Good afternoon and welcome to you all to today's web webinar brought to you in association with Aon. I'm pleased to be joined by my friend Ann Bandari from Aon, who is the chief mentor and thought leader there.
And I, of course, Paul Fisher, a lead Analyst recovering call. So before we get into today's meet, as it were, just let you know that you, as an attendee are muted and we control those features. So the need to you don't need to mute or unmute yourself. We will be run a couple of polls through the afternoon and then discuss the results at the Q and a. And indeed, we'll also take questions for that Q and a, which you can enter in the panel that you should see on your screen.
For those of you who have colleagues that can't make today's live webinar, then of course this will be recorded and it will be available as quite soon after today. And the slide decks also be ready for download.
So quick agenda. I will start off by talking about how identity and entitlement management for multi-cloud environments is changing rapidly and some of the things that are starting to happen to help people manage that then, and now we'll go into a lot more detail about governing multiple user IDs in never expanding multi-cloud world.
And of course, tell you a little bit about how Arcons governance cloud governance platform can help you in these challenges. And then finally, we'll have a, as I said, the Q and a session and a final wrap up. So the multi-cloud world before we get going here is the first of our polls. So we want to know what worries you most about access management in the cloud or for the cloud. So the options are not knowing who has access too many standing privileges, new cloud raws resources being spun up without permission.
Are you not in the business account, DevOps reporting to non it lines of management and then too many different ISPs in usage. So the is now open. So we'll give you a few 30 seconds or so to answer those.
So not knowing who has access too many standing privileges, new cloud resources being spun up without permission, DevOps reporting to non-IT lines of management are too many different ISPs in usage. So we've got some answers. We'll come back to those in the end of the webinar.
So before we get into the more technical part, we should probably ask, what does business want from clouds or cloud infrastructure or infrastructure as a service, whatever we wanna call it.
Generally, obviously they're focused on the business and they see cloud, and multi-cloud as the answer to things such as delivering products and services much more rapidly, but they also particularly those that organizations and businesses that deal with customers directly, they're hoping that the cloud can provide a friction free experience to customers that they also, especially these days want to provide convenience, but in particular, they need to also provide privacy and security.
The consumers in most markets these days in most major markets are much more aware of their privacy rights and their data being used properly by the organizations they deal with on a daily daily basis that it's no longer good enough for organizations to not fulfill their responsibilities towards things that's GDPR, but beyond GDPR, also making sure that they just are good governors, governors of data that they understand that is their customer's data and not theirs.
So the flip side of that of course, is the customers also like to sorry, organizations or businesses like to know what their customers are doing. So they also have a fair reason to want to look at that data, to improve customers service and customers products, and also to improve the efficiency of their organizations and within all of this, within these four things that they wish to have increasingly a multi-cloud a dynamic cloud environment is the way to deliver those.
The, the thing about networks is that they tend to become more complicated as time goes on, all organizations start off reasonably simple. So they may have a SAS based computing environment, such as this, where they may just use perhaps three tools, office 365 SharePoint and Salesforce. So there are three SAS based applications, which means that they're, they're a highly collaborative business, but they may also work in different locations and probably most of what they do involves human identities.
So that's a fairly simple network, but if you start to add in some of the things which are now becoming much more common, such as remote working multiple end points or people using their own devices to do business computing, you start to see how life becomes more complicated. Because when you start adding these things, you generally will be adding them using cloud resources, and you'll be adding more identities as you go along and the cloud will get bigger.
You will have much more data management to think about, and of course, much more web management as most of your applications or most your customer facing, or your web facing will in fact, be web applications. And then organizations develop to the point where they start to write their own code. So they start to develop their own resources in house, which of course means more clouds being developed. And we all, we always hear a lot about the DevOps people using cloud in a rapid, but not always necessarily secure way. So a simple network that starts off on a fairly small cloud basis.
It's soon become quite complicated and right up to the enormous, the complicated organizations that we see in existence today.
And that is another illustration really of how I see it, infrastructure expanding. And I take the, the universe model as in the ever expanding universe as, as really similar to what happens to our networks. So the original infrastructure is right in the middle there, but then that is joined by lots of other nodes is joined by lots of other servers and databases, excuse me. And at the same time, more and more identities will be trying to access all these resources.
The bigger the infrastructure gets, the more identities will try to access. And those identities may come from outside the organization. They may come from third parties, which is another thing that we increasingly have to manage in our organizations and across our cloud networks.
So, and then with, within those nodes, we will get even further connections. So for example, you can argue that a person on an end point working at home is not only connected to the organization is connected to the net, the wider internet, and that in effect extends your own organization even further into the, probably into unknown territory, because the connection between the internet and the connection between your infrastructure need to be separated and they need to be siloed and protected.
Otherwise we have what happens with when malware gets into organizations.
But the thing to remember about the ever expanding infrastructure is there's not a lot you can do about it. You can't really say right.
Well, never gonna, we're never going to increase the size of our infrastructure because it will eventually and inevitably grow. And the other issue, which I'm sure that Anna will talk about is that when infrastructures grow, they leave behind footprints of previous access management previous, for example, privileges and privilege accounts, which have been left open for people and identities, which no longer need them or have perhaps left the organization. So like a universe, there was a lot of mystery going on, used a lot of stuff, which you don't know is happening and which is hard to manage.
So let's have a look at how people are using cloud services in real life.
And this is a survey that was done relatively recently. So although the last two years is probably been an accelerating time in the history of the world, as much as history of computing. So you might find that these numbers have actually changed, but 42% said that just get rid of my cat using three or more infrastructure as a service providers right now, 69% will be using some proprietary IEM tools. So the tools that are brought in from outside and 39% may still be using their own in-house IAM platform.
And the main reasons why we have this picture is particularly in why different types of cloud services are in use and three or more is that, as we've mentioned, as infrastructure expands, it's harder to keep control over the various points of the, of the infrastructure. So other teams, other than it, for example, may well have selected different vendors to do some cloud work. Sometimes it's because it managers just prefer to avoid what we call vendor lock in, or they just feel that the, they need to match capacity to workload.
And it may be that they feel that one cloud provider does that better than the other.
So that's really, as I said, a snapshot of where we are, the key thing is that it's now not unusual for organizations to be using more than one cloud service. Obviously the three main ones, Google cloud, AWS and Azure tend to dominate, but there are plenty of other smaller cloud services that are also being used. So what of our identity and access management and the cloud.
So let's, before I get into that, I'll have the poll number two, which might give us a much more up to date, figure on how many cloud services providers are being used. So do you only use one, do you use just AWS, Azure and GCP, or more than those more than three, but don't include the AWS Azure GCP or more than three, including AWS, Azure and GCP, or you have no idea. So let's open the voting on that.
So, okay. So it's either you have just one only the big three, more than three, not including AWS Azure GCP more than three, including those three or no idea.
So, okay. So let's close that we have some results. So maybe one idea is to start thinking about our cloud geography and thinking about how we manage identity and security within those clouds. We're already seeing the revolution that's been happening in containerization, which is obviously very much part of the cloud environment or the cloud landscape, but we've seen how containerized applications have taken over or taken a huge chunk of in software development. And they do that because of all the convenience factors, but also it's easier to manage.
And it brings, makes the development process much closer to the people that are doing it.
So it is a decentralized way of doing things.
So we are starting now to think about decentralization in terms of identity, access management, and it security because we often say that security is everyone's, but in reality, that doesn't happen and it doesn't happen because quite often the identity management or the it security, centralized, and is seen as remote from, for example, what is happening in the development environment, we still have monolithic centralized app platforms and policy engines, which are not really built or weren't designed for the complex networks that are expanding.
They were designed much more for traditional on premises, much more static environments rather than dynamic environment, such as what's happening in development. And it's difficult to know who's in charge and which is why we have the phenomenon of unsanctioned clouds on business account unsanctioned. For example, AWS clouds being set up on a private credit card, for example, that is definitely happening.
This then is hidden completely from the rest of the organization it's done because they wanted to get something built.
So we need to think about how we manage the decentralization of security as well before we jump into it. But so perhaps we should think about putting security of identity, access management and privilege, access management, much closer to where the action is. So that those tools, those platforms they're using are actually able to manage identity access management on a much more dynamic, much more just in time, much more focused business than we currently have. So as teams within the organization start to move a little bit out of the traditional CIO or the CSOs zone of influence.
We need to make sure that in our new cloud geography, we have, we still have nodes of responsibility, or we have even automated nodes of responsibility that can look after the processing of identities and authentication, right, exactly where the work or the workflow is being utilized.
So looking at the clock probably won't spend too much time on this slide, but only to say that is one probably to digest a little bit when you download. But the key thing here is just to say, what is, what is being managed in these complex environments? So we have up on the top left there.
Most of the things that are currently likely to find their way either within the organization or connected to the organization, or either as I said, out there on the internet. So we have servers, virtual machines, cloud, sorry, private clouds and private clouds. And then we have things PCs, you know, this is all not rocket science, but it's just to give you an idea of everything that is using those pieces of hardware, infrastructure I identities.
And we need to, as I said, in the previous slide, work out how we can deliver what the business wants in this new environment, but also how to ensure that we offer security and the control and the compliance needs and the customers desire for privacy and, and safety etcetera. So it really comes back to in the end, something that we really underpins, everything that we do in computing and has done for decades, and that is managing identities and putting the right identities with the right resources. And that really is what IAM is about, what it will be about in multi-cloud environments.
And it's really something we should always just keep top of our mind is about that's effectively. What we do on a daily basis is manage identities with resources. That's basically how computing works.
So just recently, we've come up with a new dream paradigm for this.
And again, I won't spend too much time on this slide, but it's one to digest, but just to let you know that we are looking at not just identity access management, but now cloud infrastructure and entitlement management and traditional Pam options and how they fit into this much more dynamic multi-cloud environment and how we manage dynamic resources and how we manage the entitlements to those. And again, you can see its identities and resources, but we've broken it out into more detail here.
And at the bottom, you could see everything is underpinned still by traditional models, such as zero trust design, integrated risk management, compliance, manage EDR XDR. So we still need our fundamentals of cybersecurity to support the dream compliant and SIM technologies.
So these decentralized solutions. So we have some options here that we may see as part of a decentralized identity landscape.
So we may have digital, which could bring in some areas of cryptography, but also parts of blockchain or non fungible tokens, et cetera, to make sure that public, sorry, that keys are more secure than they are. Now. We also may use go towards more user centric so that the user has agency over the data that identifies them as who they are. And related to that the user can selectively share the data.
And I think this is very much part of the theme of, of what's happening in managing identities in the newer environments is that we need to think a lot more about the agency of the individual or the customer, the consumer, so that they have more control of how their identity is used and how it is managed. And it is less top down from the organizations. And it could be obviously a reusable identity, something like a digital identity, which can be used across different organizations, even public and private.
So just my final slide network expansion is inevitable, so we can't stop it, but we can decentralize containerized. We should think about new centers of control. Think about zero distance identity and access management, new nodes of empowerment, embrace infrastructure as a service and parts of ops automation. Automation is your friend, or it will be increasingly will be your friend. It will improve and take away some of the chores that we currently have to think about and think about these dream solutions that are emerging and an exciting area for identity management.
And there will be in the next few weeks, a leadership compass published by KuppingerCole all about the dream solutions. So look out for that. So with that, I will hand over to my colleague for his presentation. Thank you so much.
Thank you, Paul. And I hope I'm audible and thank you for this wonderful presentation.
Yes, we can hear you.
Thank you, Paul. And I do have couple of very interesting takeaways from your presentation, especially I like the word dream.
I think, I think it's, it's likely to be an interesting one when you come out with that compass. And I also have couple of takes away of the likes of consumer being able to, to, to, to manage privacy and some reusable aspects of the identity, which incidentally, I am also covering in my slides, but the flavor to that as more of security parts and one being able to control what one would like to show and things like that. So let me now take you through, take everybody through the presentation around identities and multi-cloud environment, the way probably I see it, or we see it.
And, and what do we, or what do we as organization are doing around identities involved and multi-cloud environments, and how are we thinking through trying to create a frictionless app partially for users to be able to kind of have stream lanes across different cloud environments that one would invest in.
I strongly believe that I think the next five years are likely to be the years for evolution of digital identities.
I, I don't really think that the digital identities have really converged or have evolved so far. I think it's still time for digital identities to evolve. And I believe that the next five years are likely to be very, very interesting for one to watch around what digital identities look like and how are they going to be all across the cloud environment, internal or the consumer environment laughing.
If appall, I do remember that you mentioned about why businesses are looking at identities or maybe cloud options, especially for businesses, because one would like to have rapid deployment. One would want to test business approach opportunities available. Incidentally, I would also like to kind of take a step back and try and connect as to what business models are evolving around the world.
And this is something that probably I shared at the Kuppinger call Munich conference. If you look at fundamentally, I think there are three big business models evolving across the world.
One is the outcome based model. An outcome based model is really the one where outcome of the businesses, what people are looking forward to. So for example, you no longer want to buy a car because the color of the car is good, or because the car runs faster, you want to buy a car because the car engages with you, the car has the ability to, to, to be able to engage and give you a frictionless, right? In the most secured manner or as secured manner as possible. If you were to look at hospitals, I think the next five or 10 years, the hospitals are likely to work on an outcome based model.
The factors that you are aware about what is wrong and how you're going to be treated even before you walk into a hospital.
And you could probably see a glimpse of all of that, especially in the retail business, when you walk into a retail store and, and, and the store literally engages with you, knowing that, Hey, you know, what has probably not been to store for the last six months? This is what you like as a person. These are the colors that you would probably like to choose. And so and so forth, right?
Similarly hyperpersonalization is another business model, which is very strongly evolving across the world and any, and every business that you look across the world is more or less converging towards hyperpersonalization. If you look at provisional services, it's likely to be more and more hyper personalized.
In fact, if you look at commod, in fact, if you look at products like shoes, for example, there are, there are, for example, there's a Nike store where you probably go online and you could actually produce a shoe that you like, the way that you like it in the color that you like it deliver on the spot.
And so, and so forth. You could probably convert. You could probably have music in the way that you would like to construct one. And hyperpersonalization is likely to make a lot of business sense going forward.
Access versus ownership is something that I think all of us typically from the it world is aware about because cloud is a fantastic model of access versus ownership. The millennials today do not want to acquire assets. They want to, they want to enjoy assets. So you've seen all of the business models in the last 10 years, evolve around access versus ownership. Be it be it actually Salesforce, be it Uber, or be it Airbnb and several other businesses across the world.
It's more to do with enjoying rather than owning an asset and SA software as a service is also a fantastic example of access versus ownership. All of that has been possible because of now the growing digitalization of businesses.
So if you were to look at all of these three models, you would probably realize that all of these three models are evolving around identities. So when you look at outcome, outcome has to do with identities. It has to understand what one likes.
If you look at hyperpersonalization the term itself fundamentally revolves around identities and, and the person that you are, or the identity that you are, or the personal that you have. And so and so forth and access versus ownership is also typically in terms of the service that one would like to pay as a person. So my take is that I think identities are not only from a well, we should not only view identities typically from a governance perspective, but I think identities are likely to try business models in the future.
And if you were to look at digitalization of businesses, you would realize that you could box them typically into three big boxes, one being digitalization for growth of businesses, which means revenue generating the other is efficiency to digitalization, which means internal facing probably generating better profits.
And the third one is digital experience.
The combination of growth in efficiency, it's likely to likely to evolve around these three buckets where one would have digital investments going across or various industries that one would like to think to, from banking to, to financial services, to telecommunication, in fact, even mining automobiles and so and so forth. Healthcare cetera. Now for the sake of let's try and take a minute to construct our digital identity, right? While we are speaking about identities and we are speaking about all that is likely to happen as business models.
And we are speaking about the fact that access is looking more lucrative than ownership let's for a moment, take a step back and say, what does, what does digital identity really mean? Well, digital identity really means your personal thoughts. It encompasses your likes and dislikes, how you do things. When you do things where you do things, what you do personally, and professionally, what you create, for example, data art product, where do you store these things?
And what tools do you use all of that and many more attributes or, or something that you use, something that you do, an aptitude, an attitude, all of that together actually forms into a digital identity, which is not different from people like you and me, which means the digital identity is a persona of a human being.
And if you were to now expand this and connect to all the business models that I was talking to you a minute back, you would probably realize that all of the data or all of the attributes of what you do and how you do and what you like, you would start noticing that they're all more or less in the cloud. So more or less one is likely to engage with data in the cloud. And I think unfortunately, none of us have that choice because it is likely to happen.
It is likely to happen in the way that it actually has to recite in the cloud.
If you were to take the advantage of large data sets and then coming back and putting them into AI ML boxes, to be able to create better experiences, you can't create better experiences just with a small dataset. You would have to work on large data sets. And so it is necessary that this, this, these data points would typically reside in the cloud with many more data points.
So I think it's now making it essential for data to be in the cloud to offer the best of the experience and the new age business models on the other side, if so, again, probably trying to break this discussion into two pieces while you see the evolution of digital identities, there's also an amazing opportunity around the digital vaults. And you would probably also see that as the digital identities are evolving, there is a great desire and a need for digital walls, because all of us would like to probably use these digital walls to be able to store with all of that that we do with the cloud.
It could be simple data. It could be our cryptocurrency keys. It could be the data that you agreed you watch. It could be your personal privacy stuff and so and so forth. So you would need to store them. And because they're getting stored in the cloud, essentially you would want to store them in places which are more world like in, in the way that one would think too conventional bots.
Now, if one were to look at identities, the way that identities are evolving to just try and make this conversation simple is typically you may have identities which are interactive, which is nothing but human beings. And in fact, even thoughts are more or less interactive identities, which means they log onto systems. They consume some variables, then they do something and the output is then collected. And then the data is then turned and put into something else it's fairly interactive.
And a lot of these bots actually sometimes work in the front end.
And of course, a lot of bots working in the back end, but all of these are typically using interactive identities. Then you have other types of identities which are non interactive and non interactive identities would typically be mobile devices, desktops, all of them, all the machines that you have, all the iPads, all the desktops, anything and everything that you use today, typically carry in identity.
And in, in simplistic terms, you could call them as having machine identities. And in fact, the apps that you have downloaded would also carry a certain amount of identity because the apps would then have to be secure, to be able to talk to the APIs and so and so forth. And then the APIs have their own identities. Either they have the tokens, or they have the credentials embedded because they would need to authenticate when they're talking across systems and interfaces.
And so is the case with web servers and database servers and connection strings and applications of identities.
And several of them, half of them are embedded. Half of them are dynamic and so and so forth. Then you also have the other types of identities still non interactive, but these are in the, in the OT and the OT world. And if you would see any of these sensors, that you would probably have somebody working in manufacturing organizations and somebody working in processing organizations, constant, continuous manufacturing, and so on, so forth, you would notice that all of the IOT sensors would have an identity. The wireless connectors, would've an identity.
The gateway a has an identity, which the wireless connectors could be lower from where, and, and, and the gateway could then be connected to the telecommunication. And eventually they may sit back and be cloud. So if one way to look at all of this, you would realize that in a single data transmission, there could be probably maybe 20 identities or 30 identities involved in terms of your data being, speaking to devices and the devices speaking to human interactive or non interactive identities.
And again, when you were looking at all of this, you would also probably again, taking you back to walls and, and constantly I'm talking about walls because the fact that data is now reciting in the cloud, and it becomes important to segregate in terms of what data we would want to make generally available and what data that we would not want to make available. And why am I trying to talk to you about data, especially in a, in an identity managing identity in the clouds webinar, because eventually it has to be contextual.
What I mean to say is that if you're building up an identity framework, the identity framework of the future is likely to be more and more contextual. And if the identity has to become contextual, it has to be related to attributes and it has to be related to data and so and so forth.
So if one were to look at secrets, for example, you would have a cloud typically fault managing certificates, device identities, IOT, sensors, IOT gateways, secure code SDKs, and mobile devices and API tokens, and so and so forth. Right?
So if you were to now, and this is just a thought, and, and then there's a lot of work across the world, I'm sure happening across the world on, on security parts. And I'm sure Paul would be able to draw better light on this. Typically the comments are looking at it and these security parts would then have your personal information. They could have your, they could have all the important information, which is stored, for example, the cryptocurrencies and the property documents and the financial documents.
And if, if we were to look at currencies coming up at cryptocurrencies of the world, coming up in every country, then producing their own cryptocurrencies, all of this would become in some way, stored and associated with an identity.
And it could be identities related to consumers. It could be identities which are linked to employment, which could be enterprise identities and so and so forth.
I think, I think it's, it's now necessary for us. And maybe it is the right time to probably reimagine identities in the cloud.
And also, how do you contextually connect these identities and how do you manage your assets with identities, having several attributes and several processes and relationships. And in fact, it goes very, very granular when you get into cloud, which in the next couple of slides, I'll explain to you. So your digital assets are in the cloud consumers access from the cloud employees access it from the cloud. It infrastructure, as Paul mentioned, is ever growing. And there is, there is absolutely no reason for it not to grow and it's likely to explode, right?
And, and, and SAS applications being available.
Again, you open up billions of identities, which one would've probably not seen when we were looking at improvise applications. All right. So the cloud is really enabling the digital ecosystem that one has. And if we were to take against two steps back, and if you were to look at the global trends coming up for 2022, I think one, two important aspects coming out of the global trend, the security challenges of 2022 couple of analysts have brought this out, which talks about big game ransomware attacks, increasing accounts on identity systems.
In fact, there is a huge attack happening on the digital supply chain, which is deeply embedded vulnerabilities. And what once needs to do as an impact on cybersecurity is, is reforming security practices and rethinking technology and responding to new threads. So there are, there are typically two models which are emerging. One is the identity, threat detection and response.
And the other is the digital supply chain integrity.
Well, today we are talking about the identity. So I will just try and take a minute on the identity, threat and detection response while we move towards the end of this presentation. So while I've spoken about this, well, literally what is argon doing in, in all that I'm trying to speak to you about?
And typically the structure and the thought process that we have within our organization is trying to consume all that I spoke to you about and try and offer a solution, which is frictionless, which kind of embeds has the ability to take care of the machine identities, which has the ability to take care of your business identities and privilege identities. And it has a layer of MFAs and SSOs in just in times to ensure that you have passwordless experience, which is built on a zero trust model, because this model of zero trust is a fundamental requirement today.
And, and more important, it is all based on a virtual access platform model, because I think VPNs and VDIs, well, VPNs typically could be a dying technology in the near future because one is expecting a seamless access into environments. And all of this is then pointing towards your business apps or devices or data center resources with a strong foundation of identity and governance, which Paul, I think mentioned that it's very important to then have a solution which has at its art or the identity governance and the secrets governance piece of it.
So literally this is the construct of what we do at ARCOM. I believe that there are three basic principles of cloud governance. One is discover the second is monitor. And the third of goals is remediate just to keep our discussion simple today. And a multi-cloud governance model would essentially mean that you should, and one should be able to gain visibility across clouds.
One should be able to mitigate entity risk across clouds, provision, and deprovision and define custom policies.
One should be able to monitor and govern entities, and of course, weigh permissions with interactive graphs and our ability to quickly deep dive into what is right or wrong. And if you were to look at our cons C I EEM application, which is the cloud identity and entitlements management, it's a, it's a larger piece that we have.
And, and, and, and typically a dashboard that what could see is a combination of all the identities across different cloud platforms. So literally in one, in one eye, you are able to see what does one have on AWS? What does one have an Azure? What does one have on GCP and, and then OCI at so and so forth, then one could probably have a single visualization to understand what are the top resources that people are consuming within an organization.
And of course you would have the risk organizational risk on one side to be able to give you again, a single view in terms of governance that, Hey, you know, what are your identities secured? Are your assets actually in cloud secured? And do they even have relationship and are people even using them?
And, and, and, and if people are using them, then what is the trend of the resources what's being used? What's not being used. What are the, the locations that your assets are spread across? Because today you would have tenants across the world. If your organization has multiple offices across the world. And Paul mentioned about decentralization of identities and maybe managing them in, in some form of containerization at different locations. So all of that to be embedded into a fair break requires one, to be able to visualize where is one going?
What is one using in the cloud and how are they coming up incumbents today? Believe me, I think as its organizations invest heavily, I think there is a great need in the market to be able to have a visualization, which would actually protect them, because certainly you had all the protections of a label in improvise solution, but the moment you have shifted your gears in the cloud and different business units are investing in, in the view that they want rapid delivery.
I think the, the important component missing out is of course, the governance piece there and the impact of something going wrong in the cloud is significantly high. And it becomes a huge risk element or a thread to organizations today, right? So one would have risk goals coming up. You would know what recommendations are, for example, if you've not changed the password or you've not enforced the MFE and so and so forth.
So this solution is able to kind of, you know, connect the dots and bring a governance right on your desktop to be able to take decisions and, and just to make it slightly more complex. Can you imagine that the moment you start filling in with all the SaaS applications there? So we've created several connectors for SaaS applications, especially for the cloud governance piece of it.
And can you imagine if you were to move around SaaS applications, which are, which are so prominent today, you would probably realize that this solution itself is likely to become complex because it has to be then deep diving into different roles and resources available and so on, so forth, and finally the identity and thread detection and response model, which is, which is coming up very strongly across the world.
I'm, I'm happy to kind of let you know that Arcon, for example, takes all the boxes in terms of the attributes that one would think through in terms of requirement of an it TDR like a single authoritative user directory identity proofing, single sign sign on that can continuously assess user context attributes, a privileged access management tool to restrict access to sensitive accounts, multifactor authentication, account takeover, fraud, detection, tools, identity governance, administration, N cm, and user T behavior.
All of that put together offers you better visualization of end governance around identities and especially market cloud environment. So I think that is, that is what is in hold some strategy. And that also happens to be one of our strong offerings in the market today. And our vision is to keep aligning ourselves to the thought process where I think identities are actually diversity in humanity. So I think this is what I had to present.
Thank you, Paul and team would like to hand this over back to you.
Thank you. That was great. And a lot of big thinking there. So I think we're kind of the same wavelength in the way that we are thinking about identity and access management going few forward. So let's have a look at the results of the poll, which hopefully you can see the first one. What worries you most about crowd?
Well, 40% not knowing who has access 30%, too many standing privileges, 10% new cloud resources being spun up and 10% DevOps reporting to non it lines of management. And interestingly 10% won't think that there are too many ISPs in use is at risk, but fundamentally it's pretty obvious here that most people are concerned about managing the access and not knowing who has access. And of course, those standing privileges, standing privileges are one of the biggest risks of the organization. I'm sure you would agree that are leaving, standing privileges open.
It is just a recipe for, well, not disaster, but it's an open invitation to attackers. So one of the things about managing cloud infrastructure is that you can discover how many standing privileges you have and how to manage them. So that's that poll?
I think I did the second one first, but nevermind, the, how many different cloud services would seem that 25% have just one 33% use only the AWS as you GCP, no one uses more than three that are not included. Those big three and 33% are using more than AWS as you Google and 8% have no idea, which is very interesting.
So thanks for, thanks for your honesty there. That that's, that's pretty interesting. So that's the air, the, the poll questions, which well, no real surprises apart from no idea.
Yeah, absolutely. Yeah,
Absolutely.
I think, I think the one surprise that I saw the scores to be listened is typically idea about what resources are being spun up. I think, I think a reality is lot, many more people don't know what resources business are spinning up on a daily basis. Right. So I think, I thought, I thought that the scores were slightly low there, but I think that's also a huge concern for people because the teams are many, everybody wants to move to cloud. And literally you have no idea of how many resources are being spun and how many resources people are using and so and so forth.
Yeah.
And I thought, actually, your slide at the end, when you showed the, the, you know, the mind boggling number of SaaS applications that there are now, which also is adds to the complication, the extension of infrastructure, etcetera. So, you know, when you see that slide and you see all those logos, you realize what a SAS world it is. And increasingly organizations will be using different SAS services in different departments.
So, well,
Absolutely. Paul, if you want to just imagine that gold banking solutions, which are becoming kind of a canvas, and if they start being offered on the SAS, which is likely to happen very soon, can you imagine the entitlements and the governance that one would need to do across the SaaS platforms to be able to come to some form of risk mitigation that you see today after several years after having put in the IGA solutions on of that? So I think all of the IGA solutions would go in for a refresh.
And I think, I think it's gonna be large, more complex, many more complexities built into the cloud governance going forward. Yeah.
Yeah. Actually we have a question on that about how ARCOM and your cm solution can manage SaaS application. So I know that's probably, that's quite a big question, but if you can give us a
Thing, one, because the, the, I like to term, I think you coin somewhere about the universe and, and the way that you explain the, the explosion of the it infrastructure and literally the SaaS world is another universe.
Like, I mean, we have several universes, right? So, so I think, I think the SaaS world is another universe. So it's not, it's not likely to be completed overnight, but the framework that we have is essentially very agile, which means our ability to create SaaS connectors is, is faster and, and methodology to input it back into the governance is very easy. And of course we have covered all the, all the usual suspects, like the sales force of the world and the Atlas of the world and the labs one, which of course require priority attention. So those are the ones which are already available.
And as we speak, I think we keep improving the list of connectors that one would have on the cloud based on the usage that happens in the market today. Yeah. But I think that's likely to be a very, very important and critical piece of the entire CIM world that we see there. Yeah.
And I like also that you were talking about digital identities, something that we've been thinking about a lot and the pros and cons of a digital identity, so what you called them, identity pods. Yeah.
And, you know, do you think there, there might come a time when you could actually have an identity that you use for business and for consumer, or is that too much of a risk?
Do I see a scenario where I see different identity being used for business and a different identity suit seeing for consumers?
No. I was wondering if it was possible that you'd have a digital identity that you would use to log on to your work in the morning, but you'd also use, for example, I'm talking about in the future, but
Oh yeah, absolutely.
I, I think you've hit the nail. I think, I think one is likely to acquire digital avatars in, in, in this internet world. Right? So for example, Paul Fisher Fisher has to be the same person, but he would have the ability to seamlessly log on as Paul. But you recognize as maybe, maybe when you're getting into your business identities and maybe as Paul X, when you're getting onto internet identity. So your digital task could be different in different connotations and context, but it'll all be linked back to what you are.
And all of these tasks would probably decide in terms of, you would probably decide in terms of what you have to do and what you want to give out and what you don't want to give out. So I think I also powered the last slide that you have on, on, I think the, I think the slide that you showed about usability and also the identities with our ability to control what information, what we want to give out in the internet world.
So I think there are similarities in what we are discussing here, but I strongly believe that this is likely to happen in the next 10 years because privacy is likely to become important. And, and, and, and more than importance. I think Paul, I think probably you would've realized getting a good piece of ID. Like there are so many solutions available in the market, but getting the right fit for yourself or right. Consumer identity product itself is a big challenge and you keep replicating it again and again, again and again, in different companies in the same manner. Right.
So there has to be somebody who would come and break that one attorney to say, Hey, you know what, use it in two different ways or three different ways, and this is what we have to offer you. So I think, I think that is a fantastic approach.
Yeah,
Yeah. Yeah.
I, I, I think we're, you know, my point was that I think it's not good enough for organizations to track what people are doing on the internet or what anything else, and then use that data as their digital identity, without permission. It's gotta be in partnership with organization. So you choose which organization you want to be part of your digital identity. So. Perfect. Yeah.
And then there's so many, I think, use cases that would evolve from there. So I think that that, that space is to be watched for is what I would, I would put in capital.
Well, I,
I, I think whoever cracks it, you know, will be, will be doing very well because, you know, it could solve so many things, but we're, we're a long way from there. And right now we still, we still have our friends, the passwords
To we, we still have, we still have to connect the definitions of what our privilege identities and what our person's identities and so on and so forth. Yeah. So I think we've got these smaller issues in terms of larger boxes today.
Okay.
Well, I appreciate your time. An it's been as usual, great talking to you and I hope to see you again, maybe at cybersecurity leadership compass,
Absolutely.
In November. And of course, I reach out to the audio listening in today. Don't forget to check that out on our website. It's our second conference of the, but in the meantime, once again, thank you Anna, for being with us today. Thank you a for
Pleasure to be with you on the, on the webinars.
Thank you so
Well, thanks ACON for sponsoring and thanks to all of you for listening in, and don't forget, this will be downloadable probably from tomorrow onwards. So with that, I wish you all a very good evening or afternoon or good morning, wherever you are.
Thank you once again and everybody fantastic. Thank you.
