Identity Management
Enhancing the User Experience
Matthew O. Pahls
Matthew O. Pahls
Lead IT Security Engineer Kent State University
1. A few IAM best practices
2. The people problem
3. Usability and beyond
4. The user lifecycle
5. A look at Kent State Un...
Strive for the fewest number of
Identity repositories.
Expect to use multiple authoritative
sources for user information.
...
Behind every quantitative study
lurks a rather peculiar variable.
“Each individual will adopt a course
of action that will...
Testing one person is better than
testing none.
Testing one user in the beginning of
a project is better than testing 50
n...
MatthewO.Pahls
The people problem
MatthewO.Pahls
The people problem
Useful
Desirable
Usable
Findable
MatthewO.Pahls
Usability and beyond
Accessable
Valuable
Creditable
Secure
MatthewO.Pahls
Usability and beyond
Free(ish)
● Card Sorting
● Five Second Tests
● Click Tracking
● Heatmaps
● Mouseflow
Split Testing
● A/B
***Google Analyti...
MatthewO.Pahls
The user lifecycle
MatthewO.Pahls
A Look at Kent State University
Facebook
MatthewO.Pahls
Usable IAM function
Facebook
MatthewO.Pahls
Usable IAM function
Enter in code from email
Select a new password
Google Account Creation
MatthewO.Pahls
Usable IAM Function
Keeping your users informed.
Matthew Pahls,
Your Kent State University password has been changed on
05/13/2014 02:30 PM. I...
2-Factor Authentication
Lets just see how easy 2-Factor can
be to setup with an example.
Lets use Duo Security
MatthewO.Pa...
Risk based authentication (when
2factor just doesn’t work)
MatthewO.Pahls
Usable IAM function
You are the password
Nymi Wristband
● Recognize you based on your
unique cardiac rhythm
● Low power Bluetooth
● Gesture ba...
Questions?
Upcoming SlideShare
Loading in …5
×

Usable identity management

196 views

Published on

Identity management: Enhancing the User Experience
Today managing user expectations is a very daunting task. Turning to an identity management system to create meaningful human interactions seem rather peculiar, but if implemented properly almost any product, system, or service can elicit a positive user experience. During this session we will look a few identity related functions coupled with proper usability techniques to create a secure environment for users to function in.

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
196
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Usable identity management

  1. 1. Identity Management Enhancing the User Experience Matthew O. Pahls
  2. 2. Matthew O. Pahls Lead IT Security Engineer Kent State University
  3. 3. 1. A few IAM best practices 2. The people problem 3. Usability and beyond 4. The user lifecycle 5. A look at Kent State University 6. Take a look at usable IAM functions 7. Preparing for the future (Convergence) MatthewO.Pahls Agenda
  4. 4. Strive for the fewest number of Identity repositories. Expect to use multiple authoritative sources for user information. Separate the authoritative repository from the enterprise directory Choose a pragmatic goal for user-to- role assignment Match the culture and operations of your business with a role framework Automate Provisioning Provide knowledge and control to business owners and custodians MatthewO.Pahls Just a few IAM best practices
  5. 5. Behind every quantitative study lurks a rather peculiar variable. “Each individual will adopt a course of action that will involve the expenditure of the probably least average of his work” - George Kingsley Zipf Will not seek out information that makes their jobs harder At best we “satisfice” under “bounded rationality” I.A. MatthewO.Pahls The people problem
  6. 6. Testing one person is better than testing none. Testing one user in the beginning of a project is better than testing 50 near the end. The importance of recruiting representative users is overrated. Testing in an iterative process Top 5 reasons for not testing ● We don’t have time ● We don’t have money ● We don’t have the expertise ● We don’t have a usability lab ● We wouldn’t know what to do with the results. MatthewO.Pahls The people problem
  7. 7. MatthewO.Pahls The people problem
  8. 8. MatthewO.Pahls The people problem
  9. 9. Useful Desirable Usable Findable MatthewO.Pahls Usability and beyond
  10. 10. Accessable Valuable Creditable Secure MatthewO.Pahls Usability and beyond
  11. 11. Free(ish) ● Card Sorting ● Five Second Tests ● Click Tracking ● Heatmaps ● Mouseflow Split Testing ● A/B ***Google Analytics *** Guerilla Usability ● Recording everything Focus groups MatthewO.Pahls Usability and beyond
  12. 12. MatthewO.Pahls The user lifecycle
  13. 13. MatthewO.Pahls A Look at Kent State University
  14. 14. Facebook MatthewO.Pahls Usable IAM function
  15. 15. Facebook MatthewO.Pahls Usable IAM function Enter in code from email Select a new password
  16. 16. Google Account Creation MatthewO.Pahls Usable IAM Function
  17. 17. Keeping your users informed. Matthew Pahls, Your Kent State University password has been changed on 05/13/2014 02:30 PM. If you are not aware of this change, please contact the Helpdesk at 330.672.HELP (4357). As a reminder your alternate e-mail address will not be used for marketing purposes. Thank you, Kent State University Helpdesk Information Services Call: 330.672.HELP (4357) Visit: 1st Floor Library Walk-Up Desk Matthew Pahls, Your Kent State University alternate e-mail address has been changed to asdfasdf@gmail.com on 05/13/2014 02:30 PM. If you did not initiate this change, please contact the Helpdesk at 330.672.HELP (4357). As a reminder your alternate e-mail address will not be used for marketing purposes. Thank you, Kent State University Helpdesk Information Services Call: 330.672.HELP (4357) Visit: 1st Floor Library Walk-Up Desk MatthewO.Pahls Usable IAM function
  18. 18. 2-Factor Authentication Lets just see how easy 2-Factor can be to setup with an example. Lets use Duo Security MatthewO.Pahls Usable IAM function
  19. 19. Risk based authentication (when 2factor just doesn’t work) MatthewO.Pahls Usable IAM function
  20. 20. You are the password Nymi Wristband ● Recognize you based on your unique cardiac rhythm ● Low power Bluetooth ● Gesture based movements ○ eg Opening a Door MatthewO.Pahls The future
  21. 21. Questions?

×