The risks of an insufficiently secured software supply chain have been known to industry experts for decades, but it took a series of high-profile attacks like Solarwinds or Log4Shell to bring them to the attention of much wider audiences. Now everyone finally seems to realize how catastrophic the consequences of such an attack could be, but still, many organizations are struggling to understand the scope of the security measures that are needed to prevent them from happening.
The IAM space has grown immensely, with countless vendors emerging over recent years. Some of these offer a full suite of functions, which can cover many, if not most requirements organisations may have, whereas others offer niche or point solutions focusing on a single function, each with their own way of doing things.
Organisations often find themselves in a situation where they have to adapt their vision to what the products are capable of, sometimes needing to stitch together multiple products from different vendors and bridge the gaps through custom development. This may lead to a solution which is more home-grown than off-the-shelf, something fragile, inflexible, and hard to maintain, quite the opposite of current needs. Making changes to improve the user experience becomes a challenge, switching products or introducing new ones a major undertaking.
An alternative approach is to prioritise experience by focusing on a centralised orchestration conducting product functions so that consumers of identity services are served the right experience. This abstraction enables the flexibility and agility today's world requires, implementing the vision as it was white-boarded, custom tailoring the extraordinary experience(s) everyone is longing for. Changes can be made centrally, new functions and products can be introduced as necessary, all without having to make changes in each web application, mobile application or API.
Experience is what counts, orchestration is how you get there.
In this talk we will cover: