Part 2: Privacy & Security
Author: Andi Hindle
Welcome to Identiverse® 2021 – new hybrid format, same breadth and depth of high-quality content! To help you navigate this year’s agenda with ease, we’ll be running a blog series over the next few weeks leading up to the start of the event. The series will focus on particular topics and themes that will be covered during our virtual conference weeks and showcasing presentations that are especially relevant to those themes. Keep in mind, these blogs aren’t intended to be exhaustive lists, so remember to check out the full agenda as you build your schedule for the coming weeks!
In this 2nd part of the series, we’re focusing on two of our biggest and most popular topic areas: Privacy, and Security. These are crucial areas for the digital identity practitioners; they’ve been at the heart of our agenda for many years, and there’s a lot to talk about in 2021!
Many digital identity projects have a significant security focus. Multi-factor and ‘passwordless’ deployments, for example, can have a tremendous impact on the security posture of an organization, whilst at the same time reducing friction and improving the digital experience. Andrew Shikiar and guests will be discussing this very intersection in “Optimizing User Experience for FIDO Authentication”. There are plenty more talks covering modern authentication processes, both from a technical and from a deployment perspective. (Or consider Malla Ventaka’s “Password-less Authentication at PayPal”, which does both!)
The last 12 months has seen a significant number of serious security breaches: with that in mind, you won’t want to miss Alex Weinert’s perspective on the Solar Winds incident (“Sunburned: What Happened, How We Recovered, and How the Industry Needs to Respond”), whilst Yaron Kassner provides insight into how a common attack pattern really does have identity at its core (“Why Lateral Movement is an Identity-Based Attack”).
Remote and/or flexible working is another trend that looks set to stay. Organsations are consequently accelerating their zero-trust deployments, and shoring up their privileged access programs. Christine Owen investigates both in “Implementing Privileged Access Management Solutions in a Zero Trust Architecture”; and Andrea Nedic and Ujjwal Pugalia look at the role intelligent analytics has to play, in “Simplify Your Least Privilege Journey with Access Analysis”.
In some cases, identity verification is a key part of the overall security strategy; and verified digital identity is getting lots of attention at national and international levels. Ankur Patel discusses the role that standards have to play in remote verification (“Remote Onboarding Enabled by Standards Based Identity Verification”); and Colin Wallis leads a panel looking at future trends and implications of the mobile driver’s license (“mDL: Towards a Global Trust Framework & Governance Model for ISO Compliant Mobile Driving Licenses”).
Any discussion of identity verification leads naturally on to privacy considerations; and individual privacy considerations are especially challenging when set alongside the public good. Jenn Behrens and guests will discuss this challenge in “Digital Privacy Trade-Offs During a Public Health Emergency”.
Privacy by design and privacy by default are both core principles in a number of regulatory regimes. Jose Rodriguez and Vivek Shankar explore new approaches to building privacy considerations in at the application level in “Privacy and Consent Management: An Organizational Model”. Meanwhile, Tom Smedinhoff—a frequent and popular presenter at Identiverse—gives us an in-depth review of the legal rationale for identity verification in “The Legal Framework for Identity: How the Law Imposes a Duty to Verify Identity, and Regulates the Operation of Identity Systems and Services”.
Finally, we’re delighted this year to be able to work in conjunction with the IAPP to bring you an ‘Introduction to Privacy’, which will sit alongside our traditional ‘Introduction to Identity.’ Both of these talks will be available in the virtual platform prior to the official conference opening, so whether you are new to these topics, or just need a refresher, don’t forget to catch those two sessions in preparation for the rest of the conference.
Remember: this year’s event is a hybrid event—some talks will be in-person in Denver; some will be virtual; but no matter how you choose to attend, you will be able to participate in all the presentations. So get registered, check out the full agenda now, start planning your conference, and we look forward to seeing you at Identiverse 2021!