Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

IdentityNorth Montreal - Furture Proof your Digital Identity strategy

206 views

Published on

Planning for future is hard but is also the best way to keep your technological debt under control. Same apply for the Digital Identity strategy. Learn from the future and act now.

Published in: Technology
  • Be the first to comment

IdentityNorth Montreal - Furture Proof your Digital Identity strategy

  1. 1. Montreal Executive Forum 2018 Future-proof your Customer Identity strategy
  2. 2. Montreal Executive Forum 2018 Future-proof your Customer Identity strategy To keep in touch https://twitter.com/IdentityMonk https://ca.linkedin.com/in/jflombardo https://x-iam.com 13 years of expertise in IAM 35+ projects:  Strong Authentication,  Identity Management,  Access Governance,  Information Protection. Proud member of a versatile team of 25+ expert consultants ready for innovation
  3. 3. Did you ever meet a crazy guy with a future-proof strategy?
  4. 4. Value Chain Services Digital Identity Strategy Digital strategy Cost Governance Growth A strong focus on digitalization
  5. 5. A ton of customer expectations Better User Experience Efficiency  One set of credentials  Single Sign-on first  Local backup/step-up mechanisms if necessary  Self-service oriented  Context-based ruling and decisions  Cross device consistent Privacy  Consent to use data  Protection of data  Control and traceability of data usage Trust for now and the future
  6. 6. Customer Partner Strategic to its Brand What is a customer exactly? Employee Ambassador of my Brand Favored for using my Brand
  7. 7. Here are the ripples GDPR was just a first step… Russian Data Privacy Laws are operational Australian Data Privacy Laws are operational <Insert your country> Data Laws are coming up Chinese Data Privacy Laws are drafted (some) Canadian Data Laws are enforceable November 2018
  8. 8. User control Low High LowHigh Portability Based on Christopher Allen, stages of online identity http://www.lifewithalacrity.com User Centric Self Sovereign Centralized Federated Strong push for Decentralization to give full control to the owner of the data You should be here Want to know more on SSI? But TRUST is a foundation of any business relationship, how will we maintain it in this model? To boldly go where nothing is centralized
  9. 9. A Decentralization is necessary B Trust management is fundamental Always in movement, the future is... …but we can establish that:
  10. 10. Being Future-Proof 1 Not a will to handle all future use cases 2 But a will to act as a foundation for the future 3 While easing evolution towards modern postures
  11. 11. Great, we already know how to establish trust! My company Trusted bridge Trusted bridge Trusted bridge Trusted bridge
  12. 12. And each one of us knows how to manage Employees’ Identity This is far more difficult for external people My company Trusted bridge Trusted bridge Trusted bridge Trusted bridge Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance
  13. 13. We are all individual customers I’m not We are often biased when we look at our customers…
  14. 14. We are all individual customers I’m not … because many of them are someone else’s employee
  15. 15. Then, it makes sense to leverage our Trust capabilities to decentralize what we control the least My company Trusted bridge Trusted bridge Trusted bridge Trusted bridge Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance trust trust
  16. 16. My company Trusted bridge Trusted bridge Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance trust Benefits from decentralization I can enable Bring-Your-Own- Identity/Token and leverage the burden of user support Thanks to my trusted partner, I can benefit from a strong and efficient process to manage types of identities that were difficult for me I can benefit from Just-in-Time provisioning on first use if coming from a trusted partner I still have the final word regarding the access controls to my resources and services
  17. 17. How to handle the privacy in such a model?
  18. 18. My team will get back to you Not like that, for sure!
  19. 19. My company Trusted bridge Trusted bridge Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance trust How to handle the privacy in such a model? 1) Establish consent when joining the corporation, including for the sharing with a 3rd party Consent to • Collect A • Collect B For Internal use and sharing with my company Valid until 01/01/2019 4) Regularly check for expiration of consent, flush is not renewed 3) Ease the first access of the user to my company 2) Use asynchronous provisioning/synchronization of account information and related consent metadata Consent to • Use A • Use B For Business Analytics at my company Valid until 01/06/2018
  20. 20. My company Trusted bridge Trusted bridge Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance trust How to handle the privacy in such a model? 1) Initially, consent may not include sharing with a 3rd party Consent to • Collect A • Collect B For Internal use Valid until 01/01/2019 4) Regularly check for expiration of consent, flush is not renewed 2) Establish specific consent during checking for the new usage on 1rst use 3) Propagate back to his/her authority the new consent given by the user Consent to • Use A • Use B For Business Analytics at my company Valid until 01/06/2018 Sharing with my company Valid until 01/06/2018 +
  21. 21. My company Trusted bridge Trusted bridge Trusted bridge Trusted bridge Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance Lifecycle Authentication Authorization Governance trust trust SSI will just be another partner in the dance trust trust trust trust
  22. 22. Frédéric Parthenais VP Consulting and Sales fparthenais@facilite.com +1 514-262-2328 Jean-François Lombardo Digital Identity, Trust and Privacy consultant jflombardo@facilite.com +1 514-778-5565 Montreal Executive Forum 2018

×