The Hybrid Identity Protection Conference is Semperis Inc.’s event in the spirit of The Expert Conference (TEC) to bring together the leading experts in the field of Identity and Access Management. The event offers a unique opportunity to spend time with peers, whose day-to-day job is to architect, manage, and protect identity management in the hybrid enterprise.
During the 2020 Hybrid Identity Protection Conference virtual conference, I presented the below 60-minute presentation:
Six Horror Stories of Hybrid Identity Mismanagement
I share my views on these situations. Of course, this session covers how to avoid these situations yourself, so we all benefit.
The Hybrid Identity implementations that my team has deployed for multiple organizations, including government ones, provide us with horror stories that are becoming ready to share, now that the hurting has stopped. How we found out that one of the Web Application Proxies was no longer active and why it never got patched after implementation. How we underestimated the impact of GDPR. How we ran 300% over budget for our project because we didn’t account for the Domain Controller upgrades and UPN Suffix renames at a customer. How we found out that ‘All Users’ in Azure AD also includes guest users. How we got a $4000/day bill, when an engineer accidentally enabled all user accounts in MFA Server, triggering an Azure MFA license for everyone in the organization. How our customer treated our Hybrid Identity implementation after we were asked to decommission the environment when the customer went bankrupt…