Navigating the Cloud Journey

Episode 8: Identity In The Cloud

March 03, 2022   |   Jim Mandelbaum   |    Episode 8

Listen to the full podcast series, Navigating the Cloud Journey, here.


Ensuring that the the right person, has the right access, to the right application(s), at the right time is essential to any organization's security and operational efficiency. And - when you move to the Cloud, your identity footprint expands and becomes even more complex to manage.

In the episode, Jim speaks with Diana Volere, a Senior Security Partner at Netflix. Diana walks us through best practices for identity automation, building authoritative sources, privileged access management, why LDAP and Active Directory are not enough and discusses the new reality of how identity changes when you're in the Cloud.


2:12   How has the Cloud affected Identify Governance?

4:07  Automation and non-human identities

6:23  Who manages identities?

8:29  What triggers the need for an identity effort and how to avoid it.

11:22  Identity in the Cloud - When to Engage

13:52  But isn't LDAP or Active Directory good enough?

15:16  Authoritative Source (of truth) for Identity

18:18  Leaving an org, changing roles and "excess access"

21:00  Automating succession management

23:35  Privileged Access Management can reduce the blast radius

25:56  It's not just your data they're after - they want your cloud resources too

27:16  Where is the best place to start building an identity practice?

29:17  What resources are there for learning about identity?