Chief Identity Officer (CIdO). That's the new term introduced by Gartner to define the role of an identity manager within an organization. While this term is still relatively new, upcoming challenges regarding digital identity could well elevate the CIdO to…
Category: Digital Identity
Recent advances in artificial intelligence (AI) promise a revolution in every aspect of our lives, both professional and personal. This transformation is affecting every job within our companies, raising questions about the impact of AI in well-established areas such as…
Securing privileged access through access management is vital because it ensures that an organisation’s people are only granted access to what they need to do their jobs, and only for the period for which they need it. Access management also allows…
For over twenty years, Wavestone has been supporting clients develop and strengthen their Identity and Access Management programs. Within this area, Wavestone has observed that organizations do not always approach IAM in a comprehensive manner. While Security is an obvious…
The content of this article is taken from an interview conducted by Marc JACOB for Global Security Mag in March 2022, available here. The obviousness of IAM, and the difficulty of the transformations it implies Faced with the…
Using passwords introduces both a large attack surface (phishing, brute force, password spreading, rainbow table, etc.) and a poor user experience. As a result, passwords have been denounced in favour of passwordless technologies for several years. However, passwords remain commonly…
In this second article on Identity and Access Management (IAM) we look at why many organisation face difficulties transforming their IAM ecosystem, and how IAM programmes should be approached and structured. In our previous article – Identity and Access Management:…
Large organisations are facing unprecedented change, such as adapting to remote working and managing operational risk in a post-pandemic world. Identity & access management (IAM) – the provision and verification of identities and their access rights – is once again…
Nowadays, access management and security concept of APIs are inherent to federation protocols OAuth2 and OpenID Connect. Both protocols natively cover a great deal of use cases, but regularly evolve and come with complements to address more innovative subjects. In…
In a previous article, we discussed the main motivations behind the implementation of an authorization model and answered a first set of essential questions one should think about when setting up or redesigning a model. Let’s continue here with a…