It’s been two years since we launched the Let’s Talk About Digital Identity podcast! Two successful series later*, we’re celebrating LTADI’s second anniversary by reflecting on some nuggets of wisdom from our fantastic guest line-up.
*There’s just one new episode left to be released in series 2 before we take a short break! Make sure you subscribe on your favourite podcast platform so you don’t miss series 3 announcements and releases.
Don Thibeau, Executive Director of the OpenID Foundation
Don: “I think of passwords as the cockroaches of our industry. No matter how we try and stomp them and eliminate them, they keep popping up. I hate passwords. I hate passwords because it gives a false sense of security. I hate passwords because if you look at the very substantial and very harmful breaches that have occurred in large companies and small, in governments and banks, more often than not, it’s not that someone has breached the firewall. It’s that someone has gained access to a password in a social account.
Our disruption in the US election occurred because a campaign staffer had his email password stolen and thus that was the breach for the political system and has had cascading effects. To say nothing of the enormous financial damage done in breaches and financial institutions, all because password is the weak link in the chain.
Now increasingly, leading companies like Amazon and others use the password in very minimal ways. They use artificial intelligence, machine learning and other signals from your cell phone to establish that that is in fact you.
But passwords are harmful because for a small company or a medium-sized company that doesn’t have access to AI expertise, doesn’t have a substantial security infrastructure, it’s easy to deploy passwords. So they are the cockroaches of our system. They’re not going away. But they’re becoming less and less important.” [Listen/View full transcript]
Emma Lindley, Co-founder of Women in Identity
Women in Identity’s vision statement is “Digital identity solutions built FOR everyone are built BY everyone”. To be less concise, the digital identity industry is building solutions for all kinds of people – therefore the teams building the solutions should be as diverse as the people who will be using those solutions (and as diverse as the problems they’re trying to solve). Diversity in teams reduces the risk of bias being built into solutions, and increases their ability to problem solve creatively. Women in Identity is a volunteer-run, international not-for-profit membership organisation that promotes diversity and inclusion across the identity industry.
Bengt Berg, Head of Compliance Management Services at Cybercom
A stark truth. An organisation has so many systems that sometimes it’s hard to keep track of them, and they get left unprotected. This is the perfect target for a hacker. Compliance helps in keeping an inventory of the platform and systems. CIAM (Customer Identity and Access Management) also helps by reducing the number of data repositories, so those left-behind systems can’t be accessed unless someone authenticates through the CIAM system.
David Doret, Deputy CISO and IAM Manager at BNP Paribas and Founder of Open-Measure
Identity and Access Management (IAM) touches every stakeholder in the organisation from CEO to customer. For this reason, it should not just be IT’s responsibility. The benefits of IAM and Customer IAM go way beyond just security – think of operational efficiency, enhanced customer experience, regulatory compliance and many more – that several departments and stakeholders should be engaged with getting the most out of your IAM solution.
Khalid Maliki, Co-Founder & Managing Director, and Jimmy J.P. Snoek, Co-Founder & CEO at Tykn
There’s no doubt that SSI (or Self-Sovereign Identity) has been a major identity buzzword in recent years. While views differ about timelines and methods for mass adoption – there’s no doubt that there’s more to come from this exciting technology.
We’ve got one more great episode to release in series 2 of the Let’s Talk About Digital Identity podcast, after which we’ll be taking a short break.