Practical IAM & CIAM

Combined Session
Thursday, June 06, 2024 11:00—12:00
Location: B 07-08
Log in to download presentations

Facilitating Ownership in External Authorization

11:00—11:20

In a world where authorization is externalised, ownership often still relies with decentralised application teams to allow for organisational scalability. Autonomy of these teams is important so that they can move fast. Zalando has 2000+ inhouse applications owned by 100s of engineering teams who will use externalised authorization. Each of these teams will write their own authorization policies as code using Open Policy Agent.

This talk will share insights into how we started treating authorization artefacts similar to other application development artefacts. The focus will be on building blocks and safeguards that enable engineering teams to take authorization policies through the development life cycle.

Pushpalanka Mankotte Kankanamalage

Senior Software Engineer IAM

Zalando

Pushpalanka is a software engineer with over a decade of experience in identity and access management. At WSO2, she worked on the Identity Server product and contributed to various customer...

Torsten Wunderlich

Principal Engineer

Zalando SE

Torsten is a principal engineer at Zalando focussing on fine-grained authorization and developer experience. With more than 15 years of experience as a software engineer and more than 8 years...

Appropriate Level of Assurance - A Foundation for Proper CIAM

11:20—11:40

Watch the video

There is no good or bad Level of Assurance to root any CIAM upon. It all depends on the business and the risks. A unique mix of business, legal, IT security, technical, and CX skills is required to discover, define, and communicate requirements for customer authentication methods. The correct balance between these factors brings peace of mind and enablement to the business. Hear some highlights of If P&C Insurance's journey of defining and enforcing a Level of Assurance aligned with realities of insurance enterprise.

Mihails Galuška

IAM Global Product Manager

If P&C Insurance

Since 2021 managing the portfolio of customer and partner identity related services across If P&C Insurance - the largest insurance group in Nordic countries with operations also in Baltics....

Automate Disconnected Apps for IGA Deployments - Automate the Non-Automated

11:40—12:00

Watch the video

Do you find yourself chasing down data files for disconnected apps? Yes, we all want fully bidirectional apps…But what about those “file” apps. Learn how to modernize the file collection and ingestion for your IGA Solution by empowering disconnected app owners to upload and pre-validate user and entitlement data on recurring schedules. Don’t fool yourself that your deployment will be the exception. Join Aquera, a 2022 Gartner “Cool Vendor” in Identity-First Security, to learn how to automate this process with improved file integrity, visibility on collection status through a central dashboard, and centralization of audit evidence data.

Craig Glogower

Director IGA Solutions

Aquera

Craig Glogower has over 20 years of experience leading Identity Programs in large global and national corporate environments. His passion is focused on solving complex identity challenges and...

Reed Henry

CEO and Co-Founder

Aquera

Reed has a history of defining new innovative products and taking them to market with his background in product management, marketing, sales, professional services, business development, and...

Agenda