Rolls differentiated between authentication and the ability to manage the rights and privileges of a user. He said simply that authentication is just not enough.
He explained the way to go beyond authentication is a concept called identity governance. Just because a person is accurately identified doesn’t mean they should have permission to all aspects of a network.
2017 will see many transitions in the federal government, something Rolls indicated may not be apparent to most people.
He said about 4,000 people would be leaving politically appointed jobs. These are commonly called “orphan” accounts. What happens to their email addresses? Can it be captured by a bad actor and lead to a spear phishing attack?
When an organization deploys a holistic identity management program they are able to control the lifecycle of a person’s identity. They can get a deeper understanding of these orphan accounts as well improve their security posture on other levels.
John Gilroy, Host of Federal Tech Talk, Federal News Radio
John Gilroy has been a member of the Washington D.C. technology community for over twenty years. In 2007 he began weekly interviews on Federal News Radio called “Federal Tech Talk with John Gilroy.” His 428 interviews provides the basis for profitable referral business. In 2009 he created a successful breakfast club of previous radio guests called The Technology Leadership Roundtable. He has been instrumental in two of his guests forming their own radio shows: Derrick Dortch with “Fed Access” and Aileen Black and Gigi Schumm with “Women in Washington.”
In 2011 he began teaching a course in social media marketing at Georgetown University; in March of 2014, John won the Tropaia Award for Outstanding Faculty. John conducts monthly corporate training for large companies on how to leverage social media to generate revenue.
Darran Rolls, Chief Technology and Chief Information Security Officer, SailPoint
Darran Rolls directs the continued development and communication of SailPoint’s technology strategy and vision. His long history in information security has helped SailPoint emerge as a company with which to be reckoned in every area of identity management – from compliance and governance, to role management and role engineering, to user lifecycle management and provisioning. He believes the key to that success has been finding the balance between striving to be a market-leading innovator and acting pragmatically to make sure clients’ needs are met.
Before joining SailPoint, Darran worked in the CTO’s office at Sun Microsystems and led strategic technology and industry standards initiatives at Waveset Technologies. A respected contributor to several industry standards initiatives, he served as Chair of the OASIS Provisioning Services Technical Committee. In that capacity, he led a two-year industry effort to develop the Service Provisioning Markup Language (SPML) Specification. Prior to Waveset, Darran served in senior technical leadership positions at enterprise software companies including IBM/Tivoli Systems, PointOne Telecommunications and DBMX.