Peer-Driven Insights

Identity & Access Management (IAM)

Active Ambassadors in This Topic

Rathik Pathak

JM Financial Services Ltd

Travel and Hospitality, 1k - 5k

View All Community Ambassadors

Community Posts

What is the difference between SSO and SAML?

Read More Comments

Non-human identities (NHIs), such as API keys, service accounts, and tokens, outnumber humans by 25 to 50 times and often go ungoverned. From Entro’s 2025 report:
• 90% have excessive permissions
• 44% are exposed in the wild
• 91% of stale secrets are never revoked

What helped us: inventory, assign owners, right-size access, monitor behavior, and test continuously.

How mature is your NHI program? Biggest barrier, tooling, ownership, or adoption?

What sorts of failsafe processes/controls, etc, do you rely on to make sure terminated or suspended employees’ access credentials are revoked immediately? Does your org generally rely on direct communications from HR or do you have an HRM or similar system to automate this?

Read More Comments

Can you share any tips or lessons learned from your IAM implementation? What would you do differently, if anything?

Read More Comments

What headline-trend or buzzword makes you cringe the most?

Big Data16%

Remote Work19%

Microservices / Containerization13%

CI / CD7%

Zero-Trust15%

Automation2%

Digital Transformation17%

Cloud / Cloud Native2%

DevOps or DevSecOps3%

Other (comment)1%

View Results

Is the edge of your enterprise secure?

Yes75%

No10%

Working on it13%

View Results

We are currently in the process of implementing Opentext's Voltage Fusion to identify Permanent Account Numbers (PANs) in our unstructured data environment. Are there any recommendations regarding common file types that we should be scanning to look for this information? We were thinking of scanning csv, doc, docx, xlsx, xls, msg, pdf, txt, zip, xml, asc and accdb. Is there anything else that we should be looking for, or is this a good start?

My organization could be doing more to keep passwords safe.

Strongly Agree7%

Agree70%

Neutral22%

Disagree9%

Strongly Disagree

View Results

What advanced identity analytics or continuous access controls is your organization using (or planning to implement)? Any lessons learned you can share regarding vendor selection or implementation?

Read More Comments

What strategies do you use to ensure IAM solutions are sufficiently composable to adapt to changing business needs?

Read More Comments

Has your organization established an identity governance and administration (IGA) program or implemented an IGA platform solution? What do you consider to be key success factors when it comes to identity governance?

Read More Comments

How is the current geopolitical climate impacting identity security risks in your industry? What’s your approach to assessing potential risks associated with geopolitical instability?

How do you prioritize the organization’s identity security investments amid economic uncertainty? What's the most important focus when resources or budgets are especially constrained?

Any tips or best practices you can share for developing a cryptographic bill of materials (CBOM)? What’s the best way to get started?

What are some best practices for identity security or IAM when dealing with decentralized users/assets? How can organizations adjust strategy or policies to address decentralization?

Read More Comments

Have you found effective strategies to automate manual IAM processes like access remediation, access reviews, etc.? How do you overcome automation gaps in your identity security flows?

Read More Comments