Identity at the Center

Identity at the Center

Identity at the Center is a weekly podcast all about identity security in the context of identity and access management (IAM). With decades of real-world IAM experience, hosts Jim McDonald and Jeff Steadman bring you conversations with news, topics, and guests from the identity management industry. Do you know who has access to what?

  1. 4D AGO

    #402 - An Update on SSF and CAEP with Atul Tulshibagwale

    In this episode of Identity at the Center, hosts Jeff and Jim dive into the details of the Shared Signals Framework (SSF) and Continuous Access Evaluation Profile (CAEP), with special guest Atul Tulshibagwale, the CTO of Signal. The trio discusses the complexities and applications of these identity security standards, recent adoption by major tech companies, and how they are transforming the approach towards identity and access management. Atul also shares exciting news about Signal's impending acquisition by CrowdStrike and reflects on a recent safari trip in Kenya. Tune in to learn about the evolution of identity security and the future of SSF and CAEP. Connect with Atul: https://www.linkedin.com/in/tulshi/ Learn more about the Artificial Intelligence Identity Management Community Group: https://openid.net/cg/artificial-intelligence-identity-management-community-group/ Learn more about SSF and CAEP: https://openid.net/how-authzen-and-shared-signals-caep-complement-each-other/https://sgnl.ai/whitepaper/caep-best-practices/https://caep.dev/https://youtu.be/qakOw0g2mZ8?si=p8z9imn7x-HhLdcVhttps://www.youtube.com/live/e64YiAmGmf4?si=QPKDg2Jm9oSZmbhZhttp://sharedsignals.guide/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Timestamps: 00:00 Introduction and Episode Milestone 00:17 Challenges with Installing Molt Bot 02:32 MoltBook and AI Agents 03:21 Jim's Perspective on AI Assistants 09:24 Conferences and Networking 10:10 Introduction to Shared Signals and CAEP 13:03 CrowdStrike Acquisition of Signal 14:03 AI Identity Management Community 16:59 Shared Signals Framework and CAEP Explained 30:03 Final Version of CAEP and Shared Signals Released 30:35 Adoption by Major Technology Providers 32:49 Benefits of Implementing Shared Signals 36:32 Future of SSF and CAEP 40:51 Certification Program for Shared Signals 52:48 Real-World Safari Adventure 01:00:34 Conclusion and Final Thoughts Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Atul Tulshibagwale, Shared Signals Framework, SSF, CAEP, Continuous Access Evaluation Profile, OpenID Foundation, CrowdStrike, SGNL AI Identity, Agentic Identity, AuthZEN, Risk, Identity Security, IAM, Podcast

    1h 2m

  2. FEB 11

    #401 - Sponsor Spotlight - PlainID

    This episode is sponsored by PlainID. Visit plainid.com/idac to learn more. In this sponsored episode, Jim McDonald and Jeff Steadman talk with Gal Helemski, CTO and co-founder of PlainID, about the evolving landscape of authorization. The conversation covers the transition from traditional roles and attributes to a modern policy-based access control (PBAC) approach. Gal explains how PlainID helps organizations centralize authorization logic, improve security posture, and simplify the management of access across complex hybrid and multi-cloud environments. The discussion also touches on the importance of visibility into who has access to what and the role of standards like Cedar and Rego in the future of authorization. Connect with Gal: https://www.linkedin.com/in/gal-helemski-b9542231/Learn more about PlainID: plainid.com/idac Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com Timestamps: 00:00 Introduction to the Sponsor Spotlight 02:15 Meet Gal Helemski from PlainID 05:30 The shift from RBAC to PBAC 10:45 Challenges with traditional authorization methods 15:20 How PlainID centralizes authorization logic 22:10 Integrating with existing identity providers 28:45 The role of visibility and auditing in authorization 35:30 Discussion on authorization standards: Cedar and Rego 42:15 Future trends in identity and access management 50:00 Final thoughts and where to learn more Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, PlainID, Authorization, Policy-Based Access Control, PBAC, RBAC, Cybersecurity, IAM, Access Management, Gal Helemski, Identity Security

    52 min

  3. FEB 9

    #400 - Celebrating 400 episodes of IDAC

    In this milestone episode of Identity at the Center, Jeff and Jim celebrate 400 episodes and reflect on their journey over the past six and a half years. They discuss the podcast’s evolution, from its early days focusing on strategy and framework to recent themes like cloud identity, governance, and AI-driven technologies. Jim shares his New Year's resolution of writing a book about identity, blending practitioner stories with educational elements, and utilizing AI tools. The duo also highlights significant trends in identity and access management, including frictionless authentication and privilege access management. They look forward to the future of identity within an AI-driven landscape, urging listeners to adapt to technological advancements. Tune in for insights, reflections, and their plans for continuing to grow the podcast. Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Timestamps 00:00 Welcome and Milestone Celebration00:44 Reflecting on the Podcast Journey01:27 Jim's New Year's Resolution: Writing a Book05:16 Using AI in the Writing Process09:34 Podcast Growth and Listener Support13:08 Remembering Luis Almeida16:59 Conference Highlights and Discount Codes19:05 Lessons Learned from Podcasting29:01 The Evolution of the Podcast36:01 Pandemic Disruptions and Podcast Challenges36:30 Funny Moments and Swearing on the Show37:24 Identity Management Trends in 202039:20 Cloud Identity and Certifications in 202141:54 Governance and Compliance in 202244:23 Security Convergence and Milestones in 202351:07 Privilege Access Management in 202455:15 Frictionless Authentication in 202558:20 AI and the Future of Identity in 202601:09:00 Reflections and Gratitude Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, IAM, podcast, cybersecurity, digital identity, AI, agentic identity, PAM, IGA, cloud security, passkeys, professional development, IDPro, identity governance

    1h 12m

  4. FEB 5

    #399 - Navigating Identity Security in the Age of AI with Jeff Margolies

    Jim McDonald is joined by Jeff Margolies, Chief Product and Strategy Officer at Saviynt, to discuss the intersection of artificial intelligence and identity security. Jeff shares his decades of experience in the industry, from building the IAM practice at Accenture to his current leadership role at Saviynt. The conversation covers how AI is making manually intensive identity tasks more efficient, the emergence of Identity Security Posture Management (ISPM), and the critical need to govern identities for AI agents. Jeff also provides his perspective on the future of the identity practitioner and why he remains an optimist in a rapidly changing technological landscape. Connect with Jeff Margolies on LinkedIn: https://www.linkedin.com/in/jmargolies/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Timestamps: 00:00:00 - Introduction and Gartner Identity Conference Recap 00:02:11 - Jeff Margolies' Career Journey in Identity and Security 00:04:36 - Returning to Identity and Joining Saviynt 00:06:13 - How AI is Impacting Identity Security and Governance 00:09:56 - The Future of Identity Services in an AI World 00:13:58 - Will AI Disrupt the SaaS Model for Identity? 00:19:50 - The Impact of AI on the Identity Practitioner Job Market 00:26:16 - Identity for AI: Governing Agents and Delegated Authority 00:32:00 - Combating Deepfakes and Proving What is Real 00:34:40 - The Rise of Identity Security Posture Management (ISPM) 00:41:46 - Comparing Posture Management and ITDR 00:44:17 - Advice for CISOs: Why Posture Should Come First 00:49:35 - The Secret to Saviynt's Success and Future Outlook 00:52:19 - Lighter Note: Why Jeff Chose a Tesla for His Daughter Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Jeff Margolies, Saviynt, IAM, Identity and Access Management, AI, Artificial Intelligence, ISPM, ITDR, Cybersecurity, Identity Governance, SaaS, IGA

    57 min

  5. FEB 2

    #398 - Solving the AI Identity Challenge with Martin Kuppinger

    In this episode, Jim McDonald welcomes back Martin Kuppinger, Principal Analyst at KuppingerCole, to discuss the rapidly evolving landscape of identity in 2026. With Jeff Steadman away, Jim and Martin dive deep into the intellectual challenges posed by AI agents and the limitations of traditional non-human identity frameworks. Martin explains why organizations are feeling a sense of disillusionment with AI and how a capability-based identity fabric approach can help manage the complexity. They also explore the balance between security and business enablement, the rise of workload identities, and what to expect at the upcoming European Identity and Cloud Conference (EIC) in Berlin. Connect with Martin: https://www.linkedin.com/in/martinkuppinger/ KuppingerCole: https://www.kuppingercole.com European Identity and Cloud Conference (EIC) (don’t forget to use our discount code idac25mko): https://www.kuppingercole.com/events/eic2026 Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Timestamps 00:00 - Welcome back to 2026 and EIC preparations 02:48 - The shift from future potential to current AI agent challenges 03:12 - Understanding AI disillusionment and the lack of control in regulated industries 05:19 - Security as a business enabler vs progress prevention 09:55 - Why AI agents should not be classified simply as non-human identities 11:43 - Complex relationships between humans, agents, and delegated tasks 15:17 - Self-service identity for knowledge workers and AI productivity 18:40 - The risks of decentralized agent creation and "shadow" AI 21:58 - How AI is being baked into identity products beyond role mining 26:55 - Using usage data to reduce over-entitlements 34:10 - The Identity Fabric: A capability-based approach to IAM 40:33 - Vendor rationalization and the flexibility of the fabric 47:19 - Previewing EIC 2026 topics: Wallet initiatives and consent 52:44 - Final advice: Curing symptoms vs addressing causes Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Martin Kuppinger, KuppingerCole, IAM, AI Agents, Identity Fabric, EIC 2026, Non-Human Identity, Workload Identity, ITDR, IGA, Cybersecurity

    56 min

  6. JAN 26

    #397 - RSM & IDAC Present - The Intersection of Resiliency, Recovery, and IAM

    Jeff Steadman is joined by RSM colleagues Rich Servillas and Charles John to explore the critical intersection of identity access management, operational resilience, and disaster recovery. Rich, a director from the cyber response group, shares insights from the front lines of ransomware and cloud intrusions, while Chuck, director of operational resilience, discusses the importance of business continuity planning. The conversation covers the true impact of security incidents on brand reputation and operations, the necessity of out-of-band communication, and why identity is often the first thing challenged and the last thing trusted during a crisis. The guests also provide practical advice for IAM professionals on reducing blast radius through standing privilege reduction and robust logging. Connect with Rich: https://www.linkedin.com/in/richard-servillas-041a0551/ Connect with Chuck: https://www.linkedin.com/in/chuckjohn/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Timestamps: 00:00:00 - Introduction and 2026 conference outlook 00:01:44 - Introducing guests Rich and Chuck from RSM 00:03:56 - Defining operational resilience and business continuity 00:06:22 - When and how to start the planning process 00:09:55 - Chuck's background in public health and emergency management 00:12:44 - The broad impact of incidents on brand and operations 00:16:45 - Key elements every recovery plan must include 00:19:14 - Defining incident severity and matrixes 00:21:52 - Identity as the new perimeter and its operational dependencies 00:24:57 - Why hackers log in rather than break in 00:26:46 - The first hours of a cyber incident response 00:29:35 - Current threat trends and the role of AI 00:31:29 - Updating plans through post-action debriefs 00:34:31 - Cyber insurance gaps and contractual SLAs 00:40:24 - Advice for identity professionals on reducing blast radius 00:46:10 - Personal milestones and looking forward to 2026 Keywords: IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, IAM, Cybersecurity, Business Continuity, Disaster Recovery, Operational Resilience, RSM, Incident Response, Ransomware, Cyber Insurance, Identity Governance

    50 min

  7. JAN 19

    #396 - Gartner IAM Summit - Majority Rules

    Jeff and Jim are joined by Gartner Analyst Rebecca Archambault for a special live edition of the podcast recorded at the Gartner Identity & Access Management Summit in Grapevine, Texas on December 10, 2025. Instead of a traditional interview, the trio hosts "Majority Rules," an interactive game show where the live audience votes on pressing and fun identity topics. Listen in to hear the pulse of the room on everything from the biggest buzzwords of the year and the true purpose of analyst 1:1 sessions, to the best strategies for navigating the vendor hall. The group explores audience preferences on IGA, AI risks, non-human identities, and the most common lies told in sales cycles. It is a fun, lighthearted look at what identity professionals are actually thinking about the current state of the industry. Connect with Rebecca: https://www.linkedin.com/in/rebecca-becky-archambault-4b4285111/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Chapter Timestamps 00:00 - Intro and Game Rules 02:40 - First Question: Favorite Podcast 03:15 - Networking vs. Education 04:08 - Buzzword of the Year: Agentic Identity 04:47 - User Behavior Analytics Usage 05:37 - Expo Hall Memories and Socks 06:20 - The Twist: Battle Royale Rules 06:45 - The True Purpose of Analyst 1:1s 07:55 - Mitigating Agentic AI Risks 08:55 - Strategies for the Vendor Hall 09:37 - The Future of IGA 10:15 - Favorite Gartner Reports 11:05 - Benefits of Just-in-Time Access 11:45 - AI in Authentication Priorities 12:35 - Securing Non-Human Identities 13:05 - Keys to Successful B2B IAM 13:40 - The Hardest Part of Role Mining 14:15 - PAM for AI Agents 14:50 - Keynote Takeaways 15:40 - Measuring IAM Success 16:20 - Defining ITDR 17:05 - The Biggest Lie in IAM Sales 17:35 - Least Favorite Gartner Report 18:10 - Audit Preparation Preferences 18:45 - Common Lies in the Vendor Hall 19:15 - The Most Dangerous Access Right 19:35 - Winner Announcement and Outro Keywords IAM, identity management, cybersecurity, Gartner IAM Summit, Majority Rules, game show, Rebecca Archambault, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Agentic Identity, ITDR, non-human identity, role mining, zero standing privileges

    31 min

  8. JAN 14

    #395 - Sponsor Spotlight - Redblock

    #395 - Sponsor Spotlight - Redblock This episode is sponsored by Redblock. Visit redblock.ai/idac to learn more. Jeff and Jim come to you live from the Gartner IAM Summit in Grapevine, Texas, for a special Sponsor Spotlight with Redblock. They sit down with CEO Indus Khaitan to discuss how Redblock uses AI and computer vision to solve the "last mile" problem in identity management: disconnected applications. Indus explains how Redblock acts as an "agentic" layer, using screen recordings to learn administrative tasks for apps that lack APIs. The conversation covers the origin of the company name, the urgency of securing the "long tail" of applications, and how they build trust and guardrails around AI execution. They also discuss the "DoorDash" analogy for identity fulfillment and wrap up with a fun chat about Indus's passion for flying planes. Connect with Indus: https://www.linkedin.com/in/khaitan/ Learn more: redblock.ai/idac Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at [idacpodcast.com](http://idacpodcast.com) Timestamps 00:00 Introduction from Gartner IAM Summit 00:46 Guest Introduction: Indus Khaitan of Redblock 01:40 Indus's Journey into Identity 02:41 The Origin of the Name "Redblock" 04:20 The Underserved Market: Services vs. Software 07:34 The Urgency of Securing Disconnected Apps 09:19 Why Traditional IGA and PAM Aren't Enough 11:35 The DoorDash Analogy: Where Redblock Fits 14:30 What Makes Redblock Unique? (Agentic Process Automation) 16:15 Trusting AI with Security Tasks 18:50 Onboarding Apps via Video Recording 21:23 Deployment: Running Air-Gapped on Customer Cloud 22:17 Handling UI Changes and "Full Self-Driving" Analogy 25:40 Integration with SailPoint and Governance Tools 27:13 Speed of Integration: Days vs. Years 32:00 How the "Headless Browser" Works 33:35 Limitations: Web Apps vs. Thick Clients 36:58 Redblock's 2025 Milestones and Future Outlook 39:48 Call to Action: Solving Disconnected Apps 40:27 Impressions of the Gartner IAM Summit 44:26 Are We in an AI Bubble? 46:46 Indus's Hobby: Flying Planes Keywords IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Redblock, Indus Khaitan, AI, Artificial Intelligence, IAM, Identity and Access Management, Disconnected Apps, Agentic AI, Computer Vision, Gartner IAM Summit, RPA, IGA, Cybersecurity

    55 min
See All (402)

4.9
out of 5
40 Ratings

About

Identity at the Center is a weekly podcast all about identity security in the context of identity and access management (IAM). With decades of real-world IAM experience, hosts Jim McDonald and Jeff Steadman bring you conversations with news, topics, and guests from the identity management industry. Do you know who has access to what?

Information

  • Creator
    Identity at the Center
  • Years Active
    2019 - 2026
  • Episodes
    402
  • Rating
    Clean
  • Copyright
    © 771327
  • Show Website
    Identity at the Center

You Might Also Like