15.05. – 16.05.2013


  • Challenge the vendors in a relaxed atmosphere
  • Short-track presentations held by vendors describing their approach on how to solve your critical business challenges.
  • Directly and intensively discuss right after a presentation
  • Placed around the breaks of the main agenda tracks and in the later afternoon
  • Connect to vendors intensively and make maximum use of your time while still having the opportunity for some coffee and drinks.

Среда, 15.05.2013
12:00-12:20 People, Business, Technology: an eternal golden braid

Robert Byrne
Robert Byrne

Identity Management vendors have rightly placed the accent on enhancing their products to address business led use-cases. They have also made efforts to make the user experience more friendly and relevant to business users.

However, listening to the vendors one wonders if the dial has switched back too far in the other direction: do they manufacture software or provide the panacea for all your business ills?  In this Beer Garden Talk we invite you to consider this question: ´Does the technology matter?´

12:20-12:40 IT stays in Control – Include Cloud Apps into the Organization’s Access Management strategy

Jörn Dierks
Jörn Dierks

Many corporate users want to use SaaS applications to increase business agility. If the corporation does not provide an easy way for users to obtain accounts for the SaaS applications, several problems can occur:

– Users bypass the IT department and create their own accounts in the SaaS application.
– Users must wait for the IT department to create accounts in the SaaS application. It is a manual process whether the IT department creates the account or the user creates the account.
– Users must remember separate passwords for each SaaS application, and often use their corporate credentials.
– Administrators receive no compliance reports of user activity in the SaaS application.

Join us to learn about a simple, secure solution to the problems presented with using SaaS applications and discuss the challenges your IT department faces when utilizing SaaS applications.

12:40-13:00 Confused About Privileged Identity Management? Here´s What You Really Need to Know

Philip Lieberman
Philip Lieberman
Lieberman Software

Have you ever had an audit finding where your controls for managing privileged access were lacking?

Have you stopped changing passwords on service accounts because complying with mandated requirements sends your systems off-line?

Has your organization given up managing its privileged identities because there are too many systems, applications and identities to track – and limited time, lost knowledge, and a history of frustration?

If you answer ´yes´ to any of these questions, you should learn how privileged identity management technology can clean up the mess created by years of mismanaged privileged credentials, and put your organization into a state of continuous compliance in days

13:00-13:20 If Users bring their own Device (BYOD), shouldn’t the Enterprise be saving Money?

Thomas C Stewart
Thomas C Stewart

An identity centric approach to BYOD security should save money and resources over a device centric approach. Let’s face it, this is the European Identity Conference, not the European Device Conference. Managing, controlling and locking down mobile devices to address security concerns is not practical, cost effective or scalable enough for most of the current and emerging use cases. Let’s talk about how the identity concepts of this conference are the real key to an effective and secure BYOD strategy.

13:20-13:40 From SAP to the Outer Space: an Identity & Access Governance Journey

Marco Venuti
Marco Venuti

Access Governance applies across the entire application landscape, but has the largest impact on SAP where key business processes are managed. As SAP pose unique Access Security needs, it tends to be left in isolation. During this BeerGarden Session, CrossIdeas will explain how to address SAP specific needs without losing the benefits of an Enterprise wide Identity & Access Governance implementation.

13:40-14:00 How to create a safe online Environment without compromising on User Convenience

Frederik Kerkhofs
Frederik Kerkhofs
VASCO Data Security

These days, web application owners benefit from the fact that the world has moved online. People worldwide send out e-mails from their e-mail account(s), keep in contact with friends through social network accounts, perform payments with their online banking account and buy products online…. Because of the success of online services, they are becoming attractive targets to hackers. Today, most accounts are secured with static passwords, but considering the information people store online, static passwords are not enough anymore. Customers demand higher security. It is evident that when those static passwords are intercepted, consequences could be disastrous. The question now is how to keep the valuable information contained within these applications safe from virtual villains? How to create a safe online environment without compromising on user-convenience? Strong cloud-based authentication would be a perfect solution. During this presentation, Kurt Berghs will present how VASCO customers have implemented an online authentication platform to secure their online application. He will show the benefits (high security, easy implementation, cost reduction…) of this consumer-friendly solution based on their experiences.

14:00-14:20 Leveraging Intelligent IAM to Manage Access Risk in your Enterprise

Marc Lee
Marc Lee

Companies are spending millions on Identity & Access Management (IAM) and Identity & Access Governance (IAG) solutions, but breaches are continuing to increase exponentially. IAM/IAG strategies are needed that incorporate automated intelligence and risk management to drive an effective set of preventative and protective controls; mitigate data breaches; and detect and settle threats as they occur. In this beer garden talk, we’ll discuss how intelligent IAM can help your organisation protect sensitive data such as intellectual property, customer data and financial information – and ultimately prevent data breaches.

16:00-17:00 Federation at Scale

Hans Zandbelt
Hans Zandbelt
Ping Identity

Organizations that need to deal with a large number of federated SSO partners face scalability challenges in dealing with SSO connection (SAML or OpenID Connect) configuration management. In this session we´ll analyze the major issues that impact federation scalability and then explore possible approaches to address these issues. Topics include: trust frameworks, multiparty federation, inter-federation, federation proxies, metadata management.

Четверг, 16.05.2013
11:20-11:40 Why central upstream Authentication?

Marc Bütikofer
Marc Bütikofer
Ergon Informatik AG

Would you like to make your organisation´s data and applications available for your clients, suppliers, partners, and employees through a secure flexible access solutions?


– Secure access & session handling
– Attack prevention through multi-level filtering
– Highest flexibility regarding authentication tokens
– High level of automation for user administration processes
– Centralised user data – web service interface for client applications
– Single Sign-On (SSO) for heterogeneous application landscapes
– Powerful user self-services

We will give you ideas and answers to this topics.

11:40-12:00 Evolving Identity & Access Management for the Modern Web with Open and Common RESTful Services

Bert Van Beeck
Bert Van Beeck

We live in a constantly changing IT world where sizing requirements have grown exponentially, anywhere/anytime computing models are the norm, and cross-border controls are mandatory to fortify on-premise, cloud, social and mobile platforms. Identity and access management needs to evolve to satisfy these new internet-centric requirements. The answer is Open and Common RESTful services for Access, Identity Management, and Directory Services.

12:00-12:20 Risk-Driven Access Certification

Andrea Rossi
Andrea Rossi

Access Certification (also known as attestation) has become a commonly adopted technique for reducing the risks of improper access to company information. Unfortunately, it is burden for business people, so it would be great to limit that impact, focussing only on the ´riskiest´ users . During this BeerGarden Session, CrossIdeas will explain how to design and prioritize attestation campaign based on Risk.

12:20-12:40 Authenticating Users for Business Apps through Social Networks – Reasonable or Contradictory?

Jörn Dierks
Jörn Dierks

Most businesses have an Internet presence and require customers to have an account to access the resources they provide on the Internet. For a customer this means you have multiple accounts and multiple passwords you must remember to access the resources you want on the Internet.

What should a solution look like that allows customers to use existing Internet account IDs and passwords to gain access to a new Internet site?

How can you configure multiple identity sources that customers can use to authenticate to your business’s Internet site?

What does it mean for your security and access policies to utilize Facebook, Google, LinkedIn, Twitter, Yahoo, and Microsoft Live as an identity source? What precautions should you take and how does it work?
Join us for a lively discussion on utilizing Social Networks and understand the pros and cons.

12:40-13:00 IAM as a service, is this possible?

Marco Rohrer
Marco Rohrer

The outsourcing hype after the turn of the millennium has not met the expectations. Terms such as “Cloud” and “as a service” are now on the verge to become the outsourcing version 2.0 but on a technologically more advanced base. Today basically almost every IT component can be operated virtually in any data center or may be obtained as a service; this includes IAM as well! Challenging are economic and legal issues, where the economic problem can be solved easily. Many companies have burnt millions of Dollars in projects but have failed miserably.

A partner who can offer IAM at a specific price, is able to solve automation problems and can help to fulfill compliance requirements through standardized solution modules.

IPG designs and implements IAMaaS solutions and operates centralized or decentralized infrastructures. With quality services IPG creates sustainable customer satisfaction and implements solutions by common best practice approaches, based on advanced technologies.

13:00-13:20 Application Passwords

Jonathan Cogley
Jonathan Cogley
Thycotic Software

Application servers across different platforms often have passwords embedded in source code and configuration files. How are teams currently managing these passwords?

13:20-13:40 How to Securely Unleash the Power of Social Media – Identities go round!

Jürgen Schulze
Jürgen Schulze
CA Technologies

The question whether or not to play in the social web has already been answered: A good interaction mix including the collaborative methods used in the social web is almost a prerequisite for success. However, the use of social media methods bears both risks and benefits. Amongst others, the questions for businesses to be answered are:

– Do the benefits outweigh the risks?
– How can the remaining risks be contained/controlled?
– How can success be measured and
– How can I capitalize on assets that are already employed?

Next to strategies that develop the awareness of individuals while using social media it is a must to think about technologies controlling the risks and enabling/simplifying the use. Social identities play a role in various dimensions: Internally, externally and a combination of both. The unifying theme is: How to enable and control identities to create business benefits or: “How to securely unleash the power of social media?”

13:40-14:00 Why IAM failed – a new Definition for Identity Governance

Cyril Gollain
Cyril Gollain

Most companies have set up group-wide IAM program several years ago. RBAC and automated provisioning has been the paradigm. But then they realised that it was not so easy to reconcile fine-grained access rights with the business roles they designed. So they decided to move from pure provisioning tools to “integrated IAM+IAG” products in order for them to close the loop. Years after, those projects are still under going…

There is another approach, much more pragmatic to help business owners to check whether the users entitlements are adequate, this approach will be presented during this session.

Seraphinite AcceleratorOptimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.