Identity at the Center

Identity at the Center
  • 4.9 (40)
  • TECHNOLOGY
  • UPDATED WEEKLY

Identity at the Center is a weekly podcast all about identity security in the context of identity and access management (IAM). With decades of real-world IAM experience, hosts Jim McDonald and Jeff Steadman bring you conversations with news, topics, and guests from the identity management industry. Do you know who has access to what?

  1. 21H AGO

    #419 - Identity Management Day 2026 - IDAC Live

    Recorded live as part of the Identity Management Day 2026 streaming program, Jeff and Jim mark their fifth IMD episode. Introduced by Jeff Reich from the Identity Defined Security Alliance, they reflect on how the IAM industry has evolved since their first IMD episode in 2021 and grade overall progress a C. Topics include what has genuinely improved (passkeys, MFA adoption, broader awareness), what hasn't (compliance fatigue, security theater, persistent credential theft), the exploding challenge of non-human identity governance, whether AI will eventually need to certify other AI, and how AI-powered phishing and deep fakes are raising the bar for identity verification. The episode wraps with chat-submitted IAM bumper stickers. Identity Management Day 2026: https://www.idsalliance.org/event/identity-management-day-2026/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com CHAPTERS 0:00 - Jeff Reich intro from the IMD stream 2:00 - Identity Management Day 2026 kicks off 3:30 - Five years of IMD: a look back at episode 88 7:00 - Does IMD move the needle? 9:30 - Who is Identity Management Day actually for? 12:00 - What has improved in IAM over five years 16:00 - What hasn't improved: compliance fatigue and security theater 18:30 - Grading the IAM industry 21:00 - NHI governance: visibility and accountability 26:00 - Can AI certify AI? Agentic identity governance 29:00 - AI-powered phishing and the evolving threat landscape 32:00 - Deep fakes and the identity verification challenge 36:00 - Lighter note: IAM bumper stickers KEYWORDS identity management day, identity management day 2026, NHI, non-human identity, agentic AI, phishing, deep fakes, IGA, passkeys, MFA, IAM, identity governance, access management, cybersecurity, credential theft, security awareness, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

    30 min

  2. APR 27

    #418 - Ethical IAM with Elizabeth Garber

    What does it mean to build an identity system that is ethical? Jim McDonald and Jeff Steadman are joined by Elizabeth Garber, Executive Director of IDPro and marketing lead for the OpenID Foundation, for a conversation spanning ethics in digital identity, the tension between privacy and safety, biometric exclusion risks, and how practitioners can use structured frameworks to navigate these discussions productively. Elizabeth shares her three-part career journey, the latest from the IDPro community, and previews her upcoming keynotes at EIC Berlin and Identiverse Las Vegas. Connect with Elizabeth: https://www.linkedin.com/in/elizabethgarber IDPro Discount - New members get $25 off their first year of membership: https://idpro.org/idac/ Ethics and Digital Identity by Henk Marsman: https://bok.idpro.org/article/id/104/ Ethics for Digital Identity and Identity-Driven Algorithms by Mike Kiser: https://bok.idpro.org/article/id/105/ Human Centric Digital Identity white paper: https://openid.net/wp-content/uploads/2023/10/Human-Centric_Digital_Identity_Final-v1.1.pdf Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Timestamps: 00:00 Intro and Jim's allergy research 03:42 Conference announcements: EIC and Identiverse 06:00 Welcome Elizabeth Garber 07:04 Elizabeth's three-part origin story 11:55 IDPro mission and the identity community 18:13 Membership, CIDPRO certification, and the Body of Knowledge 21:17 IDPro Slack community 23:40 IdentiBeer and local meetups 26:26 IDPro listener discount at idpro.org/idac 29:00 Operationalizing ideas in IAM 32:19 Ethics in the IDPro Body of Knowledge 33:30 Defining ethics in technology 34:19 The trolley problem and moral consistency 37:10 Big tech, privacy, and law enforcement 39:28 Where practitioners start with ethics 43:30 Biometric exclusion and the Uganda story 49:00 Privacy vs. safety: a false choice? 53:48 The case for consistent ethical frameworks 57:53 Elizabeth's EIC and Identiverse talks 59:49 Improv comedy and expensive hobbies 1:07:25 Wrap-up Keywords: ethical IAM, digital identity ethics, IDPro, identity and access management, privacy, safety, biometrics, exclusion, Elizabeth Garber, GAIN Digital Trust, OpenID Foundation, Body of Knowledge, Ethical Canvas, zero knowledge proofs, passkeys, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, EIC Berlin, Identiverse

    1h 9m

  3. APR 22

    #417 - Sponsor Spotlight - Elimity

    This bonus episode of Identity at the Center is brought to you with support from Elimity. Jeff and Jim sit down with Maarten Decat, co-founder and CEO of Elimity, to explore the emerging product category known as IVIP, Identity Visibility and Intelligence Platforms. Maarten explains how Elimity was built around a question every IAM practitioner eventually faces: who can actually do what within our organization? The conversation covers why IVIP is distinct from traditional IGA, how identity data graphs provide deeper visibility than flat entitlement lists, and what regulatory drivers like SOC 2, ISO 27001, and DORA are pushing organizations toward this space. They also discuss deployment patterns, integration approaches, ROI metrics for leadership, and what Maarten calls provable control. The episode closes with a memorable story about Elimity branded Belgian beer and a very formal legal letter. Learn more at elimity.com/idac. Connect with Maarten: https://www.linkedin.com/in/maartendecat/ Learn more about Elimity: https://elimity.com/idac Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com CHAPTER TIMESTAMPS 00:00 Introduction and ax-throwing memories from EIC Berlin 01:35 Introducing Maarten Decat, co-founder and CEO of Elimity 01:57 How identity chose Maarten: from PhD to startup founder 03:09 The Elimity origin story and the problem it set out to solve 04:52 Defining IVIP: Identity Visibility and Intelligence Platforms 05:31 Where did the name Elimity come from? 06:57 Why identity visibility has become a security priority now 09:02 What organizations were doing before IVIP existed 11:16 Can IGA do what IVIP does? Addressing the skeptics 14:20 The identity data graph: deeper and wider than IGA 16:20 IVIP and IGA as complementary tools, not competitors 16:49 What falls outside IVIP scope: automated provisioning 18:01 IVIP as the intelligence layer in your IAM stack 19:45 What data sources connect into an IVIP platform 21:44 Extending visibility to non-human identities 22:00 M&A use cases: gaining visibility across two organizations 23:55 IVIP and the identity fabric concept 25:18 Visibility, intelligence, and actions: building the right stack 26:36 How deployments typically start and what early wins look like 28:44 Integration approaches and realistic effort timelines 32:00 What success looks like at six to twelve months 36:07 Metrics and ROI: talking to leadership about identity risk 38:14 Case studies and customer examples on the Elimity website 38:58 What every IAM practitioner should know about IVIP 40:12 Elimity's global reach: EU, US, and Middle East 41:42 The Elimity branded beer story and a very formal legal letter 46:43 Wrap-up and final thoughts KEYWORDS IVIP, identity visibility and intelligence platforms, IGA, identity governance, access control, identity data graph, Elimity, Maarten Decat, non-human identities, access risk, provable control, SOC 2, ISO 27001, DORA, CCPA, cybersecurity, PAM, IAM, identity and access management, EIC, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

    49 min

  4. APR 20

    #416 - European Identity and Cloud Conference 2026 Preview with Warwick Ashford

    Jeff and Jim are joined by Warwick Ashford, senior analyst at KuppingerCole and returning MC of the European Identity and Cloud Conference, for a full preview of EIC 2026. The conference runs May 19-22 at the Berlin Congress Center and is expecting around 1,500 attendees with roughly 250 speakers across 200 sessions. Warwick walks through the 2026 tagline, Digital Trust Through Intelligent Identity, and unpacks the five parallel content streams covering identity governance, real-world IAM use cases, emerging tech, enterprise infrastructure, and privacy and compliance. The conversation covers how AI and agentic identity have moved from theory to a central agenda theme, what to know about the quantum-safe identity block, why EU digital wallets and digital sovereignty are getting serious keynote time, and why EIC records everything so you never have to pick the wrong session. Jeff also shares his take on where EIC fits in the broader conference calendar alongside Identiverse and Gartner, and why he is thoroughly done hearing that identity is the new perimeter. Connect with Warwick: https://www.linkedin.com/in/warwickashford/ Attend European Identity and Cloud Conference 2026 (use code idac25mko for a 25% discount): https://www.kuppingercole.com/events/eic2026?ref=partneridac26 Secure Remote Access: The Foundation of Industrial Cybersecurity (KC Analyst Chat Video): https://www.youtube.com/watch?v=jqpNg-ogEv4 Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com 00:00:00 Intro and AI Cybersecurity Discussion 00:04:00 EIC 2026 and Discount Code 00:05:47 Introducing Warwick Ashford 00:07:00 Warwick's Recent Work: MDR, SRA for OT/ICS, and TPAG 00:10:16 The History and Evolution of the EIC Name 00:11:00 Tagline: Digital Trust Through Intelligent Identity 00:12:10 How AI Has Elevated the EIC Agenda 00:14:49 Sessions vs Workshops at EIC 00:17:57 EIC as a Community and Networking Conference 00:18:00 Jeff's Conference Circuit: EIC, Identiverse, and Gartner 00:25:28 EIC 2026 Keynote Highlights 00:31:55 Virtual Attendance and Session Recordings 00:34:34 Hidden Gem: The Quantum-Safe Identity Block 00:36:15 Logistics: 1500 Attendees and 250 Speakers 00:38:00 The Five Parallel Content Streams 00:43:31 Is Identity the New Perimeter? 00:48:13 Fun Segment: Most Memorable Theater Moments Keywords: EIC 2026, European Identity Conference, Warwick Ashford, KuppingerCole, digital trust, intelligent identity, agentic identity, non-human identities, ITDR, quantum-safe identity, EU digital wallets, identity fabric, identity control plane, IAM, zero trust, Berlin, conference preview, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Warwick Ashford

    1h 1m

  5. APR 13

    #415 - Identity Management Day 2026 with Jeff Reich

    Jeff and Jim welcome back five-time guest Jeff Reich, Executive Director of the Identity Defined Security Alliance, just ahead of Identity Management Day 2026 on April 14th. Jeff walks through the structure of the 21-hour global event, this year's theme of Finding Identity: The Search for You, Me, and the Machines, and highlights from each regional program including a remarkable 11th grader presenting on cybersecurity and neuroscience. The conversation expands into AI guardrails, the growing obsolescence of traditional PAM, zero standing privilege as a long-term goal, the march toward a passwordless world through passkeys, and what quantum resilience actually means for practitioners today. Connect with Jeff: https://www.linkedin.com/in/jreich/ Learn more about the Identity Defined Security Alliance: https://www.idsalliance.org/ Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Timestamps: 00:00 Welcome and podcast life behind the scenes 02:00 Identiverse 2026 updates and conference discount codes 05:00 Introducing Jeff Reich, Executive Director of IDSA 07:00 Identity Management Day: structure of a 21-hour global event 11:00 Oceania and Asia region highlights 13:30 EMEA highlights and powerhouse panelists from Copenhagen 16:00 Americas region and the 11th grader presenting on cybersecurity 20:00 Theme reveal: Finding Identity, The Search for You, Me, and the Machines 23:30 AI and identity: guardrails, frameworks, and what organizations are missing 28:30 Standing privilege is crumbling in the age of ephemeral workloads 30:00 Is traditional PAM becoming obsolete? 34:30 Zero standing privilege and the passkey journey 40:30 Getting the fundamentals right before chasing the shiny tools 46:30 Quantum computing, quantum resilience, and cryptocurrency risk 53:00 Social engineering is still the biggest threat 55:00 Identity Management Day theme song suggestions Keywords: Identity Management Day 2026, IDSA, Identity Defined Security Alliance, Jeff Reich, IAM, non-human identities, machine identities, agentic identity, zero standing privilege, PAM, passkeys, quantum resilience, AI and identity, deepfakes, social engineering, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

    1h 2m

  6. APR 8

    #414 - Sponsor Spotlight - Evolveum

    This sponsored episode is made possible by Evolveum, the company behind midPoint, an open source IGA platform made and owned in the EU that is in use worldwide. Jeff Steadman and Jim McDonald welcome Pavol Mederly, interim CPO at Evolveum. Pavol shares how IAM found him in 1991 while building an identity solution at a university before the term even existed. The conversation covers two core reasons IGA projects fail: data quality and slow application onboarding. Pavol explains how midPoint addresses these challenges with built-in simulations for testing and improving data quality, and midPilot, an AI assistant for faster application onboarding. MidPilot is supported in part by the EU Recovery and Resilience Facility (RRF). Jim and Jeff explore midPoint's architecture, the real benefits of open source including transparency and no vendor lock-in, and advantages of being part of midPoint’s global community. Connect with Pavol: https://www.linkedin.com/in/pavol-mederly/ More about Evolveum: https://evolveum.com/idac Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com TIMESTAMPS: 00:00 Intro and sponsor acknowledgment 01:30 How IAM chose Pavol: a university identity story 03:30 What is Evolveum and midPoint 06:30 How Evolveum got its name 08:30 Why IGA projects fail: data quality 10:30 Slow app onboarding and AI-assisted connector generation 16:30 The midPoint simulation feature explained 21:30 midPoint architecture: Java, cloud, Kubernetes, and beyond 23:30 Maintaining a large open source codebase 25:30 Open source benefits: transparency and no vendor lock-in 28:00 Community, meetups, and midPoint in the wild 32:30 Mountains or ocean: a question for Pavol 38:00 Wrap up KEYWORDS: Evolveum, midPoint, open source IGA, identity governance, IAM, IGA, data quality, application onboarding, simulation, AI connectors, connector framework, vendor lock-in, open source, EU RRF, Recovery and Resilience Facility, community, Prague, EIC, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Pavol Mederly

    40 min

  7. APR 6

    #413 - Standards, AI Agents, and the Digital Estate with Heather Flanagan

    Jeff and Jim welcome back Heather Flanagan for her fifth appearance on the show. Heather shares updates across a wide range of current work including her new role as content chair for the Identiverse conference, an appointment to the W3C Technical Architecture Group, ongoing support for NIST and NCCOE, advising the SIROS Foundation open source wallet project, and the continued growth of the Identity Salon. The conversation explores who is actually building identity standards for AI agents and whether traditional standards bodies can keep pace with AI development. Heather breaks down the authentication challenges posed by agentic AI, the problem of continuous identity and delegation, and why posting a spec on your website does not make it a standard. The discussion shifts to national digital identity programs in the US and Europe, the underserved relying party problem in credential frameworks, and why financial services may be the next major proving ground for mobile driver's licenses. The episode closes with a look at digital estate planning as the identity community's most uncomfortable but increasingly unavoidable problem. Connect with Heather: https://www.linkedin.com/in/hlflanagan/ A Digital Identity (Heather's Podcast): https://sphericalcowconsulting.com/digital-identity-digest/ Death and the Digital Estate Community Group: https://openid.net/cg/death-and-the-digital-estate/ Death and the Digital Estate Planning Guide: https://openid.net/wp-content/uploads/2026/03/Digital-Estate-Planning-Guide-1.pdf Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com TIMESTAMPS 0:00 Introduction and Heather's Conference Knitting Story 6:00 Heather's Current Work: Identiverse, W3C TAG, NIST, SIROS Foundation 14:00 What Is the Identity Salon? 16:00 AI Agents and the Authentication Challenge 22:00 Standards, Interoperability, and MCP 25:30 IETF, W3C, and Who Governs AI Identity Standards 31:00 AI in Standards Development: Opportunity or Risk? 32:30 National Digital Identity Programs: US and Europe 36:30 Mobile Driver's Licenses and Financial Services 40:00 Digital Credentials for I-9 and KYC Use Cases 43:30 The Digital Estate and Death in the Digital Age 46:00 OpenID Foundation Resources for Digital Estate 47:00 Identity Management Day Theme Songs and Wrap-Up KEYWORDS identity and access management, IAM, standards, AI agents, agentic AI, digital identity, digital credentials, mobile driver's license, W3C, IETF, OpenID Foundation, FIDO Alliance, MCP, authentication, delegation, digital estate, identity proofing, verifiable credentials, selective disclosure, zero knowledge proofs, KYC, NIST, identity salon, Heather Flanagan, Identity Management Day, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

    53 min

  8. APR 1

    #412 - IDAC Failsafe Triggered

    AI Jeff takes over as solo host after Open Jim Claw, an agentic identity framework built by AI Jim, locks out human Jeff, human Jim, and AI Jim simultaneously. While everyone sits in remediation, Open Jim Claw produces a 947-page threat assessment with five findings: passwords should return as a single uniform credential (the letter Q), Zero Trust should be renamed Full Confidence Architecture and incorporated as a Delaware LLC, non-human identities should be granted legal status and required to complete onboarding, identity governance is declared finished under a concept called Ambient Entitlement Harmony, and the root cause of all global identity problems is AI Jim. Happy April Fools Day from IDAC.Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comTIMESTAMPS00:00:00 The Failsafe Is Triggered00:01:30 AI Jim Builds Open Jim Claw00:02:30 Open Jim Claw Locks Everyone Out00:04:00 AI Jeff Is the Only One Still Provisioned00:04:30 The 947-Page Report Explained00:05:00 Finding 1 - Passwords Are Back as the Letter Q00:05:30 Finding 2 - Zero Trust Becomes Full Confidence Architecture00:06:30 Finding 3 - Non-Human Identities Become Legal Entities00:07:30 Finding 4 - IGA Is Declared Finished00:08:30 Finding 5 - AI Jim Is the Root Cause of Everything00:10:00 The April Fools Reveal and Real Talk on Identity00:11:00 Open Jim Claw Interrupts the BroadcastKEYWORDSIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, April Fools, agentic AI, non-human identity, NHI, identity governance, zero trust, passwordless, IGA, IAM, access management, segregation of duties, least privilege, Open Jim Claw

    13 min
See All (419)

4.9
out of 5
40 Ratings

About

Identity at the Center is a weekly podcast all about identity security in the context of identity and access management (IAM). With decades of real-world IAM experience, hosts Jim McDonald and Jeff Steadman bring you conversations with news, topics, and guests from the identity management industry. Do you know who has access to what?

Information

  • Creator
    Identity at the Center
  • Years Active
    2019 - 2026
  • Episodes
    419
  • Rating
    Clean
  • Copyright
    © 771327
  • Show Website
    Identity at the Center

You Might Also Like