Business Impact of Cyberattacks
Facebook X LinkedIn

Business Impact of Cyberattacks

Combined Session
Thursday, May 12, 2022 17:30—18:30
Location: A03-04

Preserving Privacy in Identity-Aware Customer Applications

 As customer identity programs mature, they bring new opportunities and risks. In the rush to launch new customer experiences, personal data is over-exposed and over-replicated. The default is to ship all identity attributes, to all systems, on every request in order to make access decisioning easier for application developers.

This approach disperses identity information across the application stack; which increases risks of data breach, data loss, and compromised identities. As a result, consumers lose trust and new business opportunities falter; or worse, customers like the new experience, but its success creates security and compliance liabilities that expand exponentially. To remediate the risk, data teams enter a never-ending cycle of costly data analysis and audits.

Identity architects and developers need to address privacy requirements earlier - not in post-collection data management, but instead in the application development process. While Privacy by Design and Privacy by Default principles are a helpful framework, they offer little practical guidance for developers to actually build privacy-preserving applications.

We will discuss how to use identity data at run-time, in the context of the application; how to retrofit existing applications with privacy requirements; and how to easily evolve applications over time.

Preserving Privacy in Identity-Aware Customer Applications
Event Recording
Preserving Privacy in Identity-Aware Customer Applications
Click here to watch the recording of this session. You'll need to log in to watch it.
Preserving Privacy in Identity-Aware Customer Applications
Presentation deck
Preserving Privacy in Identity-Aware Customer Applications
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Mayur Upadhyaya
Mayur Upadhyaya
Contxt
Mayur is the CEO of Contxt, a privacy layer for customer identity. Previously he was AVP Identity Cloud at Akamai technologies where he led the former Janrain team after acquisition. In 2014 he...

Zero Trust and the Business – why you have to align with the application owners!

Many organizations started their Zero Trust Journey with Zero Trust Access Gateways and Microsegmentation. But focussing on the Subject, the Digital Identity has enormous potential to drive security dramatically. Therefore it is required not just to take the static data and hard facts into consideration but also all the context information, dynamic data, and weak signals.
The challenge is not collecting the data but interpreting it and utilizing the outcome to make the right access decisions. This is not possible without a good understanding of the business process - so a close interaction with the business owner of the application is mandatory. And you really need a robust framework and reliable approach to scale for the whole enterprise.
Key learnings:
– Why is the subject important in a Zero Trust Architecture?
– Pitfalls when implementing Zero Trust
– Approaches on how Business and IAM experts can define the right policies

Zero Trust and the Business – why you have to align with the application owners!
Event Recording
Zero Trust and the Business – why you have to align with the application owners!
Click here to watch the recording of this session. You'll need to log in to watch it.
Zero Trust and the Business – why you have to align with the application owners!
Presentation deck
Zero Trust and the Business – why you have to align with the application owners!
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Andre Priebe
Andre Priebe
iC Consult Group GmbH
Andre Priebe serves as the Chief Technology Officer at iC Consult Group, a vendor-independent system integrator specializing in Identity & Access Management, with a global team of over 800...
Subscribe for updates
Please provide your email address