In this presentation, Arun discusses the changing landscape capabilities in the Identity Management world, due to cloud-native technology.
The industry is just beginning to scratch the surface of what can be done with the new architecture.
Arun explains how we can drastically increase implementation speed, resulting in lightning-quick production, using Sath’s “Fail Fast, Succeed FASTER” approach.
Talk Nerdy To Me Vol 1: Cloud Native Identity Management – Part 1
And again, I hope I pronounce your name correctly. Arun Binaykia from Sath Inc. So welcome Arun. Yep. Thank you. I Arun Binaykia. Thank you. Wow. There’s a lot of good information around here. I feel a little inadequate. So I’ll start with something that I know a quote from Shakespeare. What’s in a name, that which we call a rose by any other name, would it smell as sweet?
A rose if we called a violet would it smell like rose? What’s in a name. My name is Aaron who are we is our identity. Our name is at our DNA, our attributes, our metadata, our beliefs and values. What is, who am I? Okay. I’m struggling to start with an apology here, then. Not wanting to give you guys an existential anxiety. Identity is complicated as we heard.
And my name is Arun and I am a nerd who likes to quote Shakespeare to make a point. At this conference you heard about identity management about cloud first about automation, security models, zero trust context, authentication, authorization, lots and lots of good information. And my favorite AI, lots of ways of doing identity management.
There are many challenges that we face. I’ve been doing Identity management for last about 20 years. We face silos. We face dogma politics and we face different people, different organizations, different parts of the organization going in different directions.
We hear most projects fail 30 to 70% depending on who you listen to. And by your own experience, you probably have seen more failures of identity management systems and implementations or inadequate implementation than you have seen success.
I have. So again, I’m not telling you anything new here that you haven’t heard. Oh, I have two. Okay. Sorry. Three, two devices. But yeah, I’m not telling anything that you haven’t heard here and I’m not here to profess what is the right way of doing any management? Because there’s only one way of doing the right way of doing any management. That is your way.
It could be attribute based access role-based access, authentication, authorization. How do you get it your way? How do you go to burger king and order stuff and get it to that’s what I’m getting at again, I didn’t need management is often called a journey because we stumbled so many times and we kind of got get it sort of right after awhile, after so many years of doing this thing. And recently I came, stumbled across by happenstance something called systems theory.
Identity management like a lot for the things is best viewed. In my opinion, with a model of systems theory, what is a systems theory? And it’s very fundamental. It’s a basic idea is the whole is greater than the sum of its parts. Let’s take an example, baking a cake, you lay out all the ingredients and if you don’t put them in the right order, right. Temperature, right way, you do not get a cake.
You get ingredients and a mishmash, but to bake a cake, you have to get it right. And if you’re like me who like to bake cake with basic raw ingredients, you can count on how many times you have fumbled baking a cake till you get it right. So what does it have to do with cloud native and cloud native? So let’s start with cloud native and the cloud cloud native is not the cloud cloud. Native is.
A new way of putting together ingredients to be truly agile. And I want to talk about how with identity management in identity management, you can take systems theory. You can take baking a cake example of making a cake and in fail and fail and fail and eventually get it right. But what is cloud native has to go to do with it? These are some bullet points that you can get on the web, but are native is scalable, public, private, immutable, resilient, blah keywords. I can talk about these technical details, but we have only 20 minutes. This will take a lot more time, but let’s get to this part in cloud native. I talked about having failures before you get success cloud, and we’ve heard of agile.
I mean in, in discussions for over about 20, 15 to 20 years, started with extreme programming. And now it’s DevOps different iterations of agile. You had development, you have operations and agile says, you keep on failing. You keep on testing and you keep on doing things to get it right. In 20 years of doing any management, the tools that we were doing, we had agility in our process, but the tools and the infrastructure that we dealt with would not get us the, the failures fast enough, that could be, could be successful. So when we hear identity management implementations fails, there are a lot of failures. We are just an iteration into it, but each, each.
Six months to a year to keep on iterating a full at any management cycle. Yes, it will consider it as a failure from a leadership quite a few times before you get it right. And it, the year long project becomes a five-year long project. You really get it right? And the software is obsolete by then. So with the cloud native infrastructure cloud native platform, you get to fail fast. You get to implement full, you can complete your full implementation cycles. When I say full implementation cycles, I am talking not just about take a pilot, a couple of target systems, or you add a group, a department of people I’m talking about the entire implementation. You start off at building your object model, your subject model. Are you going to have human accounts, nonhuman accounts? You’re going to do.
Should we better access context, access, certifications, all your business processes, the time it takes to implement all of those things. You need tools that work that give you the speed. So you can eventually become agile. And identity management is just catching up to this truly agile cloud native implementations. And I’m talking about full implementation cycles, and I’m not talking about months. I’m talking about weeks. You start off with your first draft of your business processes implemented. You get your certifications, you get your role-based access. You get all your fundamentals in in here, you go take it online. And then you go iterate every six weeks. Instead of going from six months, every six weeks you have.
And you are able to go to that success at much faster, faster with cloud native. Again, cloud data is the raw material for going agile. What does it mean? Let’s talk about cloud native. So if you’re implementing, if you’re selecting systems, few fundamentals, API access, we have to have standards based API. Every single thing that you do, you want to provision an account. You want to create a request. You want to approve a task. Everything, every API must be supported because my business process and their business process and somebody else’s business process, they are going to be different. I need to have attributes that can go from 50 to 500 without having, without breaking API APIs. I need to be able to.
Change my user interface, which is my single page application. Either angular react that’s again, cloud native state, less functions, small, small functions, that small programs that just work, they do their job and do their job really well. Think about Linux Unix systems, the graphs of the world that arc these things just work and they only do one thing. One thing really well. And you build your system on top of those Lego blocks. And then the fourth one is schema-less data. Data changes. The meaning of data changes my name, my attributes, my location, everything is mutable, and we don’t want to fight a rigid dataset.
Not just development model. It’s also operational containerization. You take the functions, making little containers, get it ready, get it working. Dynamic management, deployment automation, these things again, reducing you have your code change. You come and get come. It goes in, it goes into your pipeline. Automates goes into development, integration, and boom. You’re completed your operations part and everything is about services. Services does not mean it as cloud services, infrastructure platform, software container. I’m not going to go into all these details, but these are the fundamental building blocks of what we call cloud native. An example. I’ll give you one of the largest.
This is a fortune 50 client and they’re a multi-billion-dollar organization, but they could not give us a development. And why meant for three months, ended up going down to micro center, bought a server, and we did the development for them on our machines because they just could not put the infrastructure in time. And are we talking about infrastructure as a services? If you need any management, it’s, it’s all the infrastructure has to support. And that’s the cloud native, all the different aspects of containers, orchestration automation. I’m going to leave these keywords with you. You can do all your own research, but I’m happy to explore and expand each of these things. How at any management applications at any management uses these building blocks?
And deliver a fast fail, fast model to be successful. Cloud native is also culture. We have seen our traditional waterfall, and I think I’m just trying to keep some minutes for question and answer. And then there is maturity metrics. So you have everything in cloud. Native is not an, an infrastructure, our way of development of your operations, your culture, how you design and you produce your product, the team, the architecture, maintenance, operations, these are all different. These are all different aspects of measuring cloud-native in.
Are you have just like maturity model 20 years ago, CMI maturity model, you have maturity model in cloud native. How about you have different from no process to cloud native at collaborative data-driven. So this, this information, I have it in my reference and cloud native at any management, all business operations are again available through API. Everything from provisioning, reconcilers certify it has a mature authorization model. Every UI, every click gets authorized. Every API call is authorized. Every event is, has an authorization and auditability. So did it come in from a LMS system to our HR system? Or am I when an approval button got clicked on the user interface? And when it.
Everything is authorized and with the zero trust model, which is basically talking about in the computer science kernel operating system, where my kernel space has shrunk and my user spaces become big. And if getting a little nerdy on this one about carnal and user space, Cornell space, you is your trust circle in being able to extend your authorization model and then being able to deliver your cloud native application on prem on infrastructure as a service and software. As a service, you can read more about cloud native patterns on CND patterns or org and the book, and a thank you. Join up. Join me for more of this discussion on our monthly.
I said it’s called talk nerdy to me. And I’d love to do that. Well, thank you very much around that was a really interesting presentation and kind of my first thought was a yesterday. That’s absolutely the way we should do it. The second question was like how, and with whom isn’t it, the biggest problem, but how can you fail quickly? How can you iterate quickly if you don’t have the vendors, the partners, which can do the same for, for giving me a nice question. We at sad provide that software. That’s what we started doing. It’s ID hub. And this is the exact problem that this is the exact solution that we provide you. We give you a way to fail fast and iterate faster and get it your way. There’s no one right way.
Oh, this, there are many, there’s only one right way, which is your way. The thing that solves your business problems, it was by the way, one was a question that our online audience provided. So how fast can you actually do it? So if you let’s say one of the metrics that we’re looking at is if you have an active directory, you can go from nothing to completely IGA request and certification on active directory in 30 minutes. So it’s not month minutes. That’s that we have a demo for that. It’s on our website. You can go check your ticket out, give me an active directory in 30 minutes. I’ll give you a full IGA implementation on that. That’s the speed that I’m talking about. Okay. Sounds really promising. One last question for you then to fail fast, you have to actually have some kind of functional criteria for like, how do you understand.
We’re doing something wrong in the 30 minutes and not in three months, you don’t bake. That’s the exact part. And almost anybody who says this is the right solution. By the time it’s implemented all are my clients in my experience, once it’s done, like, this is not what I want. So you really don’t know, you have to use design thinking. So you kind of know, okay, I want to do my certifications for these SOC applications. You implement that. And then you’re like, oh gee, it’d be nice. If I had this X additional approval step, you know what next 10 minutes would we add another approval step on our workflow? And it goes live. So that’s the fundamental question you ask. We don’t know where we want to be and failing fast gets you there because we think this is what we want. We implemented. And it’s, doesn’t look like what we want. So let’s go change it fast. It’s not actually failure in a way that you have to step your.
The big six months, right? You fail, but you recover in 10 minutes. It’s a little overloaded. Yes. It’s not exactly filling it’s iterative, but if you had the tools that the legacy tools that you are using, that would be a failure because you spent six months, hundreds of thousands of dollars or euros in making something work and approval change, then goes ahead and takes another six months that’s that’s failure. I mean, in terms of cost and time, that would be a failure, but, okay. Okay. That makes total sense. Well, thank you so much room. Thank you. And since the are for the questions, let’s continue to the next presentation then. Thank you so much.