Digital Identity Reflections

identity_masks

It’s been quite an identity ride over the past three years (2016 – 2018), as I’ve led the leader in Customer Identity and Access Management (CIAM). I couldn’t help but reflect a little over the holidays…

2016 in Identity – CIAM shifts from marketing to security.

Hindsight is great. So if you’re an identity executive and you’re now saying that customer identity is more about security than marketing….well, welcome to the group. However, we had the foresight to predict that and create a 5-year strategy that invested into that thesis, starting in 2016.

all-3-billion-yahoo-users-were-affected-in-2013-data-breach

2017 in Identity – CIAM becomes politically charged.

No one could have predicted the level at which customer data was being used inappropriately. Hindsight now confirms that customer privacy is not only important, but if not properly protected can be leveraged to perform the worst actions. 13 Russians have been indicted by special counsel Robert S. Mueller III on an elaborate conspiracy to incite political discord in the United States presidential campaign. Why do we attach CIAM to this? Well, this is 100% about protecting against harmful digital hackers disguising themselves as upstanding citizens. If you recall, Clinton campaign chairman John Podesta received a phishing email masked as an alert from Google that another user had tried to access his account. It contained a link to a page where Podesta could change his password. He shared the email with a staffer from the campaign’s help desk. The staffer replies with a typo – instead of typing “This is an illegitimate email,” the staffer types “This is a legitimate email.” Podesta follows the instructions and types a new password, allowing hackers to access his emails.

russia-us-investigation-hack-election-data

2018 in Identity – CIAM covers the entire journey of personal information & trust becomes the focus.

The Zero Trust Architecture model was created in 2010 by John Kindervag, who at the time was a principal analyst at Forrester Research Inc. Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access. The first step to enable a Zero Trust model IS strong identity and access management (building strong authentication, authorization, and encryption throughout) , and I think we can all agree that Zero Trust for consumer data became the focus for 2018 (practically everyone jumped in – including Google, Microsoft and others) and will drive a suite of new innovation in 2019.

Like_3D_4

  • Trumpism Is ‘Identity Politics’ – politics based in appeals to the loathing of, or membership in, a particular group.
  • Government of Canada announced it will launch a pilot for the new Known Traveller Digital Identity prototype, in collaboration with the World Economic Forum
  • Mastercard and Microsoft announced a strategic collaboration to improve how people manage and use their digital identity.
  • PSD2 applies as of January, 2018 – European Banking Authority (EBA) recently released new guidelines on open banking systems, which named data security a top priority as banks will begin to share their customers’ financial information with other authorized providers.
  • General Data Protection Regulation (GDPR) is enforced as of May 25, 2018. Digital identity data becomes the center of every digital transformation project.
  • Marriott breach exposes over 500MM digital identities; Under Armour expanded to 150MM; Adidas; and even Identity theft protection firm LifeLock experience breaches.
  • Facebook Cambridge identity data misuse advances to a Facebook identity data breach. The world begins to treat all personal data as a first class citizen (anonymous, known, social, health, financial….it doesn’t matter). Who can a consumer trust anymore?
  • US digital identity breaches reach 1,370,710,977 in total.
  • Relx, the UK-listed information and analytics group, purchases ThreatMetrix, an online identify verification business, for £580m

Again, it’s been an exciting time in the land of digital identity. Digital identity, in general, and Customer Identity and Access Management (CIAM), specifically,  has become the center of all digital transformation projects. “Identity-first” brands have begun to treat each customer’s unique digital identity as the key to their personally connected world and, thus, the most valuable thing they own.

Jim Kaskade

Jim Kaskade is a serial entrepreneur & enterprise software executive. He's currently focused in the area of digital identity security. He started his career engineering massively parallel processing datacenter applications. Prior to identity, he led a digital application business of over 7,000. Prior to that he led a big data & analytics business of over 1,000. He was the CEO of a Big Data Cloud company; was an EIR at PARC (the Bell Labs of Silicon Valley); led two separate private cloud software startups; founded of one of the most advanced digital video SaaS companies delivering online and wireless solutions to over 10,000 enterprises; and was involved with three semiconductor startups (two of which he founded, one of which he sold). Jim has an Electrical and Computer Science Engineering degree from University of California, Santa Barbara, and an MBA from the University of San Diego.

Leave a Reply