It's great to have a CTO office full of experts to help make my job - and yours - easier.
Last week, the Ping Identity CTO team (John Bradley, Pamela Dingle, Mark Diodati, Paul Madsen and Hans Zandbelt) held a Webinar about looming identity-related security threats for 2013. (Patrick was away on special assignment).
The session focused on “identity as the new perimeter." Be prepared to hear this phrase often this year - not only with respect to Ping Identity’s efforts but also across the industry in regards to cloud, mobile, social, and big data.
The old perimeter consisted of many pieces including managed employee identities and homogeneous devices and the network-protected cocoon of on-premises resources.
The new world of SoMoCo (social, mobile, cloud) explodes that notion.
Enterprises went from one user constituency (employees) to multiple user constituencies (partners, contractors, and consumers) with unrecognized third-party credentials. IT admins went from homogeneous, Active Directory-bound workstations to the BYOD world of heterogeneous unmanaged devices. Enterprises now have distributed resources across off-premises and across the hybrid cloud.
The key now is to rely on IAM policies and processes - crucial tools required for the brave new world. In order to identify solutions to various security threats, the Ping CTO team examined technologies that include multi-factor authentication, identity bridges, API security, OpenID Connect, mobile device management (MDM), OAuth, near field communication (NFC), and the failure/ubiquity of passwords.