October 18, 2022
Today we sit down with Christine Owen, whose two-word motto is “Identity Evangelist.”
The federal government has been encouraging agencies to get serious about identification. We can list announcements from the Executive Office of the President, to NIST, Homeland Security, and even the Office of Management and Budget.
The motivation has been the COVID-inspired move to the cloud. If it were just one cloud, there would be a few issues. The complexity begins when clouds become dependent on other systems, whether it is an on-premises system or a hybrid cloud. Identity seems to be the best way to assure security.
"You have to have an IDP, an identity provider, that IDP should have strong phishing resistant, multi factor authentication"
Christine has a legal background and, as a result, has a keen eye on the implications of the plethora of standards and regulations that are promulgated about identity. That is not to say she isn’t technically competent.
For example, she can articulate the three ways to become phishing resistant. Additionally, she can articulate very clearly the implications of Role Based Access Control and Attribute Based Access Control.
There are organizations like the National Security Telecommunications Advisory Council that have run articles implying that the transition to Zero Trust may end up being an incomplete experiment.
Listen to the interview to get a balanced and detailed observation on identity management in complicated federal systems.
If you enjoyed this article, you may want to listen to Episode #23, Protecting Apps across Software as a Service Platform.
John Gilroy
Has been behind a microphone since 1991. He can help you structure, launch, and promote your company podcast. johngilroy@theoakmontgroupllc.com
Leave a Reply