Call toll free:
1.877.898.2905

Subscribe


Calendar


Search


Ping Identity > Blogs > Ping Talk 

Ping Talk Blog

Ping Celebrates 500th Customer at Burton Catalyst

July 28, 2010 , Jil Backstrom | Customers, Communities, Cloud, Ping Identity

Jil Backstrom

We achieved a major milestone this week surpassing 500 enterprise and SaaS customers.   We want to personally thank you for choosing Ping.  If you happen to be in San Diego this week for Burton Catalyst, come celebrate with us tonight at the Marriott Gaslamp Altitude bar. 


Where do we go from here? Thoughts from the Summit

July 28, 2010 , John Fontana | Cloud

John Fontana

It was a big-brain mixer last week at Ping’s Cloud Identity Summit (CIS). If you were a sponge, you went home soaking wet.

Integration, standards, services, security, identity, trust, implementation, cooperation, engineering.

Google, VeriSign, PayPal, Salesforce.com, Microsoft, SafeNet, Bitkoo, SecureAuth, Conformity, Ping, Intuit, Bechtel and other vendors and end-users all hit around those concepts and filled in some details.
 
Everyone who needs to play in the cloud identity game seemed to be in the rooms at the Keystone (Colo.) Conference Center for CIS.
 
Ping CEO Andre Durand started with the present, telling password proliferation that it was time to exit stage left. Google concurred. Microsoft’s keynote focused on the future and a unity message.
 
Microsoft technical fellow John Shewchuk highlighted the future with his federation demo, which included a relying party hosted on Amazon EC2, an R-STS running on Windows Azure, an identity provider on Google, and all accessed from Safari running on Windows 7.
 
Alex Balazs (Intuit), Christian Reilly/Brian Ward (Bechtel Corp.) were among end-users telling their trench stories, along with Doug Pierce (Momentum) who went to video with me to outline his story.
 
While some of the standards needed to usher in this cloud identity era are here today, others focused on enterprise identity are still in various forms of development even though they are beginning to become widely known and understood from a needs perspective.
 
OAuth 2, OpenID, trust models, audit, compliance and the like are still on the table, in terms of the enterprise.
 
Technologies such as SAML have been blazing the trail thus far. Burton Group in its May report “Market Profile: Identity Management 2010” calls out XACML and SAML as the important standards for the coming years for federation and the cloud.
 
Chuck Mortimore, product management director for identity and security for Salesforce.com, characterized SAML during his presentation as “entering the early majority phase and is the standard for peer-to-peer federation.”
 
He said the current emerging standards better have one thing in common: be simple and easy to implement.
 
What’s working today, he said, includes SAML, static trust, and the OpenID/OAuth 2.0 hybrid. His list of what’s not working was topped by passwords.
 
So what drove the urgency for nearly 200 people to travel up to the Rocky Mountains for three days of cloud identity dissection? And why is it important for these discussions to be carried into this week’s Burton Group Catalyst conference and another Cloud Identity Summit next year (ED. – mark your calendars for July 2011)?
 
Gartner lays it out this way.
 
Global sales of software-as-a-service (SaaS) in the enterprise application segment will hit $8.5 billion this year. That represents a 14% increase over last year’s enterprise spending ($7.5 billion).
 
Gartner attributes that uptick to the enterprise’s growing approval of cloud computing.  What they left off is the part about securing it, (and some compliance, auditing, etc.) another message that was on the marquee at CIS.
 
“IT managers are thinking strategically about cloud service deployments; more-progressive enterprises are thinking through what their IT operations will look like in a world of increasing cloud service leverage. This was highly unusual a year ago," Gartner said.
 
And while there is a lot more work to be done pulling the infrastructure together to secure cloud computing, the time to make the unusual usual seems to be shrinking. Gartner estimates that in the next five years, companies will spend a cumulative $112 billion on SaaS, platform as a service (PaaS), and infrastructure as a service (IaaS) collectively.
 
John Seely Brown, visiting scholar at the University of Southern California, grabbed the industry's collective brain stem last night to open Burton's Catalyst conference saying that the old inside/out IT architecture is evolving to outside/in and declared it the "new normal."
 
This week, the cloud identity focus will shift to Catalyst where the OpenID Foundation, the Information Card Foundation, the Open Identity Exchange, Kantara Initiative and Identity Commons will demonstrate enterprise uses of open identity as a business-enabler.
 
Ping will be in that mix with a host of others. Part of the work will showcase examples of using OpenID, Information Card, and SAML identities at different levels of assurance across multiple sites.
 
If you are in San Diego for the conference, try to duck your head in and take a look.
 
And don’t forget to check out other CIS wrap-ups from other conference participants: Anil Saldhana, co-chair of the OASIS IDCloud Technical Committee, Active Directory expert Sean Deuby, and software engineer Travis Spencer
 
If you have your own CIS wrap-up, post your URL in the comments section below. 
 
 
Follow John on Twitter and check out our Identity-Conversation Tweet list
 
 
 

Who is Kathi Becker?

July 27, 2010 , Sid Sidner | Customers

Sid Sidner

My final #cis2010 blog entry is about Kathi Becker, the wizard that organized the 2010 Cloud Identity Summit.  When Andre Durand, Ping Identity’s CEO, conceived of this 5 short months ago, he turned to his old friend, Kathi Becker, to make it happen.

Andre was one of the partners in the Digital ID World (DIDW) conferences, along with the founder, Phil Becker, Kathi’s husband.  When the first DIDW was getting organized, Kathi could see that they were really struggling.  So she offered her talents, pulled it off, and the rest is, as they say, history.

Kathi’s long-time day job is as a management consultant with PLB Ventures where she is a Managing Partner. For over 30 years she has provided management consulting and leadership education. She is an expert in developing educational programs that “cut through the noise and get to the meat of the matter” helping executives develop leadership capabilities to achieve goals they never thought possible. Her ability to craft and deliver thought-provoking programs always leads to well attended, critically acclaimed sessions with measurable long-lasting results.


Kathi’s clients include IBM, Microsoft, American Airlines, British Petroleum, U of Chicago Medical Center, Kaiser Permanente and Ford Motor Company.

The 2010 Cloud Identity Summit was by all accounts a huge success.  The partnership between Andre and Kathi is another example of the power of community to work together to achieve great things.  Next year should be even better as Andre, Kathi and team put their heads together to come up with the 2011 Cloud Identity Summit in Keystone.

When I saw Phil last week at the Summit, I told him that the secret in life for us guys was “marrying up”.  He laughed knowingly and nodded his head in agreement.


Who is Michele Leroux Bustamante?

July 26, 2010 , Sid Sidner | Communities, Cloud

Sid Sidner

On the final day of the 2010 Cloud Identity Summit in Keystone I caught up with Michele Leroux Bustamante, the Chief Security Architect for BiTKOO.  Her colleague, Doron Grinstein, had presented their flagship product, Keystone, to the conference earlier in the day.  

When I asked her why she’d come to CIS, Michele said she had come to support the BiTKOO sales effort in their Solutions booth and because identity is one of her passions. She knew that she would get to see a lot of people she knew and meet new ones. “I’ve already seen the folks from Microsoft and we’re based on the Microsoft platform.  I knew I’d get to meet the Ping folks.  I’d hoped to meet some new folks who share this passion.  I’ve already gotten to have some great conversations about the challenges we all face.  As a group, we need to come together and agree on the issues we’re dealing with, so we can inter-operate better and have our products communicate better.”

Then I asked her what she’d gotten out of Thursday’s program.  Michele replied, “Well, I really liked John Shewchuk’s presentation.  First on all, he’s really fun to watch; secondly, he talked about a really long term vision, which I think somebody does need to do, just to get everyone thinking about the potential for claims, the potential for federation and identity management in general; and I loved that [Microsoft] shared a vision that I had already been thinking along the lines of, and that is that OAuth2 is a much simpler form of federation, that may have a chance of being vastly adopted than we’ve seen so far with some of the other protocols, like SAML, WS-Federation, and WS-Trust.  Not that they’re not great protocols - they are - but we have challenges with mobile devices and REST-based services and Silverlight and Ajax.  How do we get a unified view of authentication, authorization, and communication with identity?  This makes it very possible.”


Who is Chuck Mortimore?

July 22, 2010 , Sid Sidner | Communities, Cloud

Sid Sidner

On Wednesday, the second day of the Cloud Identity Summit 2010, I talked to Chuck Mortimore, the Product Management Director for Identity and Security, from Salesforce.com.  Chuck has a long history in the Interent identity community, and along with Eric Sachs from Google and Andrew Nash from PayPal who are also attending CIS 2010, he and Salesforce.com are major factors in the future of identity.

I asked Chuck why he came to the conference.  He laughed and reminded me that he was speaking Thursday afternoon.  But then he went on to say that this conference has allowed him to meet with some other like minded companies and to discuss collaborating on new initiatives. Chuck also likes to hear what customers have to say, so he appreciated the talks on Wednesday by some of the Ping Identity customers. He said that the Unconference in the afternoon was great, because after a general problem was stated, he could ask customers what that meant to them and whether they had any related problems. "For a product manager, this is great stuff!'

 


Passwords on the death watch list

July 21, 2010 , John Fontana | Cloud

John Fontana

Password proliferation officially went under a death watch today, given little time to be run out of town as the Cloud Identity Summit kicked off amid the old-west justice of Keystone, Colo.
 
The deed likely won’t take the form of marauding IT pros, but you get the picture.
 
During the opening keynotes of the Cloud Identity Summit, Google’s Eric Sachs, product manager in the company’s security and CIO department, said it with one slide: Eliminate Passwords.
 
That’s an official company strategy for the search and online app giant. The company is already testing a new infrastructure for Google Apps accounts that will reduce passwords by allowing users to sign in to many more Google services with their Google Apps account credentials.
 
Sachs’s proclamation came after Ping CEO Andre Durand said “passwords are one of the weakest things that exist in the cloud today.”
 
He called on the industry leaders, end-users and vendors gathered at the conference to end password proliferation in order to help boost security in the cloud – a so-called Password Non-Proliferation Treaty.
 
Durand said it won’t be easy, and noted that a lot of work needs to be done on standards.
 
The whole notion of stemming password proliferation produced this zinger from Ping CTO Patrick Harding, who compared passwords to hamburgers and proclaimed, “If we don't get rid of passwords, the Cloud will need a colonoscopy in 5 years.”
 
Ouch.
 
But as the cry went out for reducing passwords, others wondered where the conversation now needs to go.
 
Anil Saldhana of Red Hat posted on his Twiter account. “Ok, I got that we need to eliminate passwords, should we talk about Levels of Assurance?”
 
The call-to-action is out there – what do you think?
 
 
Follow John on Twitter and check out our Identity-Conversation Tweet list
 
 


Who is John Dilley?

July 21, 2010 , Sid Sidner | Communities, Cloud

Sid Sidner

During the Tuesday workshops at the Cloud Identity Summit I had the pleasure of talking to John Dilley, Product Architect, Akamai Technologies.  If you've never heard of Akamai, you've still used them, probably everyday.  They are a key part of the Internet infrastructure, providing edge content and application servers worldwide to speed delivery or Web pages and applications.  If you watched the World Cup on your PC on espn3.com, you have Akamai to thank for making it possible for millions of people to watch simultaneously.  They also are experts at hosting applications for large corporations that need to get the app servers close to their users.

John has been with Akamai for over 10 years, joining right before they IPO'ed.  I listened, rapt, as he warmed to his subject and told me about some of the stuff they do and some of how they do it.

I asked John how he liked the morning session. John had attended Gunnar Peterson's and Chris Hoff's workshop on the security in the cloud.  He said it was great, covering a topics in risk management.  John said this is not his area of expertise and that he found the information really insightful.

I asked him why he came.  John said that he could see identity becoming more of a factor as they think of new ways to help speed the Internet.  He figured that the Cloud Identity Summit would be great way to start to learn about it and meet other people who were focused on the cloud.


Now is the time: Cloud Identity Summit

July 14, 2010 , John Fontana | Cloud

John Fontana
I had the chance to lurk on the phone yesterday as Ping’s CTO, Patrick Harding, was breaking down the important developments going on now in the identity space. I can't give you all of it, but he will outline it next week at Ping's Cloud Identity Summit.
 
I can give you the conclusion: evolution is on the doorstep.
 
Those little identity creatures living in the expansive pool of developing technology are ready to run up on shore and proclaim they have the legs to carry cloud computing forward.
 
Important areas for enterprise computing center around SAML and its evolution, OAuth 2.0, OpenID Connect, trust frameworks, REST APIs, and securing APIs.
 
The confluence of those technologies and others are a trigger for a big upswing in the adoption of cloud computing – or more accurately secure cloud computing. Ping is already engineering at the confluence and beyond.
 
The coming years are going to be a fantastic ride of adoption and refinement as the cloud infrastructure comes together. Security will start at the application level and the first order of business will be to authenticate users. And there will be a need to standardize interfaces for authorization, audit, and account management.
 
Harding says IT selection of cloud services – SaaS, IaaS, PaaS – could become like an iTunes store.
 
It’s in that environment that next week’s Cloud Identity Summit will open; exploring how all this comes together, discovering the gaps and working to close them.
 
Over the past six weeks I have interviewed some of the speakers coming to the conference and I have include below links to those stories.
 
 If you are coming out for CIS, you can speak to them about what's on your mind. If you are not participating in this year’s event, join the conversation with Ping and most of the conference speakers via social media sites. Here is one place on Twitter where I have rounded up some of the thought leaders.
 
 
 
 
 
 
 
 
 
 
 

Register for the Cloud Identity Summit, July 20-22, 2010 at Colorado's Keystone Resort.

Follow John on Twitter and check out our Identity-Conversation Tweet list

 


Turning Human Resources Into Human Nature at the 2010 SHRM Conference

July 13, 2010 , Pete Geoly | HR Technology

Pete Geoly

It’s basic human nature. The more difficult it is for someone to use something the less likely it is to get used. And HR applications are no exception.

Ironically, the same applications that are empowering companies and employees to more efficiently manage the employment lifecycle are also creating a password bottleneck. Based on a survey we performed at this year’s SHRM conference the average employee needs to access 12 or more applications to do their job. For most, that means 12 or more passwords. Apply that to the number of employees in your organization…that’s a lot of passwords to lose or forget.
 
Most of the HR generalists I spoke with admitted to using a spreadsheet or even sticky notes to remember their own passwords. Others confused using the same password for multiple applications as SSO. These scenarios are common for many employees and can significantly drive down utilization as well as present a high degree of risk to organizations.
 
But it’s more then just managing passwords. What happens when you onboard and exit employees? Are their passwords automatically set so employees can access applications critical to doing business? As important, are accounts disabled to avoid unauthorized access to applications after an employee has been exited? Many SHRM attendees mentioned that their companies lacked a clean way to onboard and exit employee access to applications.
 
Companies are beginning to do something about it. HR departments are lowering the cost of doing business and driving compliance using Internet SSO. Take ConAgra Foods, one of North America’s leading packaged food companies. They achieved a greater than 81 percent employee user adoption for the company’s Web-based travel service, which translated into a 92 percent reduction in related password reset support calls and a 61 percent drop in user-name inquiry calls.
 
As many HR organizations and SaaS providers are figuring out, Internet SSO can increase utilization, improve productivity, decrease administrative overhead and reduce help desk costs. The time is now to turn access to human resources applications into human nature.
 

CIS Series. Brad Hill: We better trump passwords

July 12, 2010 , John Fontana | Cloud

John Fontana
At next week’s Cloud Identity Summit, Brad Hill will play the role of the man behind the curtain. But this time, that man wants you to be paying attention.
 
Hill, principal consultant at iSEC Partners, refers to his conference role as the “designated pessimist.” His session is entitled: "Are we doing better than passwords yet?"
 
Hill believes cloud identity and its predicted benefits have a great chance of hitting the target, but he also knows there are still questions along the flight path. Hopefully, knowledge of the past brings power to build a successful future.
 
“My question is are we really doing better than passwords,” he said. “The industry is investing all this money, we are spending all this time and effort in response to a pretty substantial criminal enterprise that has been built up around the weaknesses of passwords, credit card numbers, and authentication tokens.”
 
Hill says the industry needs to take a hard look at what it is building.
 
“Are we using the magic word ‘token’ to make it sound a lot better than it really is,” he asks.
 
Hill plans to explore how people are using access control systems, the way they are configured and the newer protocols that rely on tokens and the passing of data, especially at speeds that are interesting to business on the Internet.
 
Here’s his litmus test: “When the hacking community figures out these systems will the systems be as vulnerable to attack as traditional password and credit card systems are now?”
 
What is needed, he says, is a hard look at the properties of the systems to ensure security and assurance are improved along with the user experience and the velocity of data exchange.
 
“There is not a fundamental reason this can’t happen today,” he says. “One issue is how do you build incentives into a system where you have one version of the protocol to bring people on easily and have another version that is more secure with a higher assurance and a different pricing structure. The system is designed so it pushes people naturally to higher assurance levels.”
 
The expectation is that the future better trump the past.
 
“It’s not that hard, but we need to step up and own the responsibility,” Hill says.
 
 

Register for the Cloud Identity Summit, July 20-22, 2010 at Colorado's Keystone Resort.

Follow John on Twitter and check out our Identity-Conversation Tweet list

 


More Entries