a big 175 00:10:29,040 --> 00:10:33,320 company or supplier, it is easier for them to hook up to 176 00:10:34,160 --> 00:10:38,960 doing single sign on or Samo or something like that, right? 177 00:10:40,040 --> 00:10:43,360 And that's perfectly fine. But if you go to a mom and pop 178 00:10:43,360 --> 00:10:47,000 shop and say, hey, bring your own identity, they're just going 179 00:10:47,000 --> 00:10:49,680 to be looking at you. Like, yeah, sure. 180 00:10:49,720 --> 00:10:51,440 Here's my driver's license exactly. 181 00:10:51,880 --> 00:10:55,640 Here's. My passport have fun right and 182 00:10:55,640 --> 00:11:01,400 then it is the the matter of how do you actually control who has 183 00:11:01,400 --> 00:11:06,880 which access is in your system. So let's say you on board a 184 00:11:06,880 --> 00:11:11,920 partner, they are predominantly doing some some infrastructure 185 00:11:11,920 --> 00:11:15,480 project for you. How do you ensure that that 186 00:11:15,480 --> 00:11:19,680 project doesn't give them access to to confidential information? 187 00:11:20,480 --> 00:11:27,320 If you have a milk supplier who who brings in fresh milk every 188 00:11:27,320 --> 00:11:29,680 day, right? How do you make sure that they 189 00:11:29,680 --> 00:11:35,320 have access to their sales numbers and and all that, but 190 00:11:35,320 --> 00:11:39,280 can't see the the competitive competitors information? 191 00:11:40,200 --> 00:11:41,080 So. So yeah. 192 00:11:41,800 --> 00:11:44,240 So Eve Mailer was on the stage yesterday. 193 00:11:44,240 --> 00:11:48,800 She talks about treating identity as a product, right? 194 00:11:48,800 --> 00:11:51,480 Because you have all these different stakeholders who want 195 00:11:51,480 --> 00:11:55,480 different things and essentially become a product manager. 196 00:11:55,560 --> 00:11:59,320 You know, you're a security practitioner in one sense, but 197 00:11:59,320 --> 00:12:03,800 you're also thinking about marketing and the the customer 198 00:12:03,800 --> 00:12:06,840 experience and prioritizing that. 199 00:12:07,240 --> 00:12:10,080 Did a lot of what she talked about yesterday bring true from 200 00:12:10,080 --> 00:12:13,440 your perspective of how do I balance all these stakeholders 201 00:12:13,440 --> 00:12:18,800 to get to what I'm going to be releasing next month? 202 00:12:18,800 --> 00:12:22,600 From an enhancement perspective, how do you keep up with the 203 00:12:22,600 --> 00:12:27,800 authentication or the delegated administration or hey, the users 204 00:12:27,800 --> 00:12:30,800 are having a problem with this, like how do you balance all 205 00:12:30,800 --> 00:12:34,960 that? It rings true in, in my world, I 206 00:12:34,960 --> 00:12:41,960 am a firm believer that you can actually put I am as a business 207 00:12:41,960 --> 00:12:47,760 enabler. So it's, it's, it's kind of a 208 00:12:48,360 --> 00:12:53,000 fun balance you are looking at we. 209 00:12:53,520 --> 00:12:55,160 So no, actually let me rephrase that. 210 00:12:55,160 --> 00:12:58,720 So what we're looking to do is providing our vendors with a 211 00:12:58,720 --> 00:13:03,760 self-service portal. So let's say you buy or get 212 00:13:03,760 --> 00:13:07,960 access for for 10 people in your organization to have access to 213 00:13:07,960 --> 00:13:12,640 to our system. For whatever reason, we would 214 00:13:12,640 --> 00:13:16,320 actually prefer to give self-service portal saying here 215 00:13:16,320 --> 00:13:21,120 is the general framework. This is how we run business and 216 00:13:21,120 --> 00:13:26,200 we are going to rely on you managing your employees access. 217 00:13:26,960 --> 00:13:30,320 We are just sitting in the background on doing the final 218 00:13:30,320 --> 00:13:31,680 tracks right. That's right. 219 00:13:32,000 --> 00:13:34,520 Now, Jerome, this is the one thing that I was interested in. 220 00:13:34,520 --> 00:13:38,320 I had a chance to talk to Eve was all right, as as the 221 00:13:38,360 --> 00:13:40,720 identity practitioner, the owner of identity. 222 00:13:41,520 --> 00:13:47,200 Is it my responsibility to, you know, kind of work with all 223 00:13:47,200 --> 00:13:50,640 these folks and take all their inputs, get them to work with 224 00:13:50,640 --> 00:13:53,880 each other and understand? Because one of the keywords she 225 00:13:53,880 --> 00:13:57,000 had in her presentation yesterday was to get the 226 00:13:57,000 --> 00:13:59,760 stakeholders to empathize with the needs of the other 227 00:13:59,760 --> 00:14:01,880 stakeholders. In other words, marketing to 228 00:14:01,880 --> 00:14:05,160 understand the needs of security and vice versa, which I thought 229 00:14:05,200 --> 00:14:09,920 was tremendously insightful. But I wonder, is it our job to 230 00:14:09,920 --> 00:14:13,080 kind of orchestrate and to facilitate all of that? 231 00:14:13,640 --> 00:14:17,320 It seems to fall on us a lot. It falls on us a lot, yes. 232 00:14:17,320 --> 00:14:21,240 And I, I'm also a firm believer that it is part of our 233 00:14:21,240 --> 00:14:27,880 responsibility because I believe that we are kind of in a unique 234 00:14:27,880 --> 00:14:32,400 situation where we understand where they're coming from and we 235 00:14:32,400 --> 00:14:35,720 know where they're heading and, and stuff like that. 236 00:14:35,720 --> 00:14:44,240 So we are kind of the, the in between a lot of vendors and us 237 00:14:44,400 --> 00:14:48,720 and our suppliers, right. So we're kind of navigating this 238 00:14:48,760 --> 00:14:51,720 as that's collaboration. Yeah, well. 239 00:14:52,000 --> 00:14:53,200 Let me pull something else out there. 240 00:14:53,200 --> 00:14:56,960 What happens if no if? If you don't do it, who does? 241 00:14:56,960 --> 00:15:00,480 If the I am person doesn't do it except who's doing it? 242 00:15:00,720 --> 00:15:05,360 That's why I think we usually wind up because I think I am or 243 00:15:05,360 --> 00:15:09,360 identity, digital identity attracts a lot of people who 244 00:15:09,360 --> 00:15:11,120 are. Not a good looking people. 245 00:15:11,520 --> 00:15:13,960 Yeah, identity, people of the greatest. 246 00:15:13,960 --> 00:15:16,960 Let's, let's just start there. No, I think a lot of people who 247 00:15:16,960 --> 00:15:19,800 are are leaders. I think being a leader in 248 00:15:20,040 --> 00:15:22,560 today's day and age isn't just barking out orders. 249 00:15:22,560 --> 00:15:27,480 It's getting people to the table, getting them to empathize 250 00:15:27,480 --> 00:15:29,560 with one another. And I think it's just natural 251 00:15:29,560 --> 00:15:31,840 for many of us to step into that role. 252 00:15:32,960 --> 00:15:38,240 So basically leading without Oh, what's it called without? 253 00:15:38,440 --> 00:15:39,680 Leading without title. Right. 254 00:15:39,680 --> 00:15:41,480 Exactly. Yeah, absolutely. 255 00:15:41,520 --> 00:15:44,200 Yeah. So no, I think there is the 256 00:15:44,200 --> 00:15:48,480 whole human aspect of it. And I think if you look at the 257 00:15:48,480 --> 00:15:51,840 classical set up where you have security, they are more 258 00:15:51,840 --> 00:15:54,880 compliance based. They are more, these are the 259 00:15:54,880 --> 00:15:58,840 rules, stay within the boundaries we set and go have 260 00:15:58,840 --> 00:16:01,320 fun. And we are kind of more 261 00:16:01,320 --> 00:16:03,000 concerned with, yeah, that's fine. 262 00:16:03,000 --> 00:16:07,240 But we we also need to to put a human angle on it and be like, 263 00:16:07,240 --> 00:16:10,840 OK, but this will affect you in this and this this way. 264 00:16:11,840 --> 00:16:16,880 And if it is very bad, it's simply us who's going to be 265 00:16:16,880 --> 00:16:20,480 having that conversation with security and say, OK, guys, we 266 00:16:20,480 --> 00:16:22,800 know this is best practice, but come on. 267 00:16:22,880 --> 00:16:27,480 If we need to to get our day-to-day jobs to work, can we 268 00:16:27,480 --> 00:16:30,880 relax this policy a little bit and then enforce it? 269 00:16:30,880 --> 00:16:32,480 Yeah. Try to negotiate. 270 00:16:32,480 --> 00:16:35,720 Yeah, exactly. So I wanted to point something 271 00:16:35,720 --> 00:16:41,920 else out that you wrote an article last year and it's so if 272 00:16:41,920 --> 00:16:44,160 folks connect to you on LinkedIn, they can see you 273 00:16:44,160 --> 00:16:46,600 posted it and get to the article. 274 00:16:46,600 --> 00:16:50,520 But it was about A back in the context of B to B. 275 00:16:50,960 --> 00:16:54,360 And I think you called it a game changer. 276 00:16:54,360 --> 00:16:58,720 And I wanted to ask you why do you think a back is game changer 277 00:16:59,080 --> 00:17:02,240 which is attribute based access control? 278 00:17:02,440 --> 00:17:05,680 Yeah, so we we've all been messing around with role based 279 00:17:05,680 --> 00:17:08,119 access control for for years now, right. 280 00:17:08,119 --> 00:17:10,560 It came out in the 90s. The struggle is. 281 00:17:10,599 --> 00:17:12,359 Real in the years. Yeah, exactly. 282 00:17:13,119 --> 00:17:18,400 So no, what I'm my approach was I was managing a huge stack of 283 00:17:19,400 --> 00:17:23,640 security groups. So if you do the classical RBAC, 284 00:17:23,640 --> 00:17:28,079 you have one security group that links to an application and and 285 00:17:28,079 --> 00:17:33,960 role within the application. Now imagine you have two and a 286 00:17:33,960 --> 00:17:38,600 half thousand stores already. You, you just bought, you just 287 00:17:39,240 --> 00:17:42,560 had two and a half thousand security roles by default. 288 00:17:43,520 --> 00:17:48,480 Now Add all the applications. Let's just pick a #1600. 289 00:17:49,560 --> 00:17:51,960 We'll see how that that spins out of control real fast, right? 290 00:17:53,120 --> 00:17:57,600 To to put some real world numbers on I'm I'm managing just 291 00:17:57,600 --> 00:18:00,720 close to 61,000 users at the moment. 292 00:18:02,360 --> 00:18:04,320 And that's just that. Is that everybody? 293 00:18:04,320 --> 00:18:06,600 Is that B to B? Is no, that's, that's, that's 294 00:18:07,080 --> 00:18:13,320 core employees. OK, Yeah, I have 67,000 security 295 00:18:13,320 --> 00:18:15,520 groups. Which sounds about right. 296 00:18:15,520 --> 00:18:17,960 You have more security groups and you have users. 297 00:18:17,960 --> 00:18:20,080 That's totally normal part. Exactly. 298 00:18:20,600 --> 00:18:24,280 But if you don't flip, flip it and go to ABAC, then you're 299 00:18:24,280 --> 00:18:28,640 looking at attributes. So now you can do stuff more 300 00:18:28,640 --> 00:18:32,000 dynamically. So you don't have this rigid 301 00:18:32,720 --> 00:18:36,360 security group structure. You don't end up with security 302 00:18:36,360 --> 00:18:39,760 groups nested in security groups because that's how we did it in 303 00:18:39,760 --> 00:18:41,680 the old days, right? I can't believe anybody would 304 00:18:41,680 --> 00:18:42,920 ever do that. That doesn't happen. 305 00:18:44,320 --> 00:18:45,720 You're at full of battle scars here. 306 00:18:47,360 --> 00:18:49,920 So how do you track? So attribute based access 307 00:18:49,920 --> 00:18:54,640 control is obviously very dependent on attributes, data, 308 00:18:55,360 --> 00:18:58,320 data quality, data timeliness, all that stuff. 309 00:18:58,640 --> 00:19:02,520 How do you manage getting that data into a spot where you are 310 00:19:02,520 --> 00:19:06,200 comfortable to say, OK, yeah, attribute, we've got it and we 311 00:19:06,200 --> 00:19:09,360 can automate or make policy decisions off it, whatever that 312 00:19:09,360 --> 00:19:11,640 may be. But talk about the data part of 313 00:19:11,640 --> 00:19:13,040 the attribute side and how you manage that. 314 00:19:14,520 --> 00:19:20,840 Honestly, it's it is a struggle. So we all know the the pain of 315 00:19:20,840 --> 00:19:22,960 having clear and concise data, right? 316 00:19:23,720 --> 00:19:29,120 So first of all, it's the wonderful discussion with the HR 317 00:19:29,560 --> 00:19:31,840 on what attributes we use for, for what, right. 318 00:19:32,440 --> 00:19:38,440 Then it is in our situation where we have a third of our 319 00:19:38,440 --> 00:19:44,160 workforce that is 18 or younger. We also have some, some privacy 320 00:19:44,160 --> 00:19:45,960 issues. So we don't want to pull in too 321 00:19:45,960 --> 00:19:50,640 much information, just enough. And based on that subset of data 322 00:19:50,640 --> 00:19:57,000 we have, we, we do our very best to, to say, OK, how much of this 323 00:19:57,000 --> 00:19:59,360 can we actually control on pure ABAC? 324 00:19:59,800 --> 00:20:03,320 How much of this needs to be reliant on RBAC? 325 00:20:04,640 --> 00:20:07,720 It's that happy mix of these two that we, we live in. 326 00:20:07,720 --> 00:20:11,480 So we, we can't sit here and say, Oh yeah, we're purely a 327 00:20:11,480 --> 00:20:13,680 back. Because honestly, I don't think 328 00:20:13,680 --> 00:20:19,240 it's ever going to happen. But if you have, let's say, 9 329 00:20:19,240 --> 00:20:22,920 predefined roles in your organization, well, that is a 330 00:20:22,920 --> 00:20:28,880 perfect fit for, for our back. And then you can always tighten 331 00:20:28,880 --> 00:20:31,280 security and and find a sweet spot with a back. 332 00:20:31,720 --> 00:20:34,880 Yeah. You know, I've kind of an out of 333 00:20:34,880 --> 00:20:38,600 band question for that, but I was thinking, so really it's the 334 00:20:39,480 --> 00:20:42,080 you have the delegate administration, so the customers 335 00:20:42,080 --> 00:20:44,680 say, well, I just hired this new person. 336 00:20:45,240 --> 00:20:49,920 That's got to also be you've got to have high volume in terms of 337 00:20:49,920 --> 00:20:52,720 turnover. I would imagine that's a big 338 00:20:52,720 --> 00:20:57,920 part of what you deal with. But so let me get to my question 339 00:20:57,920 --> 00:21:00,480 first. So I was wondering because most 340 00:21:00,480 --> 00:21:06,280 of your footprint is in Europe, so many different languages, do 341 00:21:06,280 --> 00:21:10,160 you do all the front end with English only? 342 00:21:10,320 --> 00:21:14,720 Because I would think as you get out to retail in maybe some of 343 00:21:14,720 --> 00:21:19,520 the more rural areas, people don't speak English maybe. 344 00:21:20,720 --> 00:21:25,800 So I'm in that lucky position where we we're in a company 345 00:21:25,800 --> 00:21:29,320 where we said our company language is English. 346 00:21:29,800 --> 00:21:31,560 So that makes my life a little easier. 347 00:21:31,560 --> 00:21:35,800 OK. But fortunately we are heavily 348 00:21:35,800 --> 00:21:38,760 represented here in in Germany and and and Poland and they're 349 00:21:38,760 --> 00:21:43,200 fairly good at at English. So, so it's not a huge issue, 350 00:21:43,200 --> 00:21:47,080 but we do run into it and then we rely on on people in the 351 00:21:47,080 --> 00:21:50,840 store just to get back on the other party you. 352 00:21:50,840 --> 00:21:53,000 Mentioned the high turnover. Yeah. 353 00:21:53,000 --> 00:21:57,480 So we do have a high turnover just before summer break. 354 00:21:57,880 --> 00:22:03,120 We on board something like 2 1/2 thousand employees and our mid 355 00:22:03,240 --> 00:22:07,200 of August they're heading out the door again. 356 00:22:08,080 --> 00:22:13,520 So, so yeah, we, we actually have vendors compare us to 357 00:22:13,760 --> 00:22:17,520 something like universities in the, in our approach to, to on 358 00:22:17,520 --> 00:22:22,600 board and off board people. That's got to be a busy time. 359 00:22:22,600 --> 00:22:24,320 No one can take vacation then, right? 360 00:22:25,080 --> 00:22:27,240 Well, the in Europe that would be tough to say. 361 00:22:27,240 --> 00:22:29,080 No one take vacation in August, right? 362 00:22:29,160 --> 00:22:30,440 Oh yeah, yeah, that's not going to happen. 363 00:22:30,920 --> 00:22:32,200 That's not the vacation's happening. 364 00:22:32,200 --> 00:22:32,840 That's for sure. Right. 365 00:22:33,160 --> 00:22:33,920 Yeah. No. 366 00:22:33,920 --> 00:22:39,320 But I mean, I think a rule of thumb is we we do something like 367 00:22:39,880 --> 00:22:42,840 turnover between 200 and 500 employees a month. 368 00:22:43,840 --> 00:22:46,200 So it's a big river balding door, yeah. 369 00:22:47,200 --> 00:22:48,840 How do you manage those terminations? 370 00:22:48,840 --> 00:22:51,440 Do you keep them around for a certain amount of time? 371 00:22:52,200 --> 00:22:54,000 I guess you know, there's probably errors that are made 372 00:22:54,000 --> 00:22:56,040 sometimes, like, oh, didn't mean to terminate this person or 373 00:22:56,040 --> 00:22:57,680 there's a change in mind and they come back. 374 00:22:58,120 --> 00:23:00,400 Do you totally deconstruct the ID? 375 00:23:00,480 --> 00:23:03,160 Do you put it into some sort of dormant status for a little bit? 376 00:23:04,480 --> 00:23:06,400 How does the management of the ID behind the scenes work? 377 00:23:07,000 --> 00:23:10,280 Well, that's the the great thing about the GDPR. 378 00:23:10,280 --> 00:23:14,800 So we just lean up against the framework saying, OK, generally 379 00:23:14,800 --> 00:23:18,280 we keep you around for 30 days. So let's say you're terminated 380 00:23:19,520 --> 00:23:22,200 on your current contract because you're starting in a new store 381 00:23:22,200 --> 00:23:25,880 or something. So we off bought you on the last 382 00:23:25,880 --> 00:23:29,240 day of the month and, and the night before you start again, 383 00:23:29,240 --> 00:23:32,440 we, we basically strip you down and, and build you up again with 384 00:23:32,640 --> 00:23:34,480 your new role. And I don't see. 385 00:23:35,680 --> 00:23:39,400 And then we have a rule saying we, we don't keep user data 386 00:23:39,400 --> 00:23:43,560 around for, for more than the, the absolute amount of time we 387 00:23:43,560 --> 00:23:45,600 needed. So 30 days, give or take. 388 00:23:47,200 --> 00:23:48,520 OK. Sounds like one of those 389 00:23:48,520 --> 00:23:52,160 situations where the compliance is also in line with doing 390 00:23:52,160 --> 00:23:55,200 things more securely. I think sometimes folks think 391 00:23:55,200 --> 00:23:56,960 it's one or the other. Yeah. 392 00:23:57,680 --> 00:24:00,360 No, it's you. You got to find the sweet spot 393 00:24:00,840 --> 00:24:04,000 between the compliance and and usability, right? 394 00:24:04,320 --> 00:24:10,640 Because I mean, there's no sense in off boarding, let's say 500 395 00:24:11,480 --> 00:24:16,280 on the last day of the month just to to rebuild them the day 396 00:24:16,280 --> 00:24:18,400 after. Yeah, totally. 397 00:24:18,520 --> 00:24:21,240 Yeah, I mean e-mail addresses and stuff like that, you would 398 00:24:21,240 --> 00:24:25,560 definitely hit that magic dorm and state on the e-mail address 399 00:24:25,560 --> 00:24:27,000 saying, oh, it's already been assigned. 400 00:24:27,000 --> 00:24:29,360 You can't have your own e-mail address, e-mail address back and 401 00:24:29,360 --> 00:24:31,680 stuff like that. How do you handle duplicates? 402 00:24:31,800 --> 00:24:33,520 A number? A middle initial? 403 00:24:33,520 --> 00:24:36,520 Different spelling of the name? Oh, I'm picking a, I'm picking a 404 00:24:36,560 --> 00:24:37,640 wound here it sounds like, right? 405 00:24:37,720 --> 00:24:39,280 Yeah, tough. Questions here. 406 00:24:39,400 --> 00:24:43,640 Yeah. So, so no, luckily what we, we 407 00:24:43,640 --> 00:24:49,560 do is we say depending on which position you're hired in, then 408 00:24:49,560 --> 00:24:52,320 you are given an e-mail address or not. 409 00:24:52,320 --> 00:24:55,800 So if you're just stuck in shelves, you might not need an 410 00:24:55,800 --> 00:24:58,800 e-mail address. So that helps us a long way. 411 00:24:59,400 --> 00:25:03,560 But yes, we're stuck in the same situation as everybody else with 412 00:25:04,400 --> 00:25:07,440 your name, some random number or something, right? 413 00:25:08,080 --> 00:25:08,440 OK. Yeah. 414 00:25:08,960 --> 00:25:11,360 I want to talk a little bit about IGA because you're one of 415 00:25:11,360 --> 00:25:15,720 the few people that I snooped on that has done IGA twice. 416 00:25:16,120 --> 00:25:19,120 So you had an IGA product and we're like, this isn't about 417 00:25:19,120 --> 00:25:20,600 product, this is more about the shift. 418 00:25:20,600 --> 00:25:23,520 So at some point there was a decision made to say, OK, this 419 00:25:23,520 --> 00:25:27,040 IGA isn't meeting our needs and we need to move to this other 420 00:25:27,040 --> 00:25:29,480 IGA, whatever that might be. I think a lot of people are 421 00:25:29,480 --> 00:25:31,800 probably in this state where they're like, OK, well, when you 422 00:25:32,160 --> 00:25:35,160 essentially pull the plug and say, OK, it's not it's time to 423 00:25:35,160 --> 00:25:36,680 RIP that Band-Aid off or do whatever. 424 00:25:36,800 --> 00:25:39,480 Talk to me a little bit about the that transition. 425 00:25:39,840 --> 00:25:42,240 How did you make the decision? What was the decision like? 426 00:25:42,320 --> 00:25:45,200 You know, as an organization said, OK, it's time to move from 427 00:25:45,200 --> 00:25:48,560 one platform to another. And for people who are out there 428 00:25:48,560 --> 00:25:50,800 listening, you know, what are some tips that they should be 429 00:25:50,800 --> 00:25:53,000 thinking about if they're considering, you know, that 430 00:25:53,000 --> 00:25:55,600 journey? Yeah, well, you guys are 431 00:25:55,600 --> 00:26:00,120 consultants. So you, you've seen all the, the 432 00:26:00,120 --> 00:26:03,240 fun stuff that people use to, to an IGA system, right? 433 00:26:03,680 --> 00:26:06,800 So what ours was what I would consider legacy. 434 00:26:07,400 --> 00:26:10,200 It was around 10 plus years old, right? 435 00:26:10,200 --> 00:26:15,320 They had basically mangled the system to do anything from Weld 436 00:26:15,320 --> 00:26:18,360 underwater to brew your coffee to do your I am. 437 00:26:18,560 --> 00:26:19,920 So it's very custom then? Oh yeah. 438 00:26:19,920 --> 00:26:21,760 Which means it's going to be hard to find something that's 439 00:26:22,080 --> 00:26:23,880 apples to apples or a straight comparison. 440 00:26:24,240 --> 00:26:29,040 And I do have a consultancy background and I love the whole 441 00:26:29,040 --> 00:26:33,000 concept of keeping it lean and keeping it close to whatever 442 00:26:33,680 --> 00:26:36,360 commercially off the shelf product you have, right. 443 00:26:36,880 --> 00:26:43,240 And I, I am a big advocate for keeping stuff agnostic. 444 00:26:43,600 --> 00:26:46,920 So if you want to go ahead and change the, the engine of your, 445 00:26:47,960 --> 00:26:54,400 your IM in in three years time, then you should be able to swap 446 00:26:54,400 --> 00:26:59,080 that engine fairly easily. And that was kind of one of the 447 00:26:59,080 --> 00:27:02,280 drivers for for this because we were looking at a legacy 448 00:27:02,280 --> 00:27:05,040 product. We are looking at an 449 00:27:05,040 --> 00:27:10,600 organization that was moving into, I would say cloud first 450 00:27:10,600 --> 00:27:13,600 strategy. So we suddenly were in a 451 00:27:13,600 --> 00:27:17,600 situation where we needed to either create custom connectors 452 00:27:18,320 --> 00:27:23,080 or switch a product and say, OK, should we actually get ahead of 453 00:27:23,080 --> 00:27:27,400 this and say if the organization is adopting a cloud first 454 00:27:27,400 --> 00:27:30,720 strategy, let's jump on that wave and see what we can 455 00:27:30,720 --> 00:27:34,800 actually do and what we can actually achieve and manage 456 00:27:34,800 --> 00:27:42,080 users in a smarter way. So if I should give a tip, then 457 00:27:42,080 --> 00:27:50,400 it's all about knowing what you have and it's about looking at 458 00:27:50,480 --> 00:27:55,720 where you want to go. And then MVPS, minimal viable 459 00:27:55,720 --> 00:27:59,840 products all the way. I mean if you do it right you 460 00:27:59,840 --> 00:28:01,720 can do a transition in like 6 weeks. 461 00:28:02,680 --> 00:28:03,920 That's pretty quick. Oh yeah. 462 00:28:04,600 --> 00:28:08,640 But but if you know what you have and where you want to go, 463 00:28:09,160 --> 00:28:13,080 it is a fairly simple exercise and saying OK, so how do I get 464 00:28:13,080 --> 00:28:15,320 there? How ruthless do you need to be 465 00:28:15,320 --> 00:28:18,440 when you're making that transition to plan to say we are 466 00:28:18,440 --> 00:28:20,520 not going to carry this over to the new system? 467 00:28:20,760 --> 00:28:25,160 Oh, good question. I was Mr. Unpopular. 468 00:28:25,160 --> 00:28:27,440 Let's just put a little bit like that. 469 00:28:27,440 --> 00:28:30,440 So. So yeah, I got very good at 470 00:28:30,440 --> 00:28:33,560 saying no. So what? 471 00:28:33,560 --> 00:28:35,600 Gave you the confidence to say no, though, because I think 472 00:28:36,080 --> 00:28:38,320 there's this natural desire to say yes. 473 00:28:38,320 --> 00:28:40,600 Let's figure out how we can do that, yes. 474 00:28:40,600 --> 00:28:45,400 How do you say no in a way that hopefully keeps keeps people 475 00:28:45,400 --> 00:28:47,400 relatively happy? What's the diplomatic response 476 00:28:47,400 --> 00:28:47,880 there to say? No. 477 00:28:47,880 --> 00:28:51,720 So, so the diplomatic response is you listen to their their 478 00:28:51,720 --> 00:28:56,720 issues, you figure out with them whether or not it is something 479 00:28:56,720 --> 00:29:00,320 that the organization needs and then you road map it. 480 00:29:01,120 --> 00:29:08,360 So I'm not sitting here telling everybody to to give a hug. 481 00:29:08,360 --> 00:29:09,720 No, because that's not going to fly. 482 00:29:10,280 --> 00:29:11,880 I would be out of the job same day. 483 00:29:13,680 --> 00:29:16,640 You give them a soft no, saying it's not going to happen right 484 00:29:16,640 --> 00:29:21,520 now. But in phase 234 it might be of 485 00:29:21,520 --> 00:29:24,560 interest re exploring this, this idea, right. 486 00:29:25,400 --> 00:29:30,760 So phase rollouts King. I think a big emphasis here DIC 487 00:29:30,760 --> 00:29:33,400 has been on the identity fabric, right? 488 00:29:33,480 --> 00:29:37,840 And I, I feel like it's more of an emphasis maybe in Europe than 489 00:29:37,840 --> 00:29:42,560 the US where maybe the emphasis is more product focused. 490 00:29:43,120 --> 00:29:47,000 Do you feel like that's true? And then what's your take on the 491 00:29:47,000 --> 00:29:50,320 identity fabric? Is that an important concept for 492 00:29:50,320 --> 00:29:52,360 you? Oh yes, it's definitely an 493 00:29:52,360 --> 00:29:58,160 important concept for me. I'm a firm believer of that if 494 00:29:58,160 --> 00:30:01,560 we are smart about it and we go the identity identity first 495 00:30:01,560 --> 00:30:09,240 route and we we focus on how we manage identities and what kind 496 00:30:09,240 --> 00:30:13,440 of shared signals we can get, we will be in a much better place 497 00:30:13,440 --> 00:30:22,000 than than where we are today. Honestly, I, I don't necessarily 498 00:30:22,000 --> 00:30:23,600 care about which product does what. 499 00:30:25,920 --> 00:30:28,960 A vendor as a vendor, there's going to be new ones tomorrow. 500 00:30:29,360 --> 00:30:32,720 They are getting smarter. And at the rate that we are 501 00:30:32,720 --> 00:30:38,800 applying agnostic AI to, to everything these days, who knows 502 00:30:38,800 --> 00:30:40,160 what's just around the corner, right? 503 00:30:40,520 --> 00:30:44,000 Yeah. Every product is like now with 504 00:30:44,000 --> 00:30:47,960 100% more AI and before it was 100% more zero trust and before 505 00:30:47,960 --> 00:30:51,320 that was more, you know, whatever the the security did 506 00:30:51,320 --> 00:30:54,360 you return was. So, yeah, so whatever opened us 507 00:30:54,400 --> 00:30:56,480 opened up the company wallet, right? 508 00:30:56,800 --> 00:30:58,040 And today it's AI. So yeah. 509 00:30:59,480 --> 00:31:01,480 It's kind of. Yeah, to your .0 trust then. 510 00:31:01,480 --> 00:31:05,400 Before that I was thinking REST API, REST API and. 511 00:31:05,920 --> 00:31:08,920 It was blockchain was like The thing is a revolutionized 512 00:31:08,920 --> 00:31:11,520 There's so many buzzwords. I want to ramp up the 513 00:31:11,520 --> 00:31:13,840 conversation. On a later note here, I did more 514 00:31:13,840 --> 00:31:18,200 LinkedIn spying and I noticed that you're from the Caribbean. 515 00:31:18,200 --> 00:31:21,040 The Caribbean. How does a native say it? 516 00:31:21,600 --> 00:31:24,360 Well, I say it as being from the Caribbean. 517 00:31:24,600 --> 00:31:28,280 The Caribbean, OK, what's the best thing about being from the 518 00:31:28,280 --> 00:31:29,840 Caribbean? What's the worst thing about 519 00:31:29,840 --> 00:31:31,960 being from that area? And for people who aren't 520 00:31:31,960 --> 00:31:34,080 familiar, kind of maybe explain geographically where the 521 00:31:34,080 --> 00:31:38,920 Caribbean is? So geographically, I will say 522 00:31:38,960 --> 00:31:43,160 all the islands and north of the Venezuela and up towards 523 00:31:43,160 --> 00:31:46,400 Florida, that's kind of what I, I grew together as being the 524 00:31:46,400 --> 00:31:52,640 Caribbean, right? And I would say one of the, the 525 00:31:52,640 --> 00:31:57,720 best things about it, about it is this sense of belonging, the, 526 00:31:59,560 --> 00:32:04,120 the close relationships. It's more about the the person 527 00:32:04,120 --> 00:32:06,040 than than the job, stuff like that. 528 00:32:07,000 --> 00:32:09,200 The worst part is I run on Caribbean time. 529 00:32:09,320 --> 00:32:13,520 So what we don't fix today, we fix tomorrow if we get around 530 00:32:13,520 --> 00:32:14,880 it. So yeah. 531 00:32:15,160 --> 00:32:18,200 I would think it was. I was, I was expecting you to 532 00:32:18,200 --> 00:32:21,160 say flying home for Christmas, Cost of fortune. 533 00:32:21,640 --> 00:32:23,560 Everybody wants to be there then. 534 00:32:24,200 --> 00:32:27,840 Oh yeah, yeah, but but no, it's, it's not too bad. 535 00:32:27,840 --> 00:32:32,160 So going back to the Caribbean, yes, it does cost a little, 536 00:32:32,600 --> 00:32:34,360 especially here from, from your right. 537 00:32:34,760 --> 00:32:37,840 But if you're smart about it, then it's not too bad. 538 00:32:38,200 --> 00:32:39,480 How? How often do you go back? 539 00:32:40,240 --> 00:32:43,800 I try to go back every other year, yeah. 540 00:32:43,840 --> 00:32:48,480 But, you know, COVID and all that kind of screw over those 541 00:32:48,480 --> 00:32:51,160 plans. Yeah, so I I was actually 542 00:32:51,160 --> 00:32:53,320 wondering, do you have any hidden gems? 543 00:32:53,960 --> 00:32:57,720 I'm planning a vacation to Dominican Republic. 544 00:32:57,720 --> 00:33:00,040 Bunta Canta. Bunta Cana. 545 00:33:01,000 --> 00:33:02,440 I shouldn't know how. To say that. 546 00:33:05,440 --> 00:33:08,160 So is that a good choice to start with? 547 00:33:08,160 --> 00:33:13,520 And any hidden gems. You see now here's the trap, 548 00:33:13,520 --> 00:33:15,560 right? It's, you say hidden gems, it 549 00:33:15,560 --> 00:33:17,320 gets out and that's no longer a hidden. 550 00:33:17,880 --> 00:33:18,840 Gems. Right. 551 00:33:18,960 --> 00:33:21,600 Oh yeah, with our with our millions and millions. 552 00:33:21,720 --> 00:33:23,400 Of billions. Of billions. 553 00:33:23,920 --> 00:33:27,680 Yeah, no, I'm, I'm kind of relaxed whenever I go back to to 554 00:33:27,680 --> 00:33:30,880 the Caribbean. So it is for, for me, Trinidad 555 00:33:30,880 --> 00:33:37,200 and Tobago is like the home base and I'm born there. 556 00:33:37,200 --> 00:33:41,840 So, so my, my heart will will always go to, towards that part 557 00:33:41,840 --> 00:33:44,520 of the Caribbean, right? But other than that, go, 558 00:33:44,960 --> 00:33:48,520 definitely go island hopping. There's so, so much to explore 559 00:33:48,520 --> 00:33:54,040 and, and I mean, a lot of people have been to to Jamaica and the 560 00:33:54,040 --> 00:33:58,080 Bahamas and stuff like that, but there's also other, other 561 00:33:58,080 --> 00:34:03,000 islands that has stuff that's worth seeing and, and 562 00:34:03,000 --> 00:34:05,600 experiencing. Yeah, sounds wonderful. 563 00:34:06,520 --> 00:34:07,360 All right, well, that's pretty good. 564 00:34:07,360 --> 00:34:09,440 Probably spot to leave it for this this one. 565 00:34:10,400 --> 00:34:12,239 Jerome, great to meet you in person. 566 00:34:12,440 --> 00:34:15,120 Thanks for taking time here, being with us. 567 00:34:15,320 --> 00:34:18,400 I'll have your LinkedIn profile in our show notes so people can 568 00:34:18,400 --> 00:34:21,800 reach out and connect. Maybe trade war stories, maybe 569 00:34:22,080 --> 00:34:24,360 maybe you guys, you know, it can get maybe in a more of a hidden 570 00:34:24,360 --> 00:34:25,719 gem conversation. A1 to 1. 571 00:34:25,719 --> 00:34:27,159 So, you know, blasted on the Internet. 572 00:34:27,679 --> 00:34:29,080 But thank you so much for being part of this. 573 00:34:29,080 --> 00:34:31,320 And yeah, we're going to leave for this week. 574 00:34:31,320 --> 00:34:34,639 Find us on the web at idacpodcast.com, like and 575 00:34:34,639 --> 00:34:36,120 subscribe and do all those fun things right. 576 00:34:36,120 --> 00:34:37,920 That's what gets us up to places like this. 577 00:34:38,360 --> 00:34:41,400 And yeah, appreciate it. So thanks everyone for watching 578 00:34:41,400 --> 00:34:43,880 and or listening and we'll talk with you all in the next one. 579 00:34:46,760 --> 00:34:49,840 You've been listening to Identity at the Center. 580 00:34:50,159 --> 00:34:54,280 We hope you've enjoyed the show. Make sure to like, rate and 581 00:34:54,280 --> 00:34:57,880 review, and we'll be back soon. But in the meantime, hit the 582 00:34:57,880 --> 00:35:01,320 website at identity@thecenter.com. 583 00:35:01,880 --> 00:35:06,000 See you next time on Identity at the Center.