Build Badass Identity Team
From IIW
Building a Kick Butt Identity Team
Tuesday 2H
Convener: Sarah
Notes-taker(s): Jonathan McHugh
Tags for the session - technology discussed/ideas considered: Identity Teams
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
Dysfunctional | Productive |
Lack of testing/UX | Skill sets
|
Easy/accessible/open/powerful ID infrastructure | |
Organizationally-distributed (accessibility but lacking broad vision) | Issues-Employees have, generally, more privileges |
Lack of dedicated resources for identity team/forward thinking | Auth0-Allow a lot of privilege with a huge amount of auditing |
Treated as IT | Functional definition of security |
Split between IT/IS | Powerful engineers/CI/Audit/Notification[ATC = Automated Test Ops] |
Uninformed product owners | Breadth of and depth of team-All have broad, individuals have depth |
Identity team overly restrictive | Organization-wide recognition of security and identity SME as priority |
Treated as IS | |
Executive support/cover from management | |
Clear policy articulation | |
Minimizing glue/integrating standards | |
Metrics aligned with smart infrastructure |
Discussion
- What is an identity team
- Consumer and Enterprise Organizations
- George Fletcher
- Many times the identity team is broken up
- Manager
- Enterprise Services Team
- Identity team
- Manager
- Security
- Manager
- Consumer and Enterprise identity/security is converging
- Least privilege
- Unintended consequences due to complexity
- Enterprise developers need to adopt the consumer developer attitude towards identity
- Raising the priority of identity tech
- Many times the identity team is broken up
- Jonathan Hurd
- Sales to Dev connectivity
- Engineers using standards but having the flexibility to
- Justin Richer
- Pre-configuring Identity technology for easy integration
- Libraries
- APIs
- Pre-configuring Identity technology for easy integration
- Matt Muller
- Upon departure, how many systems will we have to disable their identity on?
- Jonathan McHugh
- It's identity, stupid