[MUSIC PLAYING] Unification and convergence of identity solutions could just turn out to be the most important trend in our industry in the next five years. I speak to CISOs every week that are not only excited and compelled by the potential efficiency gains referenced earlier by bringing these solutions together, but those same CISOs are struggling to find ways to deal with some of their biggest problems without embracing this concept-- problems like an expanding threat landscape, problems like hiking insurance premiums, problems like the password that we've been dealing with now for 30 or 40 years.
I'm Darren Thomson. I run Product Marketing here at One Identity. And in the next 45 minutes, it's my privilege to go through a few topics with you. I want to talk a little bit about how did we get here? How did identity turn out to be what it is today and the way that it's represented today-- in a fragmented state.
Very quickly, though, I want to get to what we're doing at One Identity to create this unified vision, and to really allow this vision to come to life. And the most exciting part of the presentation, not just because I'll be leaving the stage, but because my colleague Rob is going to demonstrate to you in real life this unification actually happening with our products today. We haven't got as much time as we would like to show you those things, but we'd welcome the opportunity to take that as a prompt and speak to you after the session.
So how did we get here? Well, I don't think the items on this slide will be particularly revealing to anybody in the room. But I think it's worth just kind of summarizing some of the trends that we've all been experiencing that have really changed our lives and the fundamentals of identity management really over the past couple of decades.
This one is obviously topical, given the emergence of the COVID pandemic, et cetera. But more and more, we are hybrid workers, aren't we? We're moving around. The context that surrounds us as we interact with our technology changes almost constantly. And that, of course, is a challenge that we have to face up to not just in identity, but in security in general terms.
Our employees now are also somewhat of a hybrid. We have our employees, but we also have very close partnerships and contractors, probably more so than ever. And those supply chains that are represented here need to be secure in every aspect of security, but particularly identity.
We've gone from a world where identity was fundamentally about protecting people to a world, as you saw in several of the presentations this morning, where we're not just talking about people anymore. And if you believe even 50% of what was discussed this morning, we're going to be in a world very, very soon where if we don't protect ourselves against machine identities, and protect the identities of the machines that exist in our organization, we're going to be left behind, and we're going to be subjected to an increasing amount of risk.
And, of course, we're a million miles away now from single access points in order for people to be doing their jobs. I wouldn't mind betting money that almost everybody in this audience in this very hotel has at least two, probably three, in my case five, devices with them. And this is not going to change. We're going to see this exponential growth just increase.
So this is why identity has been changing around us. And I don't think the fragmentation that we see in identity, the myriad of solutions that we're faced with as purchases of identity solutions, is in any way malicious. This has grown organically over time, largely fueled by some of the trends that you can see here.
So where are we now? Well, again, I speak to CISOs for much of my sort of working week. And this is the world of a CISO. I call it the purview of a CISO. It's somewhat simplified. But there's a lot on this chart, isn't there?
And I think it's quite sobering to reflect that identity management kind of lives in there somewhere. It's one of around 20 things that you would categorize within the security operations domain. So a CISO today has a lot to worry about.
And identity, although is now recognized as a really, really critical component of any security strategy, it is only one of 20 things inside a purview which is made up of multi things as well. This is a problem because we know identity is critical. And it's not often a board-level topic. Security may be, in some cases; identity specifically-- not so much.
Now, from the perspective of the CISO, this is made all the more ridiculous because that one of 20 things that sits in security operations is in itself at least four things. That is not acceptable. The security industry in general has exploded, is fragmented. I work with organizations that have upward of 60 separate security tools in their suites. I call this, can't see the wood for the trees.
I talk to security operations departments who cannot see the risks because of the amount of data that their security tools are throwing at them. I can't see the wood for the trees. It's a very, very big problem generally in security.
So what gives us the right in identity to labor that problem, exacerbate that problem with a fragmented identity suite? That makes no sense to a CISO. It makes no sense to us at One Identity.
Now, I think everybody in this room knows that we're trying to rise to the challenge. What do we see in detail when we look at many of our customers' data centers security solutions? Well, it's even worse than what I've described.
Because as we dive into any one of those four domains-- here's an access management example-- it, in itself, is incredibly fragmented. The unification, the consolidation, the convergence of these technologies is absolutely critical. Here's another example, and I could go on.
So this is why we're so passionate at One Identity about our unified mission. We believe that this is an unacceptable state of affairs. It's creating undue risk. It's creating inefficiencies in organizations-- frankly, money and people that could be better spent driving businesses forward. We're passionate about reducing these kinds of numbers.
So I want to articulate to you now the unified vision that we have very, very briefly. And I want to show you how we've starting to make that come to life, and why we're so excited at the value that we can bring to you, our customers, and our partners when 1 plus 1 equals 3.
So we're facing the challenge that I've articulated. And we're doing that-- at the moment, I think we're the only game in town. And the reason I joined this organization last year was because if I look in the One Identity toolbox, now that we've acquired OneLogin as an access management tool, we have everything we need in that toolbox to make this vision come to life.
If you look at the competitive landscape around us, nobody has those tools in that toolbox. There are significant moves going on in the industry, and I think maybe we have a two-year window of opportunity here. The industry is agreeing with us. And you can see here Gartner agrees with us as well.
So we're putting this together. We're thinking about this in a unified fashion. We now have the constituent, the component parts necessary to create a unified identity platform.
But I don't need to tell anybody in this audience that platforms don't come to life overnight. We don't flick a switch and have a platform. And that would be the wrong thing to do anyway. If I could present you with a platform tomorrow, you would probably find it quite hard to consume.
So what we're doing at One Identity is we're thinking about the use cases. We're working with you, our customers, and our partners, and we're focusing on the most significant problems to be solved. And we're using this integration strategy to solve those problems. And we're going to walk through some of those problems with you towards the end of this presentation.
Very important to recognize that I'm a marketing guy, but this is not marketing. This is not marketecture. I didn't join this organization to create PowerPoint slides describing a vision that doesn't exist. That's not why I'm here.
That's not why Jay Duggan, our new head of product, has joined the company. That is not why Tat, who I think is in the room here, who. Is now heading up our engineering organization, joined the company. And I'm pretty sure it's not why Mark Logan joined the company last summer with me. This is real, and we're going to prove it to you.
And beavering away in the background are many, many hundreds of engineers making this come to life, thinking very carefully about how we can solve problems with that 1 plus 1 equals 3 strategy.
We're also, though, working with our clients to think about maturity, think about where they are on an identity maturity curve. Other than being in this industry for 30 years, I'm also a certified risk manager. And I know that risks present themselves differently to different organizations. Risk postures should be carefully defined before we create risk strategies to mitigate risk.
I've been lucky in my career. I've worked with everything from Formula One racing teams to local government organizations in South Africa. Do you think a Formula One racing team and a local government organization in South Africa have similar risk postures? One of them throw adult human beings into 250 mile an hour racing cars, and the other one is obsessive about protecting its citizens-- completely different attitudes to risk. And rightly, completely different security strategies.
And it's really important, we think, that we work with our clients on this maturity curve. Where are you as a business on this identity maturity curve today? How far do you need to go up this curve in order to satisfy your preferred risk posture?
And what are the specific things that you, therefore, need to do in your identity management and general security strategy in order to reach those objectives? This is a fascinating exercise, and we'd be very, very happy to partner with you on in considering your own businesses.
And there's some interesting tools that I wanted to kind of share with you. Some of you in the audience may recognize some of these. Some of you may be able to take some of these away and think about them.
This is a summary risk profile. I mentioned the importance of defining preferred risk posture-- very different for a Formula One team than a local government organization in South Africa. This is a simple impact probability chart. What you would do eventually with this chart is you would graphically present your risk register. You would just plot risks against impact and likelihood.
But if you do this right, the very first thing you do with your board of directors and your stakeholders is you draw a red line. Many organizations forget that bit. They jump straight to risk registers, and they don't define their preferred risk posture.
The reason it's important to do this is because we bring the board to the table at the very beginning of the conversation. So later, when we do plot risks from a risk register onto this, it's very, very clear what needs to be mitigated, what needs to be accepted, and what needs to be transferred via an insurance policy. I've been doing this for 15 years now, and I would always advocate that this is the first step in any security strategy, certainly an identity management strategy.
Other things that we do-- heat-mapping. Where are we today? Poor old Acme, Inc., although doing very well on the access management side of things-- not so good on the CIAM. Maybe that would be an area to explore. Maybe that should be a priority for this particular organization.
I see so many organizations with limited security budgets and limited resources guess at the right next thing to do, sometimes driven by the headlines. The bank down the road was breached in the following way. Let's mitigate that risk. Sometimes caused by scaremongering, sometimes caused by a legitimate new threat that's emerged as part of the threat landscape, but ultimately, it's still a guess.
How do we really know that that new threat is a problem to us? And how do we know if we haven't plotted a summary risk profile if it's an acceptable or an unacceptable risk? The lack of best practice of this kind in identity management strategy is what leads to fragmentation. The guesswork is what leads to inefficiencies. And ultimately, it's what leads to a breach.
Now, when we deploy our technology, either individual components of our technology suite, or indeed, in many cases now, the 1 plus 1 equals 3, several of our components integrated, it's not a successful project for us if we simply reduce your risk. We're going to pay particular attention to detail on the things that I've mentioned earlier.
So is the thing that we're deploying there for a good reason? What is the risk? Are we mitigating it to an acceptable level?
But the other end of the seesaw here is absolutely crucial as well, particularly in the current climate. Anybody in the audience got an unlimited security budget? Anyone? Didn't think so. How many people in the audience whose security budget is the same or less than it was two years ago? Quite a few.
Operational efficiency is key. A successful identity management project, particularly an integration project, particularly where we see the convergence of these technologies, should create the pendulum effect-- should reduce risk and introduce operational efficiency. Some of the solutions that we're going to demonstrate on stage for you today, I think you'll very, very clearly see the seesaw in action. You'll see this at work.
I wanted to highlight some of the strategic topics that are leading the conversations that we're having with our customers and our partners. Less and less it's the case that we're just approached because somebody needs access management, or somebody needs privileged access management, or somebody needs an IGA tool. That sometimes happens.
But very, very often now, I think because of the more strategic nature of a platform vendor versus a point solution vendor, very, very often we're being led into those conversations because of some of the things I'm going to share with you now.
Cyber insurance-- it came up earlier. There's a session running with my colleague Stacey tomorrow to talk about cyber insurance. What you won't know is I came from the cyber insurance world. I spent three years working for an analytics vendor in the cyber insurance world. It's a fascinating space.
Couple of things to bear in mind here. There's a reason that premiums are escalating and limits, as we call them, are going down, so you can get insured for less of your losses for more money. Does anybody want to name the one key driver to that significant change over the past five years? Anyone?
[INAUDIBLE]
Ransomware. When I started working in the cyber insurance industry about four years ago now, the only thing I-- the only way I could really describe the kind of topic of ransomware, the conversations that were going on around ransomware, was utter paranoia in the underwriting community-- a complete lack of understanding as to what it was, the dynamics of that particular type of threat, how it was changing over time, and a complete lack of data to help the insurers understand how much risk was actually out there. They severely underestimated that particular part of the threat landscape, and we're all suffering from it now.
So what's that got to do with One Identity? Why is this strategic topic driving conversations with our customers and partners about unified identity management?
Well, it's because the insurers themselves have got wise. Organizations like the one I used to work for have been educating the underwriters for the past five years on exactly what they should care about. And what do they care about most? Identity.
Find me a ransomware questionnaire or an underwriting survey that doesn't have questions in it about MFA, privileged access management, securing the Active Directory. There isn't one. Trust me. Identity is seen by the insurers, in some cases before the CISOs, as an absolutely critical component of a security strategy. That's why our customers and partners engage us in this topic.
I stood on stage, very similar to this about 15 years ago and conducted a presentation called "The Password is Dead." It was kind of wishful thinking. I was trying to think ahead a little bit. We're still not there, but we're close.
We now have technologies available to us that can drive us further in this direction than ever before. This is a key strategic theme sometimes at board level. Why?
Because ultimately, the hackers are still taking advantage of the password, of this very traditional method of authentication. For the first time in history, we have mechanisms, best practices, technologies, and standards that allow us once and for all to ditch this old technology and move on into the future in a much more protected way. This is a very, very active topic for us at One Identity. And let me give you a clue as to why.
Well, it's not just access management. If you're trying to deploy a passwordless strategy without privileged access management, IGA, and thoughts around securing the Active Directory, you're not going to get very far. It needs a unified identity strategy.
Third strategic theme-- expanding threat services. Ray brought this up in his wonderful presentation earlier today. Help me break the cycle of yet another security tool. Some of the most security projects that I've personally been involved in the past 10 years have been consolidation projects.
Take my 55 security tools and make it 15. It saves me money. It drives operational efficiencies, and it actually lowers risk. Because now there are 35 tools that are not throwing data at my analysts, that are not blinding me to the risks that I'm facing. This is incredibly critical. And it's really hard to get off of this particular hamster wheel in a security organization that is paranoid about the next new threat.
Frankly, I'll hold my hands up. The vendors don't help, particularly the new ones. We exist because there's a new threat. We've got an artificial intelligence engine that in some way mitigates that threat. You must have our tool. Add it to your portfolio-- number 56. We've got to break this cycle.
Now, when you think about, identity has a key role to play here. Every major breach that you'll ever witness has a root cause of stolen credentials. It's all about identity, really.
So if we can get identity right in a converged, unified fashion in the way that I've been describing, and we can deploy an identity solution against an overarching security strategy that has been carefully measured in terms of risk tolerance, that is going to go a very, very long way to enabling the CISO and the security team to reduce the amount of security tools in their portfolio, and not just within the identity domain.
So we're in a phased approach now at One Identity to making this real. Consider phase one-- end of phase one, really-- the acquisition of OneLogin. That bought the access management portfolio to the company, and that really rounded out, again, the tools that we need in our toolbox in order to create a comprehensive identity platform.
So now what we're doing is we're moving our customers to a unified state. We're looking for that 1 plus 1 equals 3. You can start that right now.
We're going to demonstrate some solutions to you in just a few minutes that hopefully will spark your imagination. And, again, we'd be very happy to talk to you about those in more depth later.
And within the next couple of years, we're going to be in a truly integrated state. That's where you have complete freedom of choice as a customer in terms of your deployment model. On-premise, cloud, hybrid-- all supported.
It means that the functionality that you get across all of those is common. And it means that the 1 plus 1 equals 3 integrations that I've been describing are just what you buy from us.
Right now in phase two, again, we're basing our initial integrations on what we think are very, very important use cases that solve real problems in the real world today.
So without further ado, let's show you some software. Let's shows you some integrations. Let's show you what we've been busy creating. I'd like you to welcome to the stage, please, Rob Kraczek.
[APPLAUSE]
Thanks, Darren.
So when we thought about how we're going to present these solutions or these integrations, I like to think about having been a customer, having been a sales engineer in the field, having been a consultant. There's two different types-- or at least I could categorize them as two different types of solutions. You have tactical immediate benefit solutions, and you have business-level solutions, meaning it takes a little longer to implement, and you're broadening the scope of what you're doing.
So for the sake of today's quick show and tells of these two scenarios that I have, I thought I would put together a couple of tactical, just quick-view solutions that integrate a couple of our products together to just give you an idea of what's possible.
We have multiple sessions going on this week that are going to go into deeper detail about what about behavior-driven governance, PAM integration with OneLogin, and Active Roles in OneLogin, and a mixture of all three of those. So I encourage you to go to those sessions if you're interested in anything I'm about to show you.
I have to give credit to a couple of folks that built these for me. I didn't build them. As a former presales engineer, I'm always reluctant to do things on stage that are live, so we did recordings. So I'm going to narrate through a couple of these solutions starting with the first scenario. So if we could play the first scenario, please.
So in this case, we're going to request a super risky application in Identity Manager. This application has a number of entitlements attached to it. And we have a process flow to grant access to it, or at least to give them-- user that entitlement.
And what we're going to do is we're going to assign this to the user. We're going to apply it. And then because we have a OneLogin connector, Identity Manager is going to let OneLogin know that they have access to it now. So OneLogin now. There's an icon for the application in OneLogin from that request that we did in Identity Manager.
Now, OneLogin by itself is not aware of all those entitlements that are in Identity Manager against that application. But what OneLogin is aware of is the events that are associated with access to that application. And in this case, we're particularly interested in when they accessed it. But obviously, OneLogin can track where they accessed it from, and it can collect a number of other metrics associated with that app that then can be reported back to Identity Manager.
So this creates an environment where Identity Manager can consume data and also inject data into OneLogin to produce a big picture view of how that application is being utilized. And if we look at the application itself, it has a number of different attributes associated with it. And if you saw just a moment ago, it had a number of different groups associated with it as well.
So, again, OneLogin by itself, or an SSO application by itself is not fully aware of all the entitlements. And on the other side, IGA is fully aware, but cannot necessarily grant that face or that SSO view that you need to actually access the application.
So by combining the two, we have a lifecycle, if you will, a behavior-driven governance, so we can as users use the app. And as they consume it, we can track it. And in this case, we're taking that event information. We're going to associate it with something else.
And what we're going to do is we're going to create an attestation where we attest access to the app. And what we want to know is if Zoom has been utilized in the past 90 days. So as you all remember from the pandemic a couple of years ago, lots of people were getting Zoom. And now that people are coming back to the office, those licenses are underutilized in most-- a lot of cases.
So not only do we have a threat vector by having access to Zoom in the first place. But we also may have a consumed license that doesn't need to be consumed, and you can recoup that cost.
So we're running an attestation that is basically saying, hey, has anybody used this application in the past 90 days? And if so, is there anybody that hasn't. Let's run an attestation against this application, and then we're going to automatically remove it.
Now, what's interesting about this scenario is I'm attesting access to Zoom. And when I deny it, it's not only going to pull the icon from the OneLogin portal. It's also going to deprovision them from the application itself.
And that's the key. Because an SSO access management system by itself isn't necessarily going to be aware of the entitlements, or be able to die provision probably a lot of the other attached entitlements that may be associated with that application.
So the next scenario I'm going to show you is one that involves Safeguard and OneLogin. And we built a few of these. This is probably what I would consider the lightest version. There's a few others that are a lot more nuanced, and we do have them in a session I'm doing.
And I think there's a couple of other sessions are going to show them. Please, if you see anything interesting in this, come up to me, and I'll show you the other videos for you if you want to see them. Let's play the next scenario.
So in this case, we're using OneLogin as an external federation source to get into Safeguard. That's the first piece that we're consuming. So as you can see, we're now logging in. OneLogin is prompting us for username and password.
And because of the policy we've defined to get to Safeguard, it's also going to prompt us for MFA. And you'll see that pop up in a second. I've had four cups of coffee, so I'm just zooming through this thing.
So OneLogin Protect comes up. Pretend your phone just had a OneLogin protect app pop up, and you have to authenticate. And now you're into Safeguard.
We've all-- a lot of us have seen this interface. So we are very familiar with Safeguard. Let's see what this user is going to do. It looks like they're going to do a remote session into a Linux box. OK, pretty normal stuff. And as you all know, Safeguard privileged sessions can do black list of commands. So let's see what this user does.
They go into the session, and they type a few things, just to test out the session, as we all do. We want to make sure we have the appropriate access. But let's see how many of you recognize the final command here when they type it. I always get a few giggles from the DBAs.
So what they're doing is they're doing a secure copy of the entire database dump for an application. Very naughty thing to do. Now, Safeguard by itself will lock them out of that command. That's a blacklisted command. They're not allowed to do that.
But because we have an integration between Safeguard and OneLogin, what we've also done is we've sent that high-risk trigger from Safeguard to OneLogin. And then OneLogin has consumed that trigger. And it's also a flagged the user, as you'll see in a minute, to be locked out as well.
Now, obviously, you can create nuances around this. You can say, you know what? I don't want them locked out. I want to elevate them, or I want to just restrict access to certain things. Or maybe I want to send a notification or report and then log them out. There's a number of things you can do.
But you can see here, now they try and log in-- get to OneLogin and get to another app. They're done. They're out. And this is what I consider a tactical, or even a firefighting capability, where somebody does something bad, they're not restricted just to that system and being locked out of that. OneLogin will remove them out of all access.
So if we look in Safeguard, you'll find that there they are. They're disabled in Safeguard. And then if we go to OneLogin-- and we'll do a refresh on the account-- you'll see they're locked here as well. And that was pretty much instantaneous. And I'm a big believer in actionable things that you can do in the field in operations that streamline your operational efficiency.
So we see there, a flag with a high risk, a flag that came straight from Safeguard. And then we're going to look at a few other metrics. And the interesting thing to note is that we're not restricted to reporting only the risk vector from Safeguard. We can report a number of different things into OneLogin through the API. So those of you who are partners in the audience, I'm sure your gears are turning right now.
So if we look at Safeguard, we can see Safeguard tracks a number of different things regarding the session. It looks at when they were terminated, what the policy was like, what they typed. So you could actually create separate policies for different high-risk commands. There's a lot of things that you can do with this integration.
And if you think about it from a big picture view, you could take this Safeguard-OneLogin integration scenario, and you could tie that right back to behavior-driven governance and create a complete lifecycle of this user. So you could actually trigger off of this and kick off an attestation against entitlements that user has just to validate that maybe they-- to see if maybe they have too much access to begin with.
So you can create a number of different permutations of these use cases to establish a very reactive, very flexible security policy. And you can also-- I don't have to show you here today, but we also have Active Roles integrations. So you can combine Active Roles into this scenario as well to create a big picture view. And with that, I hand it back over to Darren.
[APPLAUSE]
Thank you, Rob.
Mm-hmm.
It's not my marketecture. It's real. We're doing this stuff. We're doing it to solve some of the biggest problems that you face. We've got a bit of time, Rob. Let me ask you a couple of questions.
Yeah, sure.
So first of all, could you sort of summarize for the audience where we are in that kind of phase two. So we have a number of these integrations now rocking and rolling. They're out there in the field being used by our customers. Perhaps you could just talk through what's available today.
Yeah. So the OneLogin connector to Identity Manager is shipping. That's out of the box. It's in Identity Manager today. The integrations between Safeguard and OneLogin, that's an API connection that our presales team built. It was relatively low lift. I'm not going to speak for them because I don't know all the details, but that was a pretty easy thing to connect those two together as far--
And then when you talk about Active Roles in OneLogin, I mean, we have lots of capabilities there, particularly with security groups and Active Directory groups driving OneLogin behavior. But also, the other thing to consider is that we've had some other integrations between some of these other products for quite a few years.
So we've obviously had the Active Roles connector for Identity Manager. We've had the PAG module for Identity Manager for a while. We have solution accelerators that you can easily consume on GitHub for a lot of these different small pieces that we have.
So we're constantly pushing the envelope of what we can accomplish, not only from a field perspective, presales engineers and consultants and developers, but also from a strategic perspective. We're looking-- we're interfacing with the CAB and the PAB to understand what's driving the business today for these types of converged fabrics, converged integration solution points. So yeah, lots of work going on today.
Great. And hopefully, what you're picking up here is we're being led by you, our customers and our partners. We're not making up these use cases in a back room somewhere and just creating something and hoping it sells. We're basing this on feedback that we get from our clients and from our partners in terms of the real world issues that they're not able to solve today with a fragmented identity portfolio.
Exactly.
So Rob, something else I noticed as you were demonstrating there. So a lot of what I see is kind of right-sizing privilege. Now, we hear a lot about zero trust. I've been hearing zero trust now for best part of 15 years-- never seen a successful implementation, I've got to say. Tell us a little bit about of the differences between what we're doing here, sort of right-sizing privilege, and a traditional kind of zero trust approach.
So a traditional zero trust is a paradigm. And I know a lot of-- most of you are technologists in the room. When somebody says zero trust-- we're going to take everybody's rights away-- do you all say yay, or do you cringe?
I cringe. I can't imagine the amount of support calls I would get if somebody says, we're going to just pull everybody's rights away and make them revalidate everything they have.
So right-sizing, or creating intelligence around your governance, around the Identity and how you manage it, is a more appropriate approach than just yanking it all the way. The term "lease privilege" is something that comes up a lot, too.
So I consider zero trust kind of this pie in the sky paradigm of what you could potentially do with the right tooling. And I look at these types of integrations as what, frankly, the feet on the street really need to administer and maintain and right-size the identity footprint.
Because it's all about risk exposure. We've heard that all throughout the morning is risk and AI taking over. And the way you reduce that risk exposure is you start introducing controls that are very adaptive, but manageable. You're not just yanking stuff away because. Because nobody wants a zillion user calls, right-- help desk calls.
Absolutely. So last one, Rob. Where do we start? So if I'm somebody in the audience. I'm running at least one One Identity product today. What should I do next in order to at least evaluate some of what we're showing on stage here today?
So if I could put my consulting hat on for a minute. We've all roll our-- everybody roll your eyes when I say people, process, technology. We've all heard it and saw the pyramid.
So evaluating your processes is by far the most important thing you can do. It's-- the technology-- as feature-rich as the technology is, if your processes are still not aligned or prepared to have an integrated security model, you're going to have a lot of difficulty getting stakeholders buy-in.
So I would-- my opinion is you start with your process. You understand the processes that are going to give you the most bang for your buck at a business level. And then you break it down into your technical pieces so that you can introduce-- maybe it's PAM. Maybe you want to start with privileged accounts because that's something that is obviously a high-risk vector right away.
Maybe it's Active Directory. Maybe you have multiple directory services. You want to bring them into the fold and then deliver them out-- deliver access to them more easily. It really depends-- it's going to depend on your business model. And it's also going to depend on how mature your security footprint is. And I think starting with an assessment is the first way to go.
Great. A round of applause for Rob. Everybody, please.
Thanks, everybody.
[APPLAUSE]
OK. So hopefully, those ambitious objectives I had at the beginning of the presentation here are somewhat met. Hopefully, you're getting a good sense now as to how we're being driven as an organization, why we're being driven in those ways, and how that is now manifesting itself as real solutions that you can deploy to bring value to your organization.
So let's just bring the session to a close here with a couple of conclusions. We have all the tools in the toolbox that we need. Will we make further acquisitions? Probably. But we have the major constituent parts necessary to unify those tools and create a unified identity platform.
We can prove it with real solutions. You just saw the surface today on stage as to what we're capable of as an organization. We just gave you a taster for some of the integrations available. Please talk to your sales reps, talk to your SEs about what's possible for your organization.
It's really important that we're led by you as well. So if you had feedback in terms of integrations you'd like to see, problems that you believe we probably could solve with this integrated approach, we'd love to hear those points of view. We want to be led by you, our partners, and our customers.
If you are a partner or a customer, you're already on the road. You're already on the first stage of the journey. We can integrate from any of our products to any of our products. So whatever product you happen to be running, there is value to be had by adding another one, by creating that 1 plus 1 equals 3. Let us help you to find those use cases that bring real value to your business.
Talk to your One Identity team about this. I showed you just a snapshot of some of the best practices that we can use in the field to help you assess your own situations, help you define your preferred risk postures, create identity heat maps, perhaps, to make sure that we're making the right steps towards a better identity strategy for you. And with that, thank you very much.
[APPLAUSE]
[MUSIC PLAYING]