1 00:00:04,200 --> 00:00:06,200 Welcome to the identity at the center podcast. 2 00:00:06,200 --> 00:00:08,400 This is the first of what we hope will become a routine. 3 00:00:08,400 --> 00:00:11,000 Look at the world of identity and access management. 4 00:00:11,100 --> 00:00:13,900 My name is Jeff Stedman and I'm here with Jim McDonald. 5 00:00:14,400 --> 00:00:16,400 We're both strategic identity and access management 6 00:00:16,400 --> 00:00:19,700 Consultants with a denture peas, advisory practice, Jim and I 7 00:00:19,700 --> 00:00:23,400 have each been in the eye in space for over 15 years and have 8 00:00:23,400 --> 00:00:26,100 been in the trenches of real-world identity management, 9 00:00:26,100 --> 00:00:29,800 programs appointments and operations as far as my back. 10 00:00:30,000 --> 00:00:33,200 Around you know I've worked for several large companies running 11 00:00:33,200 --> 00:00:36,300 I am operations globally. Jim don't talk a bit about your 12 00:00:36,300 --> 00:00:39,500 background. Sure hi everyone. 13 00:00:39,500 --> 00:00:42,300 Jim McDonald year. I joined the dish would be seven 14 00:00:42,300 --> 00:00:45,700 years ago and I've been in the advisory Services Group, as well 15 00:00:45,700 --> 00:00:50,500 as I started and ran the forgerock practice for a while. 16 00:00:51,000 --> 00:00:56,900 For drock is a I am vendor focused on external identity and 17 00:00:56,900 --> 00:00:59,900 access management. I really that's kind of my area. 18 00:01:00,000 --> 00:01:04,500 Our Specialties. So, my first I Am project was 19 00:01:04,500 --> 00:01:08,900 focused on as actually. One of the manufacturing company 20 00:01:09,200 --> 00:01:10,900 was responsible for the dealer portal. 21 00:01:10,900 --> 00:01:15,200 So it's kind of a web server and web application guy has more on 22 00:01:15,200 --> 00:01:19,000 the technical side of the house but I was transitioning in my 23 00:01:19,000 --> 00:01:22,700 career into getting into more project management program 24 00:01:22,700 --> 00:01:25,100 management. The time I was just getting 25 00:01:25,100 --> 00:01:29,500 started with getting my MBA at Rutgers University. 26 00:01:29,900 --> 00:01:35,600 I shot out there and, you know, I got this opportunity to take 27 00:01:36,000 --> 00:01:40,200 our dealer portal and expanded across multiple brands are 28 00:01:40,200 --> 00:01:44,200 taking a bunch of different web applications that were used for 29 00:01:44,200 --> 00:01:47,700 doing business functionality, like ordering and ordering 30 00:01:47,700 --> 00:01:51,400 complete machines and parts and submitting warranties and things 31 00:01:51,400 --> 00:01:55,800 like that and had to pull it all together into one portal. 32 00:01:56,100 --> 00:02:00,800 We had our dealerships across the United States and Someone 33 00:02:00,900 --> 00:02:04,000 somewhere outside the United States and made a lot of these 34 00:02:04,000 --> 00:02:08,699 applications that some users would have accounts and all the 35 00:02:08,699 --> 00:02:11,200 different applications with different usernames, some things 36 00:02:11,200 --> 00:02:16,400 like that, our drive to start with was to get to one ID and 37 00:02:16,400 --> 00:02:21,600 password per person and that's a bigger challenge than you. 38 00:02:21,600 --> 00:02:24,400 Then you realize when you start going down that road. 39 00:02:24,400 --> 00:02:27,600 And so that's how I got into identity and access management 40 00:02:27,600 --> 00:02:30,900 because we came to find out this is Is actual space. 41 00:02:30,900 --> 00:02:33,500 You know, this is something that people are creating solutions 42 00:02:33,500 --> 00:02:35,900 for, and maybe that's Captain Obvious today. 43 00:02:35,900 --> 00:02:39,300 But 15 years ago, it wasn't at least for me. 44 00:02:39,300 --> 00:02:43,500 So, that's how I got into the space and I always say, you 45 00:02:43,500 --> 00:02:46,300 know, everybody's got their own story, how they got into, I am, 46 00:02:47,800 --> 00:02:50,000 you know, most of us stumbled into it. 47 00:02:50,300 --> 00:02:54,700 I doing some other job and then found that hey, we're all of a 48 00:02:54,700 --> 00:02:59,000 sudden, I Am project and got into it at the right time there 49 00:02:59,000 --> 00:03:01,700 or even today. I think you know this is some 50 00:03:01,900 --> 00:03:05,100 depending on where you are in your career if this is like an 51 00:03:05,100 --> 00:03:09,000 area that you're looking to get into, it's something I think 52 00:03:09,000 --> 00:03:12,300 that pretty much anybody with a business background or technical 53 00:03:12,300 --> 00:03:18,700 background can get into I am and just you know everybody has 54 00:03:18,700 --> 00:03:22,600 their own career pathway. I think in this space You know, 55 00:03:23,700 --> 00:03:26,100 it's interesting is that so I was at the end of verse 56 00:03:26,100 --> 00:03:30,900 conference, this past week in Washington DC and whenever I'm 57 00:03:31,100 --> 00:03:34,200 in the process of writing a Blog article about this, but it's 58 00:03:34,200 --> 00:03:36,600 funny that you mentioned, how you got into I am because I 59 00:03:36,600 --> 00:03:41,000 don't know anybody who got into. I am starting with I am, right? 60 00:03:41,000 --> 00:03:44,400 I mean, they started maybe on the network side or help desk 61 00:03:44,400 --> 00:03:46,900 side like myself. I started helpdesk kind of move 62 00:03:46,900 --> 00:03:50,700 over to and and ID administrator and before moving in. 63 00:03:50,700 --> 00:03:53,500 Yeah, man. At, but it's I don't know 64 00:03:53,500 --> 00:03:57,000 anybody in the I am space that started and I am. 65 00:03:57,900 --> 00:03:59,600 Do you know anybody that fits that bill? 66 00:04:00,100 --> 00:04:05,000 I can think of one person which was Mario dousai who's now with 67 00:04:05,800 --> 00:04:08,200 see we transmit security now. Yeah, I think so. 68 00:04:09,000 --> 00:04:15,200 And yeah, he was a developer, we brought him in and for the bank 69 00:04:15,200 --> 00:04:18,899 that I was working for, we brought him in as a developer 70 00:04:19,399 --> 00:04:22,900 and that was like five years. To go and that's what I think 71 00:04:22,900 --> 00:04:28,300 the you know the my answer your question was 10 years ago, the 72 00:04:28,300 --> 00:04:30,700 answer would have been no. But I think more and more now 73 00:04:30,700 --> 00:04:35,700 it's like I am spaces has gotten so big and we one of the things 74 00:04:35,700 --> 00:04:39,800 that we are always talking about is, you know, the need for more 75 00:04:39,800 --> 00:04:42,700 talent to get into this, into this area. 76 00:04:43,000 --> 00:04:46,500 And I think I am is now in the place where it's like, you know, 77 00:04:47,600 --> 00:04:51,700 what kind of a cottage industry where we have to go out and Take 78 00:04:51,700 --> 00:04:54,900 people who nests don't necessarily have the skillset 79 00:04:54,900 --> 00:04:57,900 you know, people fresh out of college and get them into. 80 00:04:57,900 --> 00:05:01,700 I am another example is Fletcher, Eddington from our 81 00:05:01,700 --> 00:05:06,100 company, he was hired as an intern and use doing technology 82 00:05:06,100 --> 00:05:12,600 deployments in the imc's and now he's on the sale side but he's 83 00:05:13,100 --> 00:05:15,400 built his entire career around I am. 84 00:05:15,800 --> 00:05:19,400 So I think it's more of a kind of a recent phenomenon. 85 00:05:19,400 --> 00:05:22,900 May be within the past five years, Maybe a little bit more 86 00:05:22,900 --> 00:05:26,400 but if you know, people who've been in the space for a long 87 00:05:26,400 --> 00:05:28,800 time, most of us kind of stumbled into it one way or 88 00:05:28,800 --> 00:05:30,100 another. Right. 89 00:05:30,700 --> 00:05:31,400 Yeah. It's interesting. 90 00:05:31,400 --> 00:05:34,200 You mentioned the intern thing. It when I was at the conference 91 00:05:34,200 --> 00:05:38,900 and we were having a an ID Pro organizational, meeting kind of 92 00:05:38,900 --> 00:05:43,400 a get-together meeting, IE drinking at a bar, and we're 93 00:05:43,400 --> 00:05:48,200 talking with a couple of folks from IBM and actually have a, an 94 00:05:48,200 --> 00:05:51,900 intern kind of process. Well, they'll bring people Lynn 95 00:05:52,200 --> 00:05:57,000 and have them kind of work around the different engagement. 96 00:05:57,000 --> 00:05:58,600 Not engagements. I like different apartments in 97 00:05:58,600 --> 00:06:01,100 the. I am kind of Consulting that 98 00:06:01,100 --> 00:06:05,200 they do and they're trying to get more younger Talent, you 99 00:06:05,200 --> 00:06:08,300 know, into those groups as well. So they actually have a 100 00:06:08,300 --> 00:06:13,700 dedicated program to find those people get them exposure and 101 00:06:13,900 --> 00:06:15,900 kind of help them figure out where they are in space. 102 00:06:15,900 --> 00:06:17,400 They might fit if they sit right? 103 00:06:17,400 --> 00:06:21,200 They don't, you know, they kind of move on but they're a big. 104 00:06:21,400 --> 00:06:25,800 Company and they're looking to get support and, you know, from 105 00:06:25,800 --> 00:06:28,700 a talent perspective and actually have a kind of Dicky 106 00:06:28,700 --> 00:06:29,800 program, which I thought was pretty cool. 107 00:06:29,800 --> 00:06:33,600 And it's probably as something, I would imagine lends itself 108 00:06:33,600 --> 00:06:35,600 more to the Consulting space, right? 109 00:06:35,600 --> 00:06:38,300 Bringing in folks and trying to get people my email, I don't see 110 00:06:38,300 --> 00:06:39,800 you. I can Enterprise bringing people 111 00:06:39,800 --> 00:06:42,000 in and letting them kind of figure out where they want to 112 00:06:42,008 --> 00:06:45,700 be. You have to that level but you 113 00:06:45,700 --> 00:06:48,100 know those Folks at some point end up in the industry. 114 00:06:48,400 --> 00:06:51,600 I'll be probably. Yeah, almost You know, one when 115 00:06:51,800 --> 00:06:55,900 I first got into it about 20 years ago, there were a lot of 116 00:06:55,900 --> 00:07:00,600 different ways you could get into it and kind of build a 117 00:07:00,600 --> 00:07:03,300 career. So there was, you know, you 118 00:07:03,300 --> 00:07:06,700 could be a network engineer, you could be a server engineer, 119 00:07:06,700 --> 00:07:10,400 things like that, but a lot of those spaces have become 120 00:07:10,400 --> 00:07:15,500 commoditized and they didn't, you know, smaller companies, 121 00:07:15,500 --> 00:07:20,100 mid-sized companies just Outsource server hosting or Or 122 00:07:20,100 --> 00:07:25,900 network network setup or voice over IP phones, you know, phone 123 00:07:25,900 --> 00:07:28,100 systems. That was another entry point 124 00:07:28,100 --> 00:07:34,500 into it back in my day. But, you know, today there's 125 00:07:34,500 --> 00:07:37,700 fewer and fewer those, they're being commoditized and, you 126 00:07:37,707 --> 00:07:41,600 know, not necessarily moved out of the United States, but in the 127 00:07:41,600 --> 00:07:45,400 bigger companies that I'm sure they have internship programs 128 00:07:45,400 --> 00:07:47,300 and things like that to get into as well. 129 00:07:47,500 --> 00:07:51,700 But I am is been one of those spaces where It's evolving so 130 00:07:51,700 --> 00:07:54,900 rapidly and a lot of small companies move into the space 131 00:07:55,200 --> 00:08:00,700 and it gives opportunities for newbies or new people to move 132 00:08:00,700 --> 00:08:03,000 into the space and really build a career. 133 00:08:03,000 --> 00:08:07,200 And one of the things that I've always loved about I am, is that 134 00:08:07,500 --> 00:08:12,100 the people who I think are the most successful have, you know, 135 00:08:12,200 --> 00:08:15,900 really good business skills. But enough technology skills to 136 00:08:15,900 --> 00:08:19,100 be dangerous or vice versa, they've got really good 137 00:08:19,100 --> 00:08:21,300 technology. Skills and they understand 138 00:08:21,300 --> 00:08:23,900 business. Just enough to be dangerous or 139 00:08:23,900 --> 00:08:26,600 obviously, if you're, if you're really experience with. 140 00:08:26,600 --> 00:08:30,300 Oh, that's great. But you're solving business 141 00:08:30,300 --> 00:08:33,299 problems with I am, you know, you're really having to look at. 142 00:08:33,600 --> 00:08:36,100 How do you do things today? How do you want to do them 143 00:08:36,799 --> 00:08:40,400 compare that with how to software work out of the box and 144 00:08:40,400 --> 00:08:43,200 having the business sense to know that you don't want to take 145 00:08:43,200 --> 00:08:46,300 something that you bought that works out of the box and 146 00:08:46,300 --> 00:08:49,600 customize the, you know, customize it too much. 147 00:08:49,600 --> 00:08:52,200 And then Start with kind of a Frankenstein system. 148 00:08:53,900 --> 00:08:57,300 Yeah I mean there's so much more to I am than just technology 149 00:08:57,300 --> 00:09:00,000 right? I mean it's there's there's 150 00:09:00,100 --> 00:09:03,500 management, there's marketing, there's you know, communication, 151 00:09:03,500 --> 00:09:07,200 relationship building, there's all and I think maybe it's not 152 00:09:07,200 --> 00:09:10,100 clearly obvious, unless you've been in the space for a while, 153 00:09:10,100 --> 00:09:11,800 it's not just knowledge musician. 154 00:09:12,500 --> 00:09:14,600 You know, I don't consider myself overly technical. 155 00:09:14,600 --> 00:09:17,600 I know enough probably the dangerous, but I'm not going to 156 00:09:17,600 --> 00:09:21,000 go out and, you know, write your code and, you know, install and 157 00:09:21,000 --> 00:09:23,700 configure your system. But I certainly understand, you 158 00:09:23,700 --> 00:09:26,700 know, the macro Concepts, how things are gonna work together. 159 00:09:27,000 --> 00:09:29,100 How does this work in the real world that, you know, large 160 00:09:29,100 --> 00:09:33,800 companies and change boards, and software review, boards and kind 161 00:09:33,800 --> 00:09:37,000 of all the company governance, the tends to go around, you 162 00:09:37,000 --> 00:09:39,200 know, big projects. You know, how to Market out 163 00:09:39,200 --> 00:09:41,700 there and you know why things I always say during our 164 00:09:41,700 --> 00:09:43,800 engagement, Right. Is, you know, from a program 165 00:09:43,800 --> 00:09:47,600 manager perspective, have your job is out there doing diplomacy 166 00:09:47,700 --> 00:09:49,400 kissing babies, right? Nicky relationships. 167 00:09:49,400 --> 00:09:52,400 People making people aware of one of the services that you're 168 00:09:52,400 --> 00:09:54,900 offering. So that's probably a topic that 169 00:09:54,900 --> 00:09:56,400 will Maybe cover in a future. You know what? 170 00:09:56,400 --> 00:09:58,800 Makes good. I am program manager. 171 00:09:59,500 --> 00:10:01,200 I think that's an excellent topic. 172 00:10:01,300 --> 00:10:03,700 May be good on the right Road at some point. 173 00:10:06,300 --> 00:10:07,900 So what are we want to talk about today? 174 00:10:08,800 --> 00:10:11,800 I think what we should try to cover today is something that's 175 00:10:11,800 --> 00:10:16,700 kind of near and dear to what we do because we can discuss them 176 00:10:16,700 --> 00:10:18,800 and based on a real world experience. 177 00:10:18,800 --> 00:10:24,100 But putting together an IM strategy and, you know, with the 178 00:10:24,100 --> 00:10:26,400 role that you and I are in it just to be clear to everybody 179 00:10:26,400 --> 00:10:30,300 what we do is were the advisory Services cement, I'd entropy. 180 00:10:30,300 --> 00:10:36,100 So, we parachute in with our clients who are kind of come To 181 00:10:36,100 --> 00:10:40,600 the realization that we need. And I am strategy and then they 182 00:10:41,600 --> 00:10:44,100 had some point. Discover we don't know how to 183 00:10:44,100 --> 00:10:47,800 make an IM strategy. So I think we could talk about 184 00:10:47,800 --> 00:10:50,700 your the framework that we follow and kind of the process 185 00:10:50,700 --> 00:10:52,700 that we go through. Because I know every 186 00:10:52,900 --> 00:10:57,400 organization on a real, I am program manager can afford to go 187 00:10:57,400 --> 00:11:01,100 out and bring consultants in and help with the process, but I 188 00:11:01,100 --> 00:11:05,000 think the process is something that anybody could take on and 189 00:11:05,000 --> 00:11:07,700 there might be some folks. There who are interested in just 190 00:11:07,700 --> 00:11:11,600 kind of understanding what we do and how we do it. 191 00:11:11,700 --> 00:11:17,200 So what I was going to kind of talk about was our framework 192 00:11:18,100 --> 00:11:23,600 and, you know, I really like to break down what we do into three 193 00:11:23,600 --> 00:11:28,400 major parts, so it's assess recommend and roadmap. 194 00:11:28,800 --> 00:11:32,500 And so let me go through those three parts and and break them 195 00:11:32,500 --> 00:11:35,100 down further. But the assessment phase is 196 00:11:35,100 --> 00:11:40,100 really Understanding how things work today and I think this is 197 00:11:40,100 --> 00:11:43,700 important to understand where your starting point is and 198 00:11:43,700 --> 00:11:50,200 really it's it's going to help you develop kind of where we're 199 00:11:50,200 --> 00:11:53,000 at today and what we want to accomplish which is going to be 200 00:11:53,000 --> 00:11:56,200 that recommend phase and then realizing the amount of work 201 00:11:56,200 --> 00:11:59,200 that needs to happen to go from point A to point B. 202 00:12:00,700 --> 00:12:04,300 So normally with the assessment where we started, as we do a lot 203 00:12:04,300 --> 00:12:09,200 of we do, ask Finger exercise. So we call it as our put chart, 204 00:12:09,200 --> 00:12:14,700 the put chart is essentially processes user types and Target 205 00:12:14,700 --> 00:12:20,000 systems, the whole idea and why we do that is to go through what 206 00:12:20,000 --> 00:12:22,900 is the scope of the? I am program because I am can 207 00:12:22,900 --> 00:12:25,900 mean many different things to many different people. 208 00:12:26,200 --> 00:12:29,900 But if you get an exhaustive list of like, here are the 209 00:12:30,200 --> 00:12:33,000 processes that we want to go after whether it's things 210 00:12:33,000 --> 00:12:35,800 related to managing privileged identities. 211 00:12:36,000 --> 00:12:40,300 User onboarding user off-boarding authentication into 212 00:12:40,300 --> 00:12:44,000 applications, whatever it maybe it's not all those things. 213 00:12:44,000 --> 00:12:47,800 Maybe it's you know just password management and it's a 214 00:12:47,800 --> 00:12:51,900 more finite scope but realizing what your scope is, kind of the 215 00:12:51,900 --> 00:12:54,600 starting point and one of the great things that comes out of 216 00:12:54,600 --> 00:12:59,200 that exercise is that as you go through something like who are 217 00:12:59,200 --> 00:13:02,000 the user type. So in other words we're the who 218 00:13:02,000 --> 00:13:05,600 are we doing these? I am processes for, you're going 219 00:13:05,600 --> 00:13:08,900 to So here are the stakeholders that we need to get involved. 220 00:13:08,900 --> 00:13:11,000 We're talking about external customers. 221 00:13:11,000 --> 00:13:15,100 For example, we need to get people who within our within our 222 00:13:15,100 --> 00:13:20,800 organization is respond, are the person who's responsible for, 223 00:13:21,100 --> 00:13:24,000 you know, communication to those users, things like that, who 224 00:13:24,000 --> 00:13:26,600 provides them support. And other words, when a user 225 00:13:26,600 --> 00:13:29,900 runs into an issue where they turn only, that's the service 226 00:13:29,900 --> 00:13:34,000 desk, talking about employees for probably giving HR and 227 00:13:34,100 --> 00:13:39,600 involved, if them As we go into Target system, this ASAP or 228 00:13:40,600 --> 00:13:43,800 Salesforce is on the list. Well, we need to get people 229 00:13:43,800 --> 00:13:47,000 involved from from those stakeholder groups. 230 00:13:47,300 --> 00:13:51,900 Now, all those people that we identified, we then want to get 231 00:13:51,900 --> 00:13:55,300 them involved in a workshop and a workshop would be, you know, a 232 00:13:55,300 --> 00:13:57,900 series of meetings, where we understand from, folks. 233 00:13:58,500 --> 00:13:59,900 What? You know, how do things work 234 00:13:59,900 --> 00:14:01,400 today? What's working? 235 00:14:01,400 --> 00:14:05,400 Well, what's not working? Well, what ideas do you have for 236 00:14:05,400 --> 00:14:06,900 how to make? Things work better. 237 00:14:07,500 --> 00:14:11,900 And so that's kind of the starting point is, I guess to 238 00:14:11,900 --> 00:14:15,300 break down the assess phase. Its, you know, identifying 239 00:14:15,300 --> 00:14:19,100 scope, identifying stakeholders and then meeting with the 240 00:14:19,100 --> 00:14:22,400 stakeholders going through the workshop activities and that 241 00:14:22,400 --> 00:14:25,300 might be a future podcast, as well as like what are these 242 00:14:25,300 --> 00:14:28,300 workshops look like? How do we structure the workshop 243 00:14:28,300 --> 00:14:31,800 sort of the questions but what I like to do in the workshop. 244 00:14:31,800 --> 00:14:34,400 So way I like to see workshops during this for them to be very 245 00:14:34,400 --> 00:14:37,300 interactive. It's not for us to kind of be 246 00:14:37,300 --> 00:14:42,100 interrogating or just asking one way questions and just taking 247 00:14:42,100 --> 00:14:43,900 notes. So the more that we're 248 00:14:43,900 --> 00:14:47,200 interacting and white boarding or going through diagrams and 249 00:14:47,200 --> 00:14:51,800 process flow charts the better and then coming out of that and 250 00:14:51,800 --> 00:14:55,100 kind of the reason we use the term assess is that some things 251 00:14:55,100 --> 00:14:57,100 are going to jump out at you right away. 252 00:14:57,100 --> 00:15:01,000 Like you know this process is broken or this process works 253 00:15:01,000 --> 00:15:03,900 really well is the strength within the organization is a 254 00:15:03,908 --> 00:15:05,800 weakness, want to make sure we die. 255 00:15:06,000 --> 00:15:09,200 Come in all those and then kind of be able to tell the story. 256 00:15:09,300 --> 00:15:13,000 You know what is it that needs to improve? 257 00:15:13,000 --> 00:15:16,000 What are the drivers for this program? 258 00:15:16,200 --> 00:15:18,500 Why is it important to do something? 259 00:15:19,200 --> 00:15:20,700 So I don't know. What are your thoughts on that, 260 00:15:20,700 --> 00:15:23,600 Jeff? Yeah, yeah, that's right on. 261 00:15:23,600 --> 00:15:26,400 I think one of the things that typically ends up being with the 262 00:15:26,408 --> 00:15:28,900 hardest parts of the engagements that we work through, with our 263 00:15:28,900 --> 00:15:32,100 customers is trying to get that attendance. 264 00:15:32,100 --> 00:15:33,700 Right? For those workshops and having 265 00:15:33,700 --> 00:15:37,700 people be available, It is an investment of time, right to get 266 00:15:37,700 --> 00:15:42,400 those folks in there, but it's certainly beneficial, you know, 267 00:15:42,408 --> 00:15:44,700 definitely for the customer and definitely for us, they will 268 00:15:44,700 --> 00:15:46,100 understand. Well, how does it really work 269 00:15:46,100 --> 00:15:47,700 today, right? Because you can have things that 270 00:15:47,700 --> 00:15:50,100 are written down on paper and processes Etc. 271 00:15:50,700 --> 00:15:54,400 And that's great, but that may not actually capture what's 272 00:15:54,400 --> 00:15:56,400 really happening, right? So if we can get folks in the 273 00:15:56,400 --> 00:15:59,800 room you know set up a safe space, right to have those 274 00:15:59,800 --> 00:16:03,400 conversations and and figure out, you know, how do we solve 275 00:16:03,400 --> 00:16:05,500 some of the issues that we hear at? 276 00:16:06,000 --> 00:16:08,900 UPS out quite a bit. You know, when you talk about 277 00:16:08,900 --> 00:16:11,800 the assessment, I always find interesting and I know we both 278 00:16:11,800 --> 00:16:15,100 asked this question a lot, you know, from an assessment 279 00:16:15,100 --> 00:16:18,300 perspective, you know, are we right on, you know, do they 280 00:16:18,400 --> 00:16:21,500 does, the does, the customer agree with us or do they have a 281 00:16:21,500 --> 00:16:23,300 different perception? So it's always interesting to 282 00:16:23,300 --> 00:16:26,300 kind of have that conversation. So, yeah, we knew that we 283 00:16:26,300 --> 00:16:29,700 weren't doing so great here. And, you know, that's, that's 284 00:16:29,700 --> 00:16:32,100 kind of what we're expecting. I don't think I've ever come 285 00:16:32,100 --> 00:16:35,200 across one. Where, you know, we've done an 286 00:16:35,200 --> 00:16:37,900 assessment. Aunt and provided, you know, 287 00:16:37,900 --> 00:16:41,300 here's why we think your ex and the customer saying, well, 288 00:16:41,308 --> 00:16:42,700 you're totally wrong. This is why. 289 00:16:42,700 --> 00:16:45,600 We're we're so much better than what you think, right? 290 00:16:46,700 --> 00:16:48,700 It's we're usually pretty right on with that. 291 00:16:48,800 --> 00:16:50,500 I don't know if you've ever encountered that from an 292 00:16:50,500 --> 00:16:53,600 assessment perspective, but I think companies kind of break 293 00:16:53,600 --> 00:16:56,100 you to brace themselves for the worst and maybe some tens or 294 00:16:56,100 --> 00:16:59,000 pleasantly surprised or, you know, they agree with the 295 00:16:59,000 --> 00:17:01,300 assessment. But I've never seen the opposite 296 00:17:01,300 --> 00:17:05,800 where they thought they were doing a lot better than you. 297 00:17:05,900 --> 00:17:09,200 Maybe what they really were. I've done, I think you're right 298 00:17:09,200 --> 00:17:11,000 on with that point. I think you're right on with 299 00:17:11,000 --> 00:17:14,700 that point. One thing that I are two points 300 00:17:14,700 --> 00:17:16,000 that I wanted to throw out there. 301 00:17:16,000 --> 00:17:21,599 One is this my perspective is like this is your strategy 302 00:17:21,700 --> 00:17:24,800 because a lot of times will and so that drives a certain 303 00:17:24,800 --> 00:17:30,100 perspective well you don't need to know every iota of detail or 304 00:17:30,300 --> 00:17:32,400 make a strategy. You need to know we're going to 305 00:17:32,408 --> 00:17:34,400 give areas of improvement, you know? 306 00:17:34,400 --> 00:17:38,300 If the the way Passwords are managed is a problem. 307 00:17:38,500 --> 00:17:42,600 You don't need to know every different aspect of the password 308 00:17:42,600 --> 00:17:47,600 management policy or, you know, from a strategic perspective. 309 00:17:47,600 --> 00:17:51,000 If you know that the tool is the problem, the tool needs to be 310 00:17:51,000 --> 00:17:54,700 replaced, then that really ought to drive the strategy. 311 00:17:54,700 --> 00:17:57,700 So you don't want to get burdened with too much detail. 312 00:17:57,700 --> 00:18:00,700 And I think a lot of times in the projects that we've worked 313 00:18:00,700 --> 00:18:03,100 on some of our clients. Thank you guys are here. 314 00:18:03,100 --> 00:18:06,900 You need to know every detail we need to meet Every stakeholder, 315 00:18:06,900 --> 00:18:10,100 anybody who has anything to do with passwords, and it's just 316 00:18:10,100 --> 00:18:13,300 not the case. The other point I wanted to 317 00:18:13,300 --> 00:18:16,300 bring out is that, you know, we talked about it as a workshop 318 00:18:16,300 --> 00:18:20,100 and, you know, at least from a denture, we perspective, these 319 00:18:20,100 --> 00:18:23,300 are engagements. So we're going in and, and we 320 00:18:23,300 --> 00:18:27,100 want to try and get all of this information in a week. 321 00:18:27,100 --> 00:18:29,800 So we try to schedule all the meetings in a week. 322 00:18:30,100 --> 00:18:35,300 I feel like if our listeners are going out and trying to do this 323 00:18:35,300 --> 00:18:37,200 on their own, Own. They should take that same 324 00:18:37,200 --> 00:18:39,400 perspective. If you spread these meetings out 325 00:18:39,400 --> 00:18:44,300 over several weeks or much worse of several months, you're going 326 00:18:44,300 --> 00:18:46,600 to lose momentum, I'll get it done. 327 00:18:47,000 --> 00:18:49,400 You'll never get it done. You'll forget things. 328 00:18:49,500 --> 00:18:52,900 So it's going to be one more person to talk to, and it 329 00:18:52,900 --> 00:18:56,500 doesn't create an event. It doesn't create, like, one of 330 00:18:56,500 --> 00:19:01,000 the things I think about when folks hire us is that the 331 00:19:01,008 --> 00:19:03,400 Consultants are coming in? They're going to be here this 332 00:19:03,400 --> 00:19:05,700 week. You need to be ready, right? 333 00:19:05,900 --> 00:19:08,600 Yourself available, right? Yeah, make yourself available 334 00:19:08,900 --> 00:19:11,500 going to do one off exceptions. You can do a phone call next 335 00:19:11,500 --> 00:19:13,600 week. If you can't be there, you're on 336 00:19:13,600 --> 00:19:17,100 vacation or whatever. The reason is, we don't let it 337 00:19:17,100 --> 00:19:20,100 drag out three weeks. It's kind of like if you can't 338 00:19:20,100 --> 00:19:23,100 talk for three weeks, your perspectives not going to be 339 00:19:23,100 --> 00:19:24,700 included. And you know, I don't mean to be 340 00:19:24,700 --> 00:19:27,500 so harsh and you know, you don't really need to be that harsh, 341 00:19:27,500 --> 00:19:31,200 but if you have several groups or saying like yeah, you know, 342 00:19:31,600 --> 00:19:35,000 if it's just not important enough for them, that's a bigger 343 00:19:35,000 --> 00:19:39,200 problem. And so that that is it to me as 344 00:19:39,200 --> 00:19:41,800 like you've got to kind of create an event, you've got to 345 00:19:41,800 --> 00:19:45,900 have these be a sense of urgency around it, right? 346 00:19:46,000 --> 00:19:48,000 I mean, what's perfect. Let's get people in the room. 347 00:19:48,000 --> 00:19:50,200 Let's get this conversation. We know it's an issue. 348 00:19:50,800 --> 00:19:54,200 We've got these, you know, high-powered Consultants coming 349 00:19:54,200 --> 00:19:55,900 in. You know, what's take advantage 350 00:19:55,900 --> 00:20:00,600 of their time set aside the time to so we can get this done. 351 00:20:01,300 --> 00:20:03,000 That's typically why I think it's why the hardest parts right 352 00:20:03,000 --> 00:20:05,700 trying to get those folks to buy into that? 353 00:20:05,900 --> 00:20:09,200 Says get availability, you know, the bigger the team, the bigger 354 00:20:09,200 --> 00:20:11,900 the number, or larger number of stakeholders, just becomes that 355 00:20:11,900 --> 00:20:14,200 much more difficult. So, the other thing to think 356 00:20:14,200 --> 00:20:17,400 it's, we try to keep it more core and bring in other folks as 357 00:20:17,400 --> 00:20:19,300 needed that sometimes can help with that as well. 358 00:20:19,700 --> 00:20:22,300 Because most companies they typically have like a core kind 359 00:20:22,300 --> 00:20:26,000 of I am T whether or not, they're truly a team or not, you 360 00:20:26,008 --> 00:20:27,400 know. There's, there's typically a 361 00:20:27,400 --> 00:20:29,100 handful of people really know how it works. 362 00:20:29,100 --> 00:20:32,000 And then you've got supporting characters around that might be 363 00:20:32,300 --> 00:20:35,700 subject matter expert experts in a given area that don't 364 00:20:35,800 --> 00:20:38,000 necessarily need to be there full time, but we certainly 365 00:20:38,000 --> 00:20:40,600 would like to have an hour, two hours, three hours of their 366 00:20:40,600 --> 00:20:42,500 time. So that we can, you know, 367 00:20:42,500 --> 00:20:44,900 understand their side of it. But that definitely comes into 368 00:20:44,900 --> 00:20:47,400 place, right? Right. 369 00:20:47,800 --> 00:20:50,900 And so, you know, moving on from the assessment, I think you made 370 00:20:50,900 --> 00:20:53,800 a good point. We like, to, with our 371 00:20:53,800 --> 00:20:56,400 assessment, bring it back to the client, have them review. 372 00:20:56,400 --> 00:20:59,900 It verified that it's comprehensive and complete. 373 00:20:59,900 --> 00:21:03,400 We didn't forget something. We didn't state facts 374 00:21:03,400 --> 00:21:05,700 incorrectly. Usually that's not the case. 375 00:21:06,100 --> 00:21:11,800 It's good to do a quality check and then we move on to making 376 00:21:11,800 --> 00:21:14,900 recommendations and our recommendations are typically 377 00:21:14,900 --> 00:21:18,600 based on best practices. So we know what the problems are 378 00:21:18,600 --> 00:21:22,400 in the environment and we know what are the common industry 379 00:21:22,400 --> 00:21:27,100 Solutions, but more so than just Technology Solutions, it's 380 00:21:28,200 --> 00:21:32,100 there's some major themes that we generally look toward like 381 00:21:32,400 --> 00:21:38,400 centralization automation. You know, consistent processes. 382 00:21:38,400 --> 00:21:40,700 So that you know say you're working with a large 383 00:21:40,700 --> 00:21:43,400 organization, they do things, different ways in different 384 00:21:43,400 --> 00:21:45,900 departments, trying to drive toward once. 385 00:21:46,000 --> 00:21:50,300 One common way of doing things is those are the typical 386 00:21:50,300 --> 00:21:52,100 drivers. I'm not going to say that. 387 00:21:52,500 --> 00:21:56,100 You know there's work for a hundred percent of organizations 388 00:21:56,100 --> 00:22:00,300 but probably high 90s, you know, doing things from a central 389 00:22:00,300 --> 00:22:03,600 perspective or at least having certain things done from a 390 00:22:03,600 --> 00:22:07,400 central perspective. You know, it's not always the 391 00:22:07,400 --> 00:22:10,200 case that you want to automate something, but you don't have a 392 00:22:10,200 --> 00:22:13,000 framework for automating where it makes sense. 393 00:22:13,000 --> 00:22:18,300 So that's really what we do from a recommendation standpoint. 394 00:22:18,300 --> 00:22:21,600 And of course, you know, Jeff and I have a lot of experience 395 00:22:21,600 --> 00:22:25,500 in the space. So we kind of a lot of these 396 00:22:25,500 --> 00:22:30,000 things are second nature to us, but a lot of the, the benefits 397 00:22:30,000 --> 00:22:32,400 that you get and kind of some of these best practices. 398 00:22:32,400 --> 00:22:36,800 Like I talked about are also if Think about any kind of 399 00:22:36,800 --> 00:22:40,100 Enterprise projects you're looking at and active directory 400 00:22:40,100 --> 00:22:43,000 project or something like that, it would be the same kind of 401 00:22:43,000 --> 00:22:49,500 theme centralization automation. So so those are our, the drivers 402 00:22:49,500 --> 00:22:52,300 one of the ways you can, you know, if you're not working with 403 00:22:52,300 --> 00:22:55,900 a consultant that you can start to get some ideas on how the 404 00:22:55,900 --> 00:22:58,900 industry solves these problems would be to start to bring 405 00:22:58,900 --> 00:23:02,100 vendors in, you to, you know, present them. 406 00:23:02,100 --> 00:23:05,100 Here are the problems. What are your, you know, how 407 00:23:05,100 --> 00:23:07,800 would you go? Solving these problems that's 408 00:23:07,800 --> 00:23:10,900 going to give you some information now from the 409 00:23:10,900 --> 00:23:13,400 adventure of your perspective. That's not how we operate 410 00:23:13,400 --> 00:23:17,700 because we do it from a vendor agnostic, premium cream of mind. 411 00:23:17,700 --> 00:23:21,100 We you know we want to say you know if we were in your shoes is 412 00:23:21,100 --> 00:23:24,000 how we would do it. We based it on our experience. 413 00:23:24,000 --> 00:23:28,200 So I think anybody could implement the framework but 414 00:23:28,400 --> 00:23:31,200 nobody can Implement Jim McDonald's experience except for 415 00:23:31,200 --> 00:23:34,200 Jim McConnell because I'm the only one who has my set of 416 00:23:34,208 --> 00:23:37,600 experience in Jeff is the only one who has his and everybody 417 00:23:37,600 --> 00:23:40,700 who's listening is the only person who has there's Rob but 418 00:23:40,700 --> 00:23:42,500 you know. So that's kind of how we go 419 00:23:42,500 --> 00:23:46,200 about the recommendations, kind of some of the major elements of 420 00:23:46,200 --> 00:23:49,800 recommendations are going to be you know, people process and 421 00:23:49,800 --> 00:23:52,000 Technology. What are the things that would 422 00:23:52,800 --> 00:23:56,500 go about solving kind of the assessment doing kind of a gap 423 00:23:56,500 --> 00:23:59,600 down analysis. You know, here are the gaps and 424 00:23:59,800 --> 00:24:04,000 here the recommended Solutions. Another thing I would say is a 425 00:24:04,008 --> 00:24:05,700 lot of things that are going to come out of. 426 00:24:05,800 --> 00:24:08,400 Assessment have nothing to do with technology. 427 00:24:08,400 --> 00:24:12,200 They just have to do with how you're running your IM program. 428 00:24:12,600 --> 00:24:15,700 One of our recommendations is always gotta run. 429 00:24:15,700 --> 00:24:17,100 I am as a program. I'm sorry. 430 00:24:17,100 --> 00:24:20,000 Jeff, go ahead, no, no, I mean, you're right Honest, this is an 431 00:24:20,000 --> 00:24:22,200 area. I think that it's, it's easy to 432 00:24:22,200 --> 00:24:25,500 become overwhelmed, right? It's there's so many things that 433 00:24:25,500 --> 00:24:29,100 might come out of just recommendations, but a lot of it 434 00:24:29,200 --> 00:24:31,600 typically doesn't tend to be technology-based, right? 435 00:24:31,600 --> 00:24:36,200 It's more on the process side. You know, one of the Questions 436 00:24:36,200 --> 00:24:38,600 that we like to ask. You know, why do you do, what do 437 00:24:38,608 --> 00:24:41,100 you do with that way? And sometimes no one really has 438 00:24:41,100 --> 00:24:44,500 a good reason, why rights? No one, no one figured out or 439 00:24:44,500 --> 00:24:48,200 wanted to kind of rock the boat. And, you know, maybe we play bad 440 00:24:48,200 --> 00:24:49,900 cop. He was part of the part of the 441 00:24:49,900 --> 00:24:51,100 part of the process, the same people. 442 00:24:51,100 --> 00:24:52,900 Why you do it that way, what about this? 443 00:24:52,900 --> 00:24:56,100 And kind of ask those questions. You know, you don't ask those, 444 00:24:56,100 --> 00:24:59,400 you'll never get either a path for sometimes, but it's easy to 445 00:24:59,400 --> 00:25:02,100 get overwhelmed, especially, you know, with some of our larger 446 00:25:02,100 --> 00:25:05,200 engagements, where, you know, you may end up with like over 447 00:25:05,200 --> 00:25:07,900 100 What'd you know, individual recommendations? 448 00:25:08,400 --> 00:25:11,600 You can't solve everything all at once and you know, that 449 00:25:11,600 --> 00:25:12,900 probably leads us into the next part. 450 00:25:12,900 --> 00:25:15,400 Here, we talked about roadmap of, how do you prioritize? 451 00:25:15,600 --> 00:25:18,600 You know what goes first? You know, is self-service 452 00:25:18,600 --> 00:25:21,900 password, reset more important because your help desk is, you 453 00:25:21,900 --> 00:25:26,000 know, drowning in those calls or is privileged access management, 454 00:25:26,000 --> 00:25:28,200 you know, more important because you're not doing anything there, 455 00:25:28,500 --> 00:25:30,800 right? How do you figure out you know 456 00:25:30,800 --> 00:25:34,600 which which area comes first? Yeah, well there's there's 457 00:25:34,600 --> 00:25:36,200 really no Silver Bullet for that. 458 00:25:36,200 --> 00:25:39,200 I mean then you've got to look at what are the drivers in the 459 00:25:39,200 --> 00:25:42,500 organization. Let's just say, you know, you 460 00:25:42,500 --> 00:25:45,800 think the drivers automation we go into certain clients and we 461 00:25:45,800 --> 00:25:49,200 just say my God you guys are drowning in Risk, right? 462 00:25:49,400 --> 00:25:54,000 So another organizations are driven by risk and you know it 463 00:25:54,000 --> 00:25:58,000 say Wow you guys could be doing the doing everything so much 464 00:25:58,000 --> 00:26:01,800 better if you just had some automation, but usually it's a 465 00:26:01,800 --> 00:26:03,800 balance of all those. That's risk. 466 00:26:03,800 --> 00:26:08,000 It's automation, it's opportunity for, you know, 467 00:26:08,000 --> 00:26:12,400 enabling new technologies and and certain things are going to 468 00:26:12,408 --> 00:26:15,500 Bubble to the top. One thing that I think almost 469 00:26:15,500 --> 00:26:20,400 never wants to be heard but is the cases that you're going to 470 00:26:21,400 --> 00:26:23,700 introduce a lot of new technology footprint. 471 00:26:23,700 --> 00:26:26,500 So say you're going to put an access management single sign-on 472 00:26:26,500 --> 00:26:30,300 system in place. You're going to have some one 473 00:26:30,300 --> 00:26:33,700 call it heavy lifting but there's some That needs to be 474 00:26:33,700 --> 00:26:36,000 laid down. There's going to need to be some 475 00:26:36,500 --> 00:26:40,500 basic work put into play to configure the system, you're 476 00:26:40,500 --> 00:26:44,100 going to have to do, you know, Implement maybe one system as 477 00:26:44,100 --> 00:26:49,200 kind of a proof of concept. Just to make sure that, you 478 00:26:49,200 --> 00:26:52,700 know, nobody wants to do a big bang approach, even the smallest 479 00:26:52,700 --> 00:26:54,900 Enterprises, don't want to do big bang. 480 00:26:55,100 --> 00:26:59,300 So you've got to think about things in phases, but I'd say, 481 00:26:59,600 --> 00:27:02,200 you know, more and more is moving to the cloud. 482 00:27:02,500 --> 00:27:05,600 You can. The structure of a is is either 483 00:27:05,600 --> 00:27:09,000 eliminated or shrunk down considerably but not everything 484 00:27:09,000 --> 00:27:12,100 is moving to the cloud and this is a good blog topic for our 485 00:27:12,800 --> 00:27:15,400 podcast, topic. For the future is to talk about, 486 00:27:15,400 --> 00:27:18,700 you know, access management. Single sign-on is something that 487 00:27:19,000 --> 00:27:24,200 is moving out to the cloud dramatically quicker than the 488 00:27:24,200 --> 00:27:26,500 identity governance and administration space. 489 00:27:26,800 --> 00:27:32,100 That's because companies the way they do identity Administration 490 00:27:32,100 --> 00:27:34,400 and governance. Varies much more from 491 00:27:34,400 --> 00:27:36,900 organization organization, the fields. 492 00:27:36,900 --> 00:27:43,600 They have to manage and govern and provision it just it there's 493 00:27:43,600 --> 00:27:45,600 so much more variance or a single. 494 00:27:45,600 --> 00:27:48,800 Sign-on has really driven towards some of these Federation 495 00:27:48,800 --> 00:27:55,300 protocol standards like saml 2.0 and open ID, open ID connect and 496 00:27:57,100 --> 00:27:59,000 there's things have been able to move out to the cloud. 497 00:27:59,000 --> 00:28:02,200 And there's now integration patterns that will be able to 498 00:28:02,200 --> 00:28:07,000 take Cloud-based single sign-on and connected to applications, 499 00:28:07,000 --> 00:28:14,200 that are even on-premise hosted. So, You know, I guess what the 500 00:28:14,200 --> 00:28:17,400 point that I was making was, you know, don't forget kind of 501 00:28:17,400 --> 00:28:21,100 infrastructure phases. Don't think that you can just 502 00:28:21,100 --> 00:28:25,500 say our Phase 1 is going to be it just integrating applications 503 00:28:25,500 --> 00:28:28,600 because you're going to have to get those confused early 504 00:28:28,600 --> 00:28:31,900 configurations and maybe see a structure sign up as well. 505 00:28:32,200 --> 00:28:35,400 That's kind of the traditional element, but they'll change to 506 00:28:35,400 --> 00:28:37,800 write a mean. What if you're working on a road 507 00:28:37,800 --> 00:28:40,700 map and especially if it's like any roadmap Beyond a year, 508 00:28:41,200 --> 00:28:42,700 Right. There's gonna be changes that 509 00:28:42,700 --> 00:28:44,500 come along the way. So you need to be able to be 510 00:28:44,500 --> 00:28:49,200 flexible and adapt as things comes down down the penguin. 511 00:28:50,500 --> 00:28:53,600 I think if somebody's out there listening and say, well, how do 512 00:28:53,600 --> 00:28:55,900 I apply this to me because they can afford to go out and get 513 00:28:55,900 --> 00:28:57,700 Consultants? How am I going to build my? 514 00:28:57,700 --> 00:29:02,500 I am strategy and I think the hardest part is less coming up 515 00:29:02,500 --> 00:29:08,300 with what the, you know, I think anybody may not anybody but most 516 00:29:08,300 --> 00:29:10,700 of us can look at these problems. 517 00:29:10,900 --> 00:29:13,600 Look at the vendor solutions that are out there. 518 00:29:14,300 --> 00:29:16,700 Read what they say on their website, a watch their YouTube 519 00:29:16,700 --> 00:29:19,800 videos. And say, I think this will solve 520 00:29:19,800 --> 00:29:23,500 the problem. The hard part is being confident 521 00:29:23,500 --> 00:29:26,500 that, yeah, it'll solve the problem is. 522 00:29:26,500 --> 00:29:29,900 So that's why I think that, you know, why, or one of the reasons 523 00:29:29,900 --> 00:29:33,400 why organizations want Jim and Geoff to come in to help is 524 00:29:33,400 --> 00:29:36,700 that, you know what we've seen, and we can base it on our 525 00:29:36,700 --> 00:29:40,500 experience to say, yeah, yes, we have to be very confident, you 526 00:29:40,500 --> 00:29:41,700 don't. To come up with the strategy 527 00:29:41,700 --> 00:29:46,500 that you're not 100% confident. If you don't have that 528 00:29:46,500 --> 00:29:49,200 experience, if you don't have that experience, I think it 529 00:29:49,200 --> 00:29:52,200 really you're going to have to go the extra mile and tap into 530 00:29:52,200 --> 00:29:58,200 whatever, whatever resources you have available to you. 531 00:29:58,200 --> 00:30:01,500 And one of the best ways. One of the ways, I learned a lot 532 00:30:01,500 --> 00:30:06,500 about identity access management was tapping into my colleagues 533 00:30:06,500 --> 00:30:10,300 at other companies, and my friends who were in the space 534 00:30:10,300 --> 00:30:13,700 and message boards and things like that because, you know, 535 00:30:13,700 --> 00:30:16,300 there are people out there who Ooh, love sharing information, 536 00:30:16,400 --> 00:30:19,200 Jeff you and I are doing this podcast today because we love 537 00:30:19,200 --> 00:30:22,900 sharing information, there's ways to get the information on 538 00:30:22,900 --> 00:30:26,400 ways to get people's opinions. I'd say also within your 539 00:30:26,400 --> 00:30:31,100 organization I am is you know, I am as a technical Beast unto 540 00:30:31,100 --> 00:30:35,900 itself but a lot of the architecture design are going to 541 00:30:35,900 --> 00:30:40,500 do you know pulling some of the Enterprise architecture team or 542 00:30:40,500 --> 00:30:44,500 if you have other resources like that you can tap into to help 543 00:30:44,500 --> 00:30:45,900 you. Sure that you're following good. 544 00:30:45,900 --> 00:30:48,500 Architecture design principles, right? 545 00:30:48,500 --> 00:30:49,900 What's that experience? I think that's, that's the 546 00:30:49,908 --> 00:30:52,300 important thing. But, you know, this is one of 547 00:30:52,300 --> 00:30:55,500 the reasons why I moved into Consulting was when you work for 548 00:30:55,500 --> 00:31:00,000 a single company, you know, how they do it and, you know, the 549 00:31:00,000 --> 00:31:03,500 tools that they used and when you're in Consulting you're 550 00:31:03,500 --> 00:31:05,800 saying how way more companies do it? 551 00:31:06,000 --> 00:31:09,200 You're getting a you know, much broader exposure to a larger 552 00:31:09,200 --> 00:31:13,700 number of tools and you get to see much quicker what works what 553 00:31:13,700 --> 00:31:17,000 doesn't work How particular issue might have been solved in 554 00:31:17,000 --> 00:31:19,700 one organization and, you know, that's where that experience 555 00:31:19,700 --> 00:31:22,100 Factor comes in. And you pull that, you know, 556 00:31:22,200 --> 00:31:24,900 situation over and say, okay, this is very similar to what we 557 00:31:24,900 --> 00:31:27,100 saw at company X. Now that we're company. 558 00:31:27,100 --> 00:31:28,600 Why? Yeah, you know what we've seen 559 00:31:28,600 --> 00:31:30,800 something similar to that? Let's talk about how this might 560 00:31:30,800 --> 00:31:36,700 work, that certainly helps. And that goes back to reaching 561 00:31:36,700 --> 00:31:40,000 out to your network, right? Trying to figure out everyone 562 00:31:40,000 --> 00:31:42,300 struggles, with very similar problems, you know, for the most 563 00:31:42,300 --> 00:31:48,300 part, it's Very rare that not very rare, but a lot of 564 00:31:48,300 --> 00:31:50,200 companies struggle with very similar problems, which is see 565 00:31:50,200 --> 00:31:52,500 that, that right? If you can talk with more folks, 566 00:31:52,500 --> 00:31:55,400 in your networks etcetera and see how they solved it, there 567 00:31:55,400 --> 00:32:00,100 may be components of their solution that might be able to 568 00:32:00,100 --> 00:32:03,200 apply to fix your own. And, you know, once you talk to 569 00:32:03,200 --> 00:32:06,000 enough folks and try to get enough data points, you start to 570 00:32:06,000 --> 00:32:07,500 build that that confidence level that. 571 00:32:07,500 --> 00:32:09,400 Yeah, okay. Here's the right way to approach 572 00:32:09,400 --> 00:32:13,600 it. So, having that broad Network 573 00:32:13,600 --> 00:32:16,200 and being able to talk with, Folks, you know, go to 574 00:32:16,200 --> 00:32:18,400 conferences, you know, commiserate with the folks 575 00:32:18,400 --> 00:32:20,700 there. Yeah, I think I'm going to just, 576 00:32:20,700 --> 00:32:23,000 you know, be straight up and up front with some of the vendors, 577 00:32:23,000 --> 00:32:24,900 right? So if you bring in a bender and 578 00:32:24,900 --> 00:32:28,400 you guys specific problem, tell them what it is and see how they 579 00:32:28,400 --> 00:32:30,500 would solve it right. That might help you understand 580 00:32:30,500 --> 00:32:33,800 it sure they're gonna try and sell you their product but take 581 00:32:33,800 --> 00:32:36,800 the information and as you're comparing different vendors see 582 00:32:36,800 --> 00:32:40,500 how each one handles it. You may find that a you know the 583 00:32:40,500 --> 00:32:42,600 vendor a is better at what you're looking for. 584 00:32:42,600 --> 00:32:45,800 Specifically specifically the vendor be Even though vendor me 585 00:32:45,800 --> 00:32:47,900 might be the big dog right in the industry. 586 00:32:48,200 --> 00:32:51,300 So there's no, there's no Silver Bullet like you put it before. 587 00:32:52,300 --> 00:32:55,800 Yeah. So after we go through a says, 588 00:32:55,800 --> 00:32:58,900 recommend and roadmap now you have your strategy. 589 00:32:59,200 --> 00:33:03,600 I think the final step now is communicate communicate 590 00:33:03,600 --> 00:33:08,400 communicate tell everybody about your strategy presented to your 591 00:33:08,400 --> 00:33:14,000 peers presented back to the folks that participated in 592 00:33:14,200 --> 00:33:17,100 helping you You define what's working well, and what's not 593 00:33:17,100 --> 00:33:20,200 working? Well, get by in, right? 594 00:33:20,300 --> 00:33:23,700 And I would really start if you can kind of at more of the 595 00:33:23,700 --> 00:33:28,200 Grassroots level, the people who participated and then work your 596 00:33:28,200 --> 00:33:30,400 way up the channel. So that you're presenting to you 597 00:33:30,400 --> 00:33:34,000 an executive team, letting them know that you have buy-in leg 598 00:33:34,000 --> 00:33:38,200 them, know how you got to build the strategy who you talked 599 00:33:38,200 --> 00:33:41,000 with, and that you've gone back to those teams and they're 600 00:33:41,000 --> 00:33:47,300 buying in and it, my Experienced executive teams are going to 601 00:33:47,300 --> 00:33:48,900 want to know. Does everybody agree with? 602 00:33:48,900 --> 00:33:52,800 Does everybody agree that this is is the solution and then 603 00:33:52,800 --> 00:33:57,200 they're going to want to know how much does it cost, everybody 604 00:33:57,200 --> 00:33:58,800 agree. And how much does it cost, 605 00:33:58,800 --> 00:34:00,500 right? Yeah. 606 00:34:00,500 --> 00:34:04,500 But I mean and and again probably a another topic for 607 00:34:04,500 --> 00:34:07,900 another time is really going about communicating, but that's 608 00:34:08,400 --> 00:34:11,600 kind of the soft skills, right? It's about marketing, right? 609 00:34:12,199 --> 00:34:14,500 It is that, when you're at, that point is all about. 610 00:34:14,699 --> 00:34:16,100 Marketing. You got to be able to 611 00:34:16,100 --> 00:34:19,400 communicate approval and you start going into projects. 612 00:34:19,400 --> 00:34:22,900 That's where the technology is going to be technical skills are 613 00:34:22,900 --> 00:34:27,400 going to be even more valuable because if you're a program 614 00:34:27,400 --> 00:34:29,900 manager and you're running projects, you don't want to get, 615 00:34:31,600 --> 00:34:34,800 you don't want to get technobabble to death or or 616 00:34:34,800 --> 00:34:39,500 tricked. You want to be able to evaluate 617 00:34:39,500 --> 00:34:42,500 that yourself and make sure that you get it. 618 00:34:42,500 --> 00:34:45,100 That was always my thing, you know, there's Was 619 00:34:45,900 --> 00:34:51,900 technology-related that was you know, outside of my expertise. 620 00:34:52,199 --> 00:34:56,000 I see explain it to me until I understand it and eventually I 621 00:34:56,007 --> 00:34:59,100 would not either understand it or they couldn't explain it to 622 00:34:59,100 --> 00:35:01,600 me in a way that I understood and then I didn't want anything 623 00:35:01,600 --> 00:35:03,800 to do with it. Yeah. 624 00:35:03,800 --> 00:35:07,400 You can't articulate the value of whatever it is. 625 00:35:07,400 --> 00:35:10,000 You're trying to do and it's obviously extends Beyond just I 626 00:35:10,000 --> 00:35:12,300 am but you can actually fit articulate. 627 00:35:12,300 --> 00:35:14,500 The value of what the i m Prime is going to bring what your 628 00:35:14,700 --> 00:35:17,200 Trying to do, you're not gonna get the money to do anything. 629 00:35:17,400 --> 00:35:20,400 I mean, right? I mean it's you have to be able 630 00:35:20,400 --> 00:35:24,000 to tell the story of why we're doing this. 631 00:35:24,100 --> 00:35:26,200 What's the benefit for it? How does it make our life 632 00:35:26,200 --> 00:35:29,400 better, right? The trains that will get you the 633 00:35:29,400 --> 00:35:31,100 money. Theoretically. 634 00:35:31,300 --> 00:35:33,800 All right, you know, how much money is always up for today? 635 00:35:33,800 --> 00:35:38,600 I mean budgets are always a, you know, hot button item, some 636 00:35:38,600 --> 00:35:42,200 companies, you know may have, you know, set aside already 637 00:35:42,200 --> 00:35:45,000 money for that or some haven't really in some I've been 638 00:35:45,000 --> 00:35:47,200 thinking about it for a while and you know the longer you 639 00:35:47,200 --> 00:35:48,500 wait. Typically the more you got to 640 00:35:48,508 --> 00:35:51,800 spend up to get caught up, so to speak, but if you can't 641 00:35:51,800 --> 00:35:55,400 articulate the value or what you're trying to do, nobody's 642 00:35:55,400 --> 00:35:57,400 going to approve, any type of spending for that. 643 00:35:58,200 --> 00:36:00,300 Yeah. So you want to be able to start 644 00:36:00,300 --> 00:36:03,000 and start to master that communication strategy of what 645 00:36:03,000 --> 00:36:04,600 is, what are we trying to do here? 646 00:36:04,700 --> 00:36:08,100 Why are we doing it in? And why is it important, right? 647 00:36:08,100 --> 00:36:12,500 Those sorts of things. I think that provides a pretty 648 00:36:12,500 --> 00:36:15,900 good summary of our process. Could probably leave it there 649 00:36:15,900 --> 00:36:17,800 for now. I agree. 650 00:36:17,800 --> 00:36:21,700 I think you know our goal I think today was kind of Kick 651 00:36:21,700 --> 00:36:24,400 this thing off, right? Just started. 652 00:36:24,400 --> 00:36:27,500 And these are the types of conversations will have dive 653 00:36:27,500 --> 00:36:31,300 into some more of these areas will, you know, this really the 654 00:36:31,300 --> 00:36:34,600 plan part that we talked about today we'll talk about build 655 00:36:34,600 --> 00:36:38,600 projects about how to run operations environment. 656 00:36:39,100 --> 00:36:43,100 Does the kind of top Topics that people are interested in. 657 00:36:43,100 --> 00:36:45,700 I think they'll still enjoy this podcast. 658 00:36:46,100 --> 00:36:49,100 Yeah, I'm a really, you know, creates a wide range of topics, 659 00:36:49,100 --> 00:36:51,100 anything it's really Identity or related. 660 00:36:51,300 --> 00:36:56,300 It's probably in scope for us. That's current events topics 661 00:36:56,300 --> 00:36:58,600 that we see come up during our own advisor engagements that 662 00:36:58,600 --> 00:37:00,900 were working on and you have items that we might come across. 663 00:37:00,900 --> 00:37:03,800 That people might find interesting. 664 00:37:04,200 --> 00:37:06,600 And if those us, particularly, if there's a particular, you 665 00:37:06,600 --> 00:37:09,500 know, topic or if you've got a question or just general 666 00:37:09,500 --> 00:37:11,000 feedback, you can always email us. 667 00:37:11,100 --> 00:37:22,800 That questions at identity at the center.com, awesome. 668 00:37:22,800 --> 00:37:24,600 Jeff. I think it was great. 669 00:37:24,700 --> 00:37:28,300 I think that was it for our first one so we're going to call 670 00:37:28,300 --> 00:37:31,000 it there and thanks all for listening to take care.