Identiverse is the place for all things Identity. This year’s Identiverse Conference marks the 12th Identiverse Conference; its first-ever hybrid event to be held starting June 21, 2021. The in-person component is in Denver, Colorado with an accompanying virtual component that can be accessed from anywhere.
Identiverse is the hub for all things Identity. The brightest minds in the Identity Industry come to Identiverse to experience unparalleled education, collaboration, and insight into the future of Identity.
For Identiverse 2021, the organization has created an impactful, safe and curated experience for a limited number of attendees to meet in person. Those unable to gather face-to-face will have access to the in-person keynotes, masterclasses and panels alongside a unique virtual event experience that provides collaboration between both audiences.
This year’s hybrid Identiverse event is expected to feature more than 150 sessions, master classes and panels. Below you will find the sessions that are shared by Microsoft’s program managers, engineering managers, architects and directors.
Identiverse Masterclasses are expert-led 50-minute sessions to expand your knowledge on topics.
In the new multi-cloud era powered by remote workforce, HR, IT and business teams are increasingly relying on accurate and consistent identity data to drive business outcomes. When HR and IT are out of sync, your organization is at risk and is less productive due to manual process that are slow, error prone and expensive. In this session, you will gain a deeper understanding of the end-to-end process, best practices and identity lifecycle solution architecture that will bring your HR and IT teams together and help you deliver employee experiences that boost productivity, simplify collaboration, and improve compliance.
Date: Tuesday June 22 1:30 PM – 2:20 PM MDT
Speaker: Alex Weinert
Delivery: Gaylord Rockies
In mid December, Microsoft worked around the clock with other security companies to uncover and disclose a sophisticated nation-state attack whose impact will reshape Identity security. Get an insiders view of how the story unfolded, how hypothetical threats became state of the art (and are headed for commoditization), and what happens when the identity control plane goes out of control. Whether espionage, ransomware, or sabotage, supply chain identity attacks on trust relationships are the new normal – whether you build identity or architect deployments, we'll need to respond by working together to set a new course.
Much of the traditional identity security guidelines fail to keep us safe and are rooted in fantasy rather than today’s digital reality. Although authentication standards and security policies have evolved, attackers’ techniques have likewise advanced, which begs the question – is any digital identity truly secure? Sarah and Vinayak will walk through the techniques an attacker uses to take over your accounts, and show where you and your organization have left the doors open. Through this eye-opening session, you will gain deeper understanding of the ways you may be unknowingly compromising your identity online, where the weak links in identity secure are, and what new rules of engagement are required to keep you and your organizations safe from compromise.
Token expiry and refresh is a tried and true mechanism in the industry. That said, the lag between when risk conditions change for the user, such as when the device moves outside the corporate network, or when the password is reset, and when policies are enforced related to that change, exposes your organization to risks and undermines your Zero Trust security posture. Simply reducing tokens’ lifetime doesn’t solve the problem and degrades user experiences and reliability without eliminating risks. In this masterclass, Jay and Oren will share technical guidelines and field-proven best practices to help you enforce timely response to policy violations or security issues and minimize the time at-risk sessions stay active with Continuous Access Evaluation (CAE). In this session, you will learn:
- What is Microsoft CAE and how it works
- How it relates with industry standardization
- How to build CAE-capable apps
- How to participate in the industry standardization
Identiverse Sessions are 25-minute sessions to broaden your horizon on cutting-edge products and solutions supported by this year’s sponsors, exhibitors and industry associations.
Managing federated sessions is an important consideration in designing secure environments based on zero-trust principles. Long-lived sessions initiated after thorough verification of a user, device and environmental properties reflect a "snapshot in time" picture of the security of access. Those properties may change instantaneously when users change locations or passwords, their devices fall out of compliance, or administrative changes affect the user's account.
The Continuous Access Evaluation Protocol (CAEP) being developed as a part of the Shared Signals and Events working group within the OpenID Foundation provides a great way to instantaneously communicate how these changes are propagated to relying parties, which can then take appropriate action. Learn how CAEP works and the latest developments in its standardization in the OpenID Foundation.
Date: Tuesday June 22 1:30 PM – 1:55 PM MDT
Speaker: Uday Hegde
With the growing trend of more applications and services moving to the cloud, there is an increasing need to improve the management and governance of identities used by these workloads. Join this session to learn what is unique about these identities and what kind of capabilities are important to manage them.
Where is the world now with passwordless authentication? In this session Libby and Ravi will share the latest on the evolution of the technology and standards that support password alternatives for strong authentication on a variety of devices, from Apple and Android to Windows. See demos and learn how to move beyond passwords and basic MFA with planning tips and guidance.
Date: Tuesday June 22 3:00 PM – 3:25 PM MDT
Speaker: Ankur Patel
Many companies are engaging in remote onboarding and need to adopt new methods of identity verification that can be done digitally. While new forms of ID verification are most prevalent today with Financial Services as a means of performing Know-Your-Customer regulations, there is nascent adoption across other industry verticals. In this session, the speakers, in partnership with industry leading identity proofing partners, will demonstrate an open standard approach to ID verification based on Verifiable Credentials and Decentralized Identifiers for remote onboarding.
With this new approach users can verify their identity once and use their credentials with any organization. Enterprises can leverage this simpler cost-saving approach to remotely onboard employees, partners, and customers compliantly while respecting the end users’ privacy.
More authentications != more security!
In this session Inbar and Mark will be busting this highly common myth that more authentication prompts equals better security. They'll also be covering what are some ways to reduce these prompts in your environment both tactically (right now) as well as strategically (long term) to improve your end user experience while still increasing your overall security posture.
Date: Wednesday June 23 11:35 AM – 12:00 PM MDT
Speaker: Emily Houlihan
When you serve over a billion end users every month, designing identity that works for everyone is critical. In this session, Emily shares some best practices for experimentation and design that inform intuitive user experiences for both enterprise users and consumers alike. By exploring specific examples of what worked, what didn't, and what surprised Microsoft, Emily will showcase the current challenges facing the industry as we move towards enabling more extensible identity experiences for all apps and audiences. Finally, Emily will share some of Microsoft’s thinking about the opportunities ahead and how Microsoft thinks about design for the next billion users.
While organizations are constantly changing, the need for productivity remains the same. Whether your users are adapting to working remotely, partnering with new teammates as the result of an acquisition or org change, or simply trying to work with external business partners, they all need to stay connected to one another and to the tools they need – while keeping your data secure. This session will focus on different use cases for collaborating with your external users such as partners/suppliers/vendors with whom you may have different degrees of trust, and share tips on how to collaborate with different external users in a secure yet flexible manner.
Date: Wednesday June 23 2:05 PM – 2:30 PM MDT
Speaker: Razi Rais
One of the most popular and effective enterprise use-cases which leverage analytics today is user log analytics and one of the most popular language to do that is Python. Python is known as swiss army knife of coding and it's not for nothing. It has been one of the most sought after tools by data science practitioners and continues to be.
You may ask why user activity logs? Because these logs are gold mine to find and track usage behaviors, anomalous patterns, and also helps with making predictions related to key business goals of an organization. From auditing standpoint, you also want to keep track of any activity on user accounts taking place at the administration level. This session helps you gain better understanding about Python modules which can collect user's activity logs in multiple formats and output well-structured data for analysis later.
In this session you will learn:
- How to gather and analyze the user activity-based logs using Python modules.
- How to generate basic custom charts and reports using Python
Identiverse Panels are thought-provoking events featuring industry-recognized individuals.
Last year, DIF and OIDF have partnered and work is progressing to make DID/VC world connected to the OpenID Connect world. During the practice, WG is tackling many hard problems that decentralized identity systems face.
This panel discusses the status of the specs and the most current thinking around these "hard issues".
Join Identiverse for a unique hybrid event experience offering both in-person and virtual components for the Identity community across the globe. Participate alongside experts and peers in information-rich sessions on the latest technologies, best practices, and industry trends.