Catalyst to Catalyst (Summer 2024): Ideas and Insights from InCommon Catalysts

Question: In honor of InCommon’s 20th birthday, what would you say are the most-compelling reasons for a 20-year-old today to consider going into an IAM career?

Response: IAM is the best place to prepare for where all of IT is headed. IT can no longer be “those nerds in the corner.” To do IAM right, it’s a translation layer where practitioners need to be just as well versed in the business and strategic needs of the organization as they do in the technology itself. IAM must be positioned as a business transformation partner for the organization. Faculty, staff, students, leadership, guests… you have to know how the business works, how it makes decisions, and how to sit down with someone and help them make decisions that they may not be comfortable with.

— Paul Erickson, Senior Consultant, Moran Technology Consulting; paul.erickson@morantechnology.com

Response: To be candid, I just attended my 25th college reunion. A sunny weekend wandering around my old campus and reminiscing with long-lost classmates was the perfect setting for pondering this question. It reminded me of my headspace when I was 20 years old; looking forward at uncertainty and constantly fielding the question of what I was planning to do with myself. I had several vague aspirations but did not know how exactly to achieve them.

I wanted to make sure my specialty was going to remain relevant, that the field I went into was going to continue to mature, and I could grow and learn new things alongside it. I wanted to solve problems, and even though it is cliche, make the world a better place. These career aspirations are not unique. 20-year-olds today want the same things. And, it is very fair to say that going into an identity and access management (IAM) career would definitely check all of those boxes.

High demand and growth industry: IAM is at the forefront of technology, serving as the backbone for secure and efficient digital operations. With the increasing need for robust authentication security frameworks and a renewed push for granular RBAC (thank Zero Trust for that), organizations across the globe are investing heavily in IAM solutions. This surge in demand means there are ample job opportunities and a promising career trajectory for those entering this field.

Cutting-edge technology nexus: IAM is more than just a security measure; it’s a cutting-edge nexus of various advancing technologies. As our world moves towards an identity-centric technology stack, IAM professionals find themselves at the intersection of cloud computing, artificial intelligence, and big data analytics. This convergence makes IAM an exciting field, continuously evolving with new innovations and challenges.

Innovation to simplify user experience: There is a considerable need for innovation in the IAM space to improve user experiences while enhancing security. One of the biggest challenges is to make security seamless and unobtrusive. The more we can reduce the burden on users to manage their identity tokens, such as passwords, the better. Innovations in IAM are making it easier to secure identities while simultaneously improving the end-user experience. For instance, key technology players like Google, Facebook, and Apple are investing heavily in secure delivery and authorization mechanisms that minimize user effort.

The future of IAM: The future of IAM is bright and full of opportunities. With the continuous advancements in technology, the role of IAM professionals will only become more critical. As we move towards a more interconnected and digital world, the ability to securely and efficiently manage identities will be paramount.

At Vantage, we specialize in bringing together disparate technologies and communities to achieve common goals. There are few career paths more central to that than those around identity governance and administration. As an IAM professional, you would be at the heart of the technological and community support system, ensuring secure and seamless access to resources. Your role would be pivotal in enhancing the user experience while maintaining high-security standards. For a 20-year-old today, diving into IAM could be the start of a fulfilling and dynamic career. Your future self will thank you!

— Jacqueline Pitter, CISSP, Senior Strategic Consultant, Vantage Technology Consulting Group; jacquelinepitter@vantagetcg.com

Question: What was your biggest takeaway or lesson learned from 2024 InCommon BaseCAMP?

Response: Our biggest takeaway from BaseCAMP 204 is that it is a great introduction to IAM.  We had multiple attendees who had never worked with identity and access management, nor had much familiarity with the InCommon Trusted Access Platform.  Each attendee left the conference confident in understanding the fundamentals of IAM.  We also noticed that BaseCAMP showcased the community’s willingness to help others and answer any questions no matter the type of question.

— David Mendez, Senior Director of Critical Infrastructure/Principal Architect, Unicon; dmendez@unicon.net

Question: What is the greatest pitfall you’ve observed in executing IAM projects/implementations effectively?

Response: An IAM project is always a big task. It covers not only the technical part, but implementers also need to consider processes and the overall impact of IAM within the organization. It isn’t easy to define what is more crucial. Is it leadership support, data cleanup, project planning or manpower allocation? It always depends on a particular case. 

Nevertheless, one typical difficulty is common for most deployments: How do we integrate other systems efficiently? Modern IAM requires integrating all other systems, and even the requirements for the integration are rising – it has to be more effective and support more features. 

The typical integration pattern uses a connector that effectively translates the IAM system API to the API of the connected system. The main problem is the existence of necessary connectors or their maturity in supported features. MidPoint is addressing this issue by implementing an open standard ConnID that allows the sharing of connectors with other IAM systems, effectively extending the number of available connectors thanks to a broader user base.

Unfortunately, developing a missing connector is still a significant obstacle for many implementers. Many resort to a generic solution like direct database access or integration through CSV files, which often only supports some features or has other drawbacks.

Luckily, the InCommon community has the substantial advantage of being a collaborative and organized community. There is a vast potential for developing connectors together. Many academic organizations are integrating the same systems, and sharing the development costs will significantly benefit all involved. Can we make that happen?

— Igor Farinic, CEO, Evolveum; academia@evolveum.com