An identity system constitutes two user experience funnels - top, and bottom. The top of the funnel focuses on user acquisition by building a best-in-class login/registration experience. The bottom funnel addresses user retention with experiences that need to manage player privacy, security, and account management. Regulatory bodies worldwide require user privacy to be addressed and bad actors are causing account takeover problems. We will focus on the bottom funnel in this session and discover best practices in the Identity system that addresses the KPIs on reduction in customer service cost with enhanced user experience.

An identity system constitutes two user experience funnels - top, and bottom. The top of the funnel focuses on user acquisition by building a best-in-class login/registration experience. The bottom funnel addresses user retention with experiences that need to manage player privacy, security, and account management. Regulatory bodies worldwide require user privacy to be addressed and bad actors are causing account takeover problems. We will focus on the bottom funnel in this session and discover best practices in the Identity system that addresses the KPIs on reduction in customer service cost with enhanced user experience.

In December 2022 and January 2023, 203 security practitioners participated in a CRA BI study on their challenges and successes with Identity and Access Management. Join Bill Brenner, CRA VP of content strategy, Dana Jackson, CRA VP of research, and report author Daniel Thomas for a look at where security teams continue to struggle/succeed, and where respondents plan to make investments in the coming year

What are the top factors that move businesses from the bottom 10% to the top 10% of SASE deployments? In this session, Advisory CISO Wolfgang Goerlich will look at the latest data from Cisco’s Security Outcomes Report to analyze current trends in SASE strategy. From access management to data protection to how to manage it all, Wolfgang will discuss where to focus first in your strategies and how to build strong relationships that position your SASE pivot a success!

IAM programs do so much more than secure and protect data; they are also a powerful business enabler for the entire company. This session will provide tips you can use today to align your IAM program to your business needs, moving you beyond just data risk to the wider world of business opportunity. When you enable the business, you are paving a solid road towards getting interdepartmental support for your IAM program. 

This session will describe where the IAM program intercepts different areas of the company, as well as provide examples of how IAM projects can be justified and ultimately embraced by highlighting ways it can reduce risk, improve efficiency and enable your business.

Role-based access control is a great way to limit employees' ability to pull up data or interact with systems that are irrelevant to their daily responsibilities. This session will reveal top recommendations for how to define your workers' roles and then develop IAM permissions and policies around those roles, using past real-world experiences.

The promise of network security, or perimeter enforcement, has always been with good intentions until the wrong person gets inside of that perimeter. Once inside, they're simply considered 'trusted' in the environment. With zero trust, though, each and every entity in the organization — both human users and automated workers — are continually authenticated throughout every step of the access chain. This begs the question, "Who then really needs network or perimeter security?" In this talk, we'll look past perimeters and discuss how to implement a secure, internet-facing, identity-first, zero-trust model for your global infrastructure access using an open-source access platform like Teleport as an example. We'll focus not only on the importance of true identity verification for every user and machine, but also on the strict enforcement of device trust as well.

Twitter recently announced that 2FA will be a service that users must pay for. Meanwhile, Meta decided to make authentic account verification a premium paid-for service on Facebook and Instagram.

The software-as-a-service model for business applications places some, but not all security responsibility on the SaaS provider. But identity and access management remains the domain of the SaaS customer, which presents key challenges, including gaining visibility into your third-party SaaS relationships, and efficiently and consistently managing your data across your ever-expanding and changing ecosystem of cloud-based SaaS apps. The session will examine strategies for integrating the IAM of disparate SaaS applications for a more unified and controlled approach.

In the world of the Metaverse, where virtual and real-world identities intersect, the protection of our digital selves has never been more critical. It means taking steps to safeguard our personal information, using robust authentication mechanisms, and being cautious about what we share online. It also means using secure and trustworthy platforms and services that prioritize our privacy and security. By valuing and protecting our inviolable identities, we can navigate the Metaverse with confidence and enjoy all that it has to offer.
 

In this session, we will first go through these challenges of identity theft, online harassment or abuse, and breaches; then, we will look at the possibilities to overcome them. We will also explore how IAM will take shape and evolve to reflect the unique properties of the developing Metaverse.