#289 - DevOps Insights at Texas A&M University with Adam Mikeal

In this thought-provoking episode of Identity at the Center, hosts Jim McDonald and Jeff Steadman engage in a candid conversation with security researcher Kat Traxler from TrustOnCloud. They delve into the intricacies of cloud identity management, discussing the unique challenges and strategies for securing assets in cloud environments like GCP and AWS. Kat sheds light on the importance of understanding the resource hierarchy in GCP and the nuances that differentiate it from AWS. The trio also explores the evolution of IAM tools and their applicability in the cloud, the debate between least privilege and zero standing privilege, and the ongoing journey toward securing the cloud beyond IAM. As they unpack the complexities of cloud security, Kat shares her insights on the significance of asset inventories and the impact of policy inheritance on cloud platforms. The conversation also touches on the future of cloud security conferences and the value of hands-on experiences in understanding cloud security. Amidst the technical deep dive, the episode takes a lighter turn as the hosts and guest contemplate what life might look like outside the realm of technology, revealing personal aspirations ranging from farming to bronze sculpting. For those looking to expand their cloud security knowledge, Kat recommends checking out the GCP 101 series on her blog and the Forward Cloud SEC conference for a comprehensive learning experience. Connect with Kat: https://www.linkedin.com/in/kat-traxler-85a6592/ GCP 101 Series (Blog): https://kattraxler.cloud/gcp/iam/101/2024/03/03/gcp-series-101.html Google Cloud Adoption Framework: https://cloud.google.com/adoption-framework Learn more about TrustOnCloud: https://trustoncloud.com/ fwd:cloudsec conference: https://fwdcloudsec.org/ Identiverse 2024: As an IDAC listener, you can register with 25% off by using code IDV24-IDAC25 at https://events.identiverse.com/identiverse2024/register?code=IDV24-IDAC25 Attending the European Identity and Cloud Conference in Berlin? Use Discount Code: EIC24idac25 for 25% off. Register at https://www.kuppingercole.com/events/eic2024 Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at: Europe: https://www.terrapinn.com/exhibition/identity-week/ America: https://www.terrapinn.com/exhibition/identity-week-america Asia: https://www.terrapinn.com/exhibition/identity-week-asia/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

22 Apr 20241h 2min

In this episode, Jim and Jeff welcome back Sandy Bird, the CTO and Co-Founder of Sonrai Security, for a sequel to their first sponsor spotlight. Sandy returns to discuss the groundbreaking Cloud Permissions Firewall with Permissions on Demand. The trio dives into how this new solution revolutionizes the way organizations can clamp down on excessive cloud permissions, streamline operations, and secure their cloud environments with unprecedented speed and efficiency. The discussion illuminates the concept of "default deny," the exhilaration of zapping "zombie" identities, and the seamless integration with cloud native tools. Sandy also shares insights on how customers can measure success with Sonrai’s solution and the significant security benefits provided. For a visual walkthrough of Sonrai’s Cloud Permissions Firewall, visit http://sonrai.co/idac to see the demo in action and learn how you can try it out with a 14-day free trial. And if you're at RSA, AWS re:Inforce, or Gartner IAM, look for the Sonrai Security booth and experience the epiphany moment for yourself. Connect with Sandy on LinkedIn: https://www.linkedin.com/in/sandy-bird-835b5576 Learn more about Sonrai Security: https://sonrai.co/idac Introducing the Cloud Permissions Firewall (YouTube): https://www.youtube.com/watch?v=ffQbM6KGDbY Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter. Episode Keywords Identity And Access Management (Iam), Cloud Security, Aws, Azure, Gcp (Google Cloud Platform), Least Privilege, Identity Risk, Cloud Permissions Firewall, Infrastructure As Code, Security Operations (Secops), Cloud Operations (Cloudops), Permissions Management, Excessive Privileges, Zombie Identities, Identity Governance, Access Analyzer, Sensitive Permissions, Role-Based Access Control (Rbac), Service Control Policies (Scp), Cloud Native Security

17 Apr 202452min

In this episode, hosts Jim McDonald and Jeff Steadman engage in a far-reaching discussion with John Podboy, a Senior Vice President in Cybersecurity for a major bank. They delve into the evolving landscape of identity in the banking industry, the impact of AI and indicators of compromise on identity data, and the potential future innovations like FIDO2 and passkeys. John also shares his insights on the importance of understanding business objectives and the role of identity in driving revenue and customer trust. Plus, don't miss the wine talk towards the end, where John reveals his passion for vineyards and the type of wine he would specialize in if he had his own. Connect with John: https://www.linkedin.com/in/johnpodboy/ Identiverse 2024: As an IDAC listener, you can register with 25% off by using code IDV24-IDAC25 at https://events.identiverse.com/identiverse2024/register?code=IDV24-IDAC25 Attending the European Identity and Cloud Conference in Berlin? Use Discount Code: EIC24idac25 for 25% off. Register at https://www.kuppingercole.com/events/eic2024 Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at: Europe: https://www.terrapinn.com/exhibition/identity-week/ America: https://www.terrapinn.com/exhibition/identity-week-america Asia: https://www.terrapinn.com/exhibition/identity-week-asia/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

15 Apr 202457min

In this episode, hosts Jim and Jeff sit down with Martin Kuppinger, Founder and Principal Analyst at KuppingerCole Analysts. Making his fourth appearance on the show, Martin shares what he's been up to since the last time they spoke in July 2023. The conversation also explores Martin's insights on who should be in charge of IAM and the role of the CISO, based on his LinkedIn post. The hosts and Martin then delve into a discussion about the upcoming 2024 European Identity and Cloud Conference in Berlin. Martin shares his impressions of the city, provides details about the conference, and gives advice for first-time attendees. They also discuss the main themes of this year's conference and what he's excited for. Finally, they discuss a KuppingerCole blog post about the end-of-life of SAP Identity Management. Connect with Martin: https://www.linkedin.com/in/martinkuppinger/ Who should be in charge of IAM? And what's the role of the CISO?: https://www.linkedin.com/pulse/who-should-charge-iam-whats-role-ciso-martin-kuppinger-vpncc/?trackingId=94hCoE7ifcjDrxv93V72lw%3D%3D SAP Identity Management End-of-Life: What’s Next?: https://www.kuppingercole.com/blog/kuppinger/sap-identity-management-end-of-life-whats-next Identiverse 2024: As an IDAC listener, you can register with 25% off by using code IDV24-IDAC25 at https://events.identiverse.com/identiverse2024/register?code=IDV24-IDAC25 Attending the European Identity and Cloud Conference in Berlin? Use Discount Code: EIC24idac25 for 25% off. Register at https://www.kuppingercole.com/events/eic2024 Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at: Europe: https://www.terrapinn.com/exhibition/identity-week/ America: https://www.terrapinn.com/exhibition/identity-week-america Asia: https://www.terrapinn.com/exhibition/identity-week-asia/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

8 Apr 202457min

In this sponsored episode, our hosts Jim and Jeff have an in-depth conversation with Gil Hoffer, the Co-Founder and CTO of Salto. They explore Gil's journey into the world of identity, the inception of Salto, and how the company is setting new standards in the field. The discussion delves into the unique features and benefits of Salto's services, as well as how organizations can measure their success with Salto. Listen in to learn about Salto's role in managing configurations and their vision for the future. Connect with Gil: https://www.linkedin.com/in/gilhoffer/ Learn more about Salto: https://www.salto.io/idac Salto on YouTube: https://www.youtube.com/@salto-io Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

3 Apr 202449min

In this episode, hosts Jim McDonald and Jeff Steadman welcome Jeff Reich, Executive Director at the Identity Defined Security Alliance (IDSA), back to the IDAC Podcast for his third appearance. The main topic of discussion is Identity Management Day 2024. They deep dive into what's new with the IDSA, the exciting content to expect on Identity Management Day, and Jeff Reich shares his rapid-fire thoughts on AI, the Change Healthcare Cyberattack, converged identity vs. best of breed, and the top trends for identity tech firms. Connect with Jeff Reich: https://www.linkedin.com/in/jreich/ Learn more about the IDSA: https://www.idsalliance.org/ Identity Management Day 2024: https://www.idsalliance.org/event/identity-management-day-2024/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

1 Apr 20241h 1min

In this episode, hosts Jim McDonald and Jeff Steadman sit down with guest Hannah Sutor, a Principal Product Manager at GitLab and IDPro Board Member, for a public conversation about privacy. They explore various topics such as the right to anonymity on the internet, privacy expectations as an employee and a consumer, and the interpretation of privacy policies. Hannah also shares her experience and insights from her role as a "privacy evangelist". Connect with Hannah: https://www.linkedin.com/in/hannah-sutor/ Safeguarding Identity and Privacy: Fundamental Human Rights in the Digital Age - https://idpro.org/safeguarding-identity-and-privacy-fundamental-human-rights-in-the-digital-age/ Learn more about IDPro: https://idpro.org/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

25 Mar 20241h 3min

This episode of the Identity at the Center podcast, a Sponsor Spotlight, is fully sponsored by Zilla Security. In this episode, hosts Jim McDonald and Jeff Steadman sit down with Deepak Taneja, CEO & Co-founder of Zilla Security. The trio discuss a variety of topics including how Zilla Security differentiates itself in the crowded IAM market, the role of Robotic Process Automation (RPA) in the identity lifecycle, and the various personas within an organization that would use Zilla. Deepak also shares some insights about the onboarding process for new Zilla clients and what the future holds for Zilla Security. Connect with Deepak: https://www.linkedin.com/in/tanejadeepak/ Learn more about Zilla Security: https://zillasecurity.com/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on X/Twitter.

20 Mar 202455min