Technology Trends

ForgeTalks: A Local's Tour of the ForgeRock Identity Platform

Welcome back to ForgeTalks. In last week's episode, ForgeRock's VP of Product Management, Mary Writz, took me on a tour of the main landmarks of the ForgeRock Identity Platform, including Intelligent Access and ForgeRock Go. This week, we are treated to a local's tour of the platform. We'll travel "off the beaten road" and explore some of the hidden gems that the ForgeRock Identity Platform has to offer.

We'll be exploring:

  • How the ForgeRock Identity Platform makes it easier to develop applications
  • How Macaroons fix problems around Fine-Grained Scopes and Delegation
  • How ForgeRock makes Identity for Things easy!

I hope you enjoyed this two-parter with Mary. Make sure you stop by next week when I meet with ForgeRock's VP of Product Marketing, Ashley Stevenson, who unravels the question: "What is Single Sign-on?" And if you want to watch any of the other episodes you can check them all out here.

Autonomous Identity: Your Prescription for Reducing Risk in Healthcare

Earlier this year, ForgeRock published our 2020 Consumer Identity Breach Report detailing insights and data on breaches impacting consumers in 2019 and Q1 2020. As highlighted in the report, healthcare was, once again, the most frequently targeted industry (43% of all breaches), personal identifiable information (PII) accounted for the most sought after data type at 98%, and unauthorized access was by far the most common attack vector, responsible for 40% of breaches. 

As overburdened healthcare IT professionals work tirelessly to meet the demands of the COVID-19 pandemic, cybercriminals are using the global health crisis to take advantage of institutions by exploiting unauthorized access. 

This reality means the healthcare industry must protect against two threats at once. Neither is simple. IT professionals need to ask themselves whether they can identify high risk anomalous access. And just as importantly, explore how AI can help by automating access requests, performing certifications, and predicting what access should be provisioned to users.  

Identity Governance and Administration (IGA) solutions fall short in their ability to address the healthcare industry’s risk landscape and cannot meet its demanding and ever-changing requirements. Why? Simply put, IGA solutions don’t provide organization-wide visibility or identity context especially as identities continue to increase in multiple applications and locations (on-premise, cloud, etc.). This leaves your risk and security teams struggling to keep up as they manually provision access privileges and rubber stamp access requests and certifications. Additionally, the resulting operational inefficiencies can leave your teams blind as to who has access to what and, more importantly, why they have access in the first place. So, what’s the cure? 

ForgeRock Autonomous Identity is an AI-driven identity analytics solution that can be layered on top of, and integrated with, your existing IGA solutions to provide real-time and continuous organization-wide user access visibility, control, and remediation. Autonomous Identity analyzes all identity data to give you a deeper understanding into the risk associated with user access across the entire organization. The solution ingests vast amounts of workforce, partner, and consumer (patients/members) identity data from existing identity management and governance solutions, identity stores, and user activity repositories to provide wider and deeper insight into the risks associated with user access.

For example, one of the largest healthcare retailers in the United States used ForgeRock Autonomous Identity to bring visibility and contextual insight to their employee records, applications, entitlements, and entitlement assignments. The result was 550,000 entitlement assignments identified for AI-driven automation and clean-up; an accomplishment that would have taken a lot of resources and months, if not years, for IT teams to do manually.

As the customer story above exemplifies, Autonomous Identity enables your risk and security teams to accomplish the seemingly impossible — reducing risk, manual processes, and costs with one solution across your disparate identity enterprise.

To learn more about ForgeRock Autonomous Identity, read Maximize the Value of Your Healthcare Identity Solutions with AI-Driven Identity Analytics or contact us today.


ForgeTalks: Your Guide to the ForgeRock Identity Platform

Welcome back to another episode of ForgeTalks. The ForgeRock Identity Platform is a workhorse - covering every identity possible and offering a comprehensive set of capabilities. There are few people more knowledgeable about its depth and breadth than Mary Writz, VP of Product Management. In today's episode, Mary compares a tour of our platform to a traveler visiting Paris for the first time. For newcomers, the Eiffel Tower and the Louvre can't be missed. When it comes to our platform, her 'must visit' hot spots include Intelligent Access and ForgeRock Go. In our chat, she shares insider tips on how her favorite features solve some of the most common and complex identity issues companies face. 

We'll be answering key questions like:

  • How do I design the perfect access journey? 
  • What is the best way to help people recover lost passwords? 
  • Can an identity platform offer DevOps deployment nirvana?  

Make sure you check out next week's episode, where Mary takes us on a "locals tour" of the ForgeRock platform - revealing some of the lesser-known but equally powerful features. And if you want to check out any of the previous episodes of ForgeTalks you can view everything here.

Fireside Chat With Former Australian Prime Minister Malcolm Turnbull 

The Role of Cyber Security & Digital Identity in the Modern Economy 

While the connection between cyber security and Identity and Access Management continues to strengthen across Australia, it has become a keen area of focus for one of the country’s most influential leaders. I recently sat down with Malcolm Turnbull, the 29th Prime Minister of Australia, and ForgeRock Managing Director for Australia & New Zealand, James Ross, to discuss the opportunities and trends that are driving innovation and investment in the region.  

Solving complex security challenges

Speaking to a virtual audience of ForgeRock customers and identity professionals from around the globe, Mr. Turnbull shared his views about the risks associated with handling cyber threats reactively. Globally, organizations are investing billions of dollars to reactively combat threats that can be delivered, in some cases, by a single skilled individual with an internet connection. The threat increases of course, with the investments that can be made by cybercriminals and foreign governments. The impact could lead to widespread disruption to our society.

The rationale behind Mr. Turnbull’s 2016 Australian National Cyber Security Strategy - which established the country’s first formalized approach to cyber security and saw an investment of A$230 Million dollars across 33 initiatives and the establishment of the national Cyber Security Centre - was to recognize the seriousness of cyber threats that was estimated to be costing the Australian economy A$7 Billion per year and offer a strategy to get on the front-foot in combating them. ForgeRock’s approach complements this thinking. So much of our work with customers and partners is to raise awareness that usernames and passwords are not sufficient. By bringing in behavior-based authentication and biometrics, organizations can quickly eliminate a major point of exploitation from hackers while simultaneously opening up opportunities for improving the customer and employee experience by providing users with a passwordless authentication option that is even more secure. Digital identity is now a critical part of overall cyber security planning and execution.

“Identity is trust and trust is identity"

People want to feel safe and secure when they engage with brands and services online. They expect their bank, healthcare provider, or favorite online retailer will keep their personal data protected from harm. No wonder then, that the tension that so many organizations are grappling with is how to make consumer experiences easy while putting the right security controls in place to assure people that their data is being well looked after.  The ability to login using a single credential and get access to multiple services (through single sign-on or SSO) eliminates the burden of remembering multiple user profiles and passwords.

What is clear is that people are happy to hand over sensitive information to trusted brands. In turn, that personal information is used to authenticate individuals and provide access to services. As Mr. Turnbull highlighted, “Identity is trust and trust is identity.” No wonder then that, alongside Australia’s National Cyber Security Strategy, Mr. Turnbull was behind the establishment of the country’s Digital Transformation Agency (DTA), which explored, among other things, identity and access management. Out of the DTA has come Australia’s MyGov and MyHealthRecord systems that make government digital for citizens - both of which are built on the premise that authenticated identity is the cornerstone to streamlined access to services.

Powering new opportunities

Of course, organizations that use identity to create secure, streamlined digital experiences will find themselves ahead of competitors. Personalizing services for customers or citizens makes life easier and allows people to self-manage their accounts and services and has a positive impact on an organization’s bottom line.  

In Australia, this opportunity is being driven by ambitious government initiatives. Following the UK’s Open Banking program, Australia launched the Consumer Data Right (CDR) regulation, which will enable consumers to more easily transfer their personal information to competing companies. Aside from empowering people to own and use their personal data to comparison shop, the CDR will also enable vendors and third parties to securely access the personal information stored by banks, powering further innovation and customisation of services. Identity management solutions are a critical component in the success of the legislated CDR roll out.

The role of identity management is being further thrust into the spotlight by the COVID-19 lockdown, which has sparked widespread upticks in demand for digital access. In Australia, national retailer Woolworths reported a 320 percent increase in app use, while ANZ Bank saw a five-fold increase in the use of its digital channels and these are just a  couple of relevant examples.

As Mr. Turnbull observed, digital is becoming the battleground for brands and organizations and for the public sector to provide better secured customer experience to its citizens and as he stressed during our discussion, “If we crack the digital identity nut, a lot of the issues we are facing will be mitigated.”

You can watch the replay of our virtual fireside chat with Mr. Turnbull here


ForgeTalks: Digital Transformation vs. The Aliens

Welcome back to another episode of ForgeTalks. I was joined this week by ForgeRock Chief Evangelist Allan Foster, to talk about digital transformation, COVID-19 and the pivot to remote work and play. For those of you who know Allan, you know he can talk - so get comfy, you're in for a comprehensive discussion on the new digital experiences that have landed here on planet Earth. 

In this episode we'll talk about:

  • Some of the reasons why businesses are struggling to interact with employees and customers digitally
  • How digital transformation has enabled businesses to be flexible following the start of the COVID-19 pandemic
  • What businesses can do if they have yet to undergo their digital transformation

I hope you enjoyed this great episode with Allan. Make sure you check out next week's episode where I chat with ForgeRock's VP of Product Management, Mary Writz, about her favorite features of the ForgeRock Identity Platform. And if you want to check out any of our previous episodes, you can see them here.

Autonomous Identity: How to Overcome Identity Governance Fatigue

Redefining Identity: ForgeRock Autonomous Identity 

IT and Security teams are experiencing identity governance fatigue because they are exhausted from manually reviewing and approving access requests and rubber-stamping certifications. To address this weariness, ForgeRock is providing a new modern approach to identity. ForgeRock Autonomous Identity is an artificial intelligence (AI)-driven identity analytics solution, that allows you to overcome identity governance fatigue.

ForgeRock Autonomous Identity provides real-time, continuous enterprise-wide user access visibility, control, and remediation. By leveraging AI and machine learning techniques, Autonomous Identity collects and analyzes all identity data—such as accounts, roles, assignments, user activity, and entitlements—to identify security access and risk blind spots.  

The solution provides you with wider and deeper insight into the risks associated with user access by providing enterprise-wide contextual insights, high-risk user access awareness, and remediation recommendations. Autonomous Identity can be overlaid onto legacy IGA solutions, enabling your organization to increase operational efficiencies, accelerate decision making and maximize existing identity investments.

Leverage Your Existing Identity Investments  

ForgeRock Autonomous Identity works with your existing identity infrastructure to develop a complete view of the user access landscape. This includes identity management, Microsoft Active Directory, identity governance, databases, LDAP systems, and other identity data sources in your organization. The landscape provides highly accurate models, showing what good access should and shouldn’t look like.  

Unlike legacy IGA solutions that are based on leveraging static rules, roles, and peer group analysis, Autonomous Identity relies strictly on the data in your organization to develop an analysis that is free from any bias coming from human-derived rules and roles that exist in your identity management or identity governance solution.

How It Works 

Autonomous Identity links users to entitlements at the lowest attribute level. The solution uses profile data to determine the likelihood an individual will need an entitlement, based on how entitlements are currently distributed across the organization.

Why ForgeRock Autonomous Identity?  

Autonomous Identity addresses identity governance fatigue with unique and highly differentiated capabilities, including:  

  • Global visibility: By leveraging AI-driven identity analytics, you can collect and analyze identity data (examples: accounts, roles, user activity, entitlements, and more) from diverse identity, governance, and infrastructure solutions in order to provide enterprise-wide visibility of all identities and what they have access to across the entire enterprise. This approach provides your security and risk teams with contextual insights into low-, medium-, and high-risk user access at scale.
  • Highly scalable: As new identity data is collected and old data is purged, the AI and machine learning model evolves and learns the dynamic changes within the enterprise. By leveraging predefined machine learning techniques and algorithms, you can quickly predict, recommend, and identify outliers. This intelligence-based approach allows your security and risk professionals to automatically analyze and model high volumes of identity data to identify high-risk user access and unauthorized or unknown user access across the entire organization.
  • Data driven: With Autonomous Identity, you can contextually examine all identity-related data and identify and recommend the right level of user access rights. This approach provides the ability to identify and apply appropriate birthright or leaver user access rights to accounts, applications, systems, roles, entitlements, and more. This process reduces the overall request volume by predicting appropriate user access at the right time to the right resources.
  • Transparent AI: Unlike “black box” identity analytics solutions, Autonomous Identity allows you to fully comprehend how and why risk confidence scores are determined. By visually presenting low-, medium-, and high-risk confidence scores together, your security and risk professionals can contextually understand which key risk indicators were met. This AI-driven approach recommends risk-based identity and governance remediation updates based on enterprise-wide confidence scores.
  • Dynamic analysis: With intelligent data stream processing, you can leverage existing and diverse identity, governance, and infrastructure data sources to continuously collect and process high-velocity, high-volume data (examples: roles, entitlements, attributes assignments, and more) from across the enterprise. Combined with a highly scalable and distributed microservices architecture, enterprises can process and analyze tens of millions of data points quickly to predict and recommend user access rights and highlight potential risks. This intelligence-based approach enables security and risk professionals to accelerate their decision-making process.

Autonomous Identity provides you the unprecedented ability to reduce costs while simultaneously lowering risks across your organization. It is a game-changing solution that is redefining identity by providing organizations with the following key business benefits: 


To learn more about ForgeRock Autonomous Identity, watch the “Identity Redefined: Eliminate Risks and Cut Costs with AI-Powered Identity Analytics” webinar with ForgeRock and Accenture. 


ForgeTalks: To Your Health

Hello, and welcome back to another episode of ForgeTalks. While COVID-19 has certainly made things challenging for all of us, the global healthcare industry has been hit particularly hard. In addition to serving on the front lines of the pandemic, the number of data breaches and targeted attacks against medical data is also on the rise. ForgeRock's Chief Technology Officer, Eve Maler joined me again, along with ForgeRock VP for US Healthcare, Steve Gwizdala, to discuss the challenges the healthcare industry faces in 2020 and how digital identity can help. 

We'll take a look at:

  • Current trends within the healthcare industry
  • Data from ForgeRock's recent Consumer Identity Breach Report
  • Real world results that ForgeRock's healthcare customers are achieving by investing in digital identity

I hope you enjoy this week's ForgeTalks episode. If you missed the recent two-part miniseries about ForgeRock Go you can view Part I here and Part II here, and make sure to check out next week's episode where I meet with ForgeRock's Chief Evangelist Allan Foster to discuss how digital transformation has helped businesses pivot to a remote world.

Want to see more? Visit our ForgeTalks page to catch the whole video series.

What is Identity Governance Fatigue?

The Traditional Identity Journey

Over the past decade, organizations have gone through many different stages of the identity journey. Depending on the size and maturity of your organization, you are probably in one of six identity maturity categories (see diagram below). Your progress through the stages of maturity may be stalled—but not necessarily because of limited resources or for lack of trying. Your lack of progress is likely due to the limitations of your existing identity governance solution. 


Why? These legacy solutions fail to deliver on your identity governance requirements. Large enterprises need a model that provides visibility into who has access into what and why, eliminating manual access requests, approvals and certification rubberstamping. And, the identity model should grow dynamically as your organization changes over time. 

Why Legacy Identity Governance Solutions are Destined to Fail 

Legacy identity governance and administration (IGA) solutions are failing organizations today for several reasons: 

  • Identity silos: Many IGA solutions are only integrated with a few authoritative identity sources, like Microsoft Active Directory, or your company's HR system, like Workday. The limited integrations result in poor user access visibility and a lack of consistent access visibility across the entire enterprise. As a result, you have many islands of identity sprinkled across your organization.
  • Operational inefficiencies: IGA solutions are meant to automate access requests, approvals and certification reviews. The reality is quite different. Instead, your teams are so overwhelmed with access requests, approvals and certification reviews that they end up manually approving access requests and rubber-stamping certifications. This results in the overprovisioning of user access privileges across your entire enterprise. 
  • No context: While IGA solutions are good at providing visibility into a single authoritative source, they don’t provide visibility and context across multiple authoritative sources. As a result, organizations struggle to determine what users need access to, what access they have, and why that access is needed. Without universal visibility and context across the entire enterprise, your organization is blind to inappropriate user access privileges and potential unauthorized user access. 
  • Static data: IGA solutions provide tools—like role modeling—to help organizations achieve better operational efficiencies and compliance. While role modeling helps to better align users with the right access rights, the organizational role model rapidly becomes stale and outdated. Your organization changes dynamically every hour, every day, every week, and every month. With outdated access rights, privileges, roles and entitlements of an IGA solution, your organization is more open to security risks and potential data breaches.  

These are the reasons why IT and Security teams are experiencing identity governance fatigue. They are exhausted from manually reviewing and approving access requests and rubber-stamping certifications. 

Don’t Run Your Business with a Crystal Ball

Is this how you want to run your business? With a crystal ball that provides predictions based on limited data. Of course not! That is why you implemented an IGA solution. 

Your existing IGA solution has provided you with an initial set of capabilities to manage and control the entire identity lifecycle. From a user’s birthright access to the removal of their access when they leave the organization. The point here is, access requests, access approvals, certifications and role modeling capabilities have gotten you to where you are today. You have made progress in managing and controlling user’s access. That’s the good news. 

The bad news is legacy IGA solutions have created a new set of barriers to your organization’s growth and future success. Existing IGA solutions have stalled your progress because they have not addressed the core problem: “How do I develop a model to solve my access problem?”  Until that question is addressed with a solution that meets today’s challenges and acknowledges the dynamic nature of your organization, you’ll continue to be in a “holding pattern” when it comes to managing and controlling user access across the entire enterprise.  

Grow the Business with AI-Driven Identity Analytics 

How do you evolve past the holding pattern?  The answer is artificial intelligence (AI)-driven identity analytics, which address legacy IGA solution gaps.

Using AI and machine learning techniques to consume and analyze large data volumes, AI-driven identity analytics can detect user access patterns and inappropriate access privileges across the entire enterprise. By automating high-confidence and low-risk user access rights, your security and risk teams will have more time and resources to focus on higher priority tasks and projects. 

In my next blog, I’ll explain how organizations can overcome identity governance fatigue with ForgeRock Autonomous Identity. Be sure to watch the “Identity Redefined: Eliminate Risks and Cut Costs with AI-Powered Identity Analytics” webinar with ForgeRock and Accenture to learn more.   


ForgeRock Identity Platform Updates are Here!

More Ways Than Ever to Transform Your Business With the ForgeRock Identity Platform

Since 2010, millions of people have safely accessed the connected world with the help of the ForgeRock Identity Platform. From employees at the world’s most recognized brands to consumers logging in to their favorite ecommerce sites – our platform has made it possible for large enterprises to deliver amazing digital experiences. 

BMW is a perfect example. The prestigious Bavarian automaker uses ForgeRock to cut costs and improve operational efficiencies by consolidating seven different point solutions for more than 25 million users. With ForgeRock as the foundation for their OneIDP strategy, BMW now processes 8,000 authentication requests per second while using automation to achieve a net-zero implementation cost for new applications. Check out our new case study for more details. 

As technology constantly evolves, we want to continue to ensure that anyone using the ForgeRock Identity Platform can quickly and easily keep their employees productive and their customers happy. That’s why we’ve been working on the most significant update to the platform in company history. And today, we’re proud to announce it's now available. As part of this milestone, we’ve published a new white paper that provides all the details you need to get the most out of this monumental release. 

Check out the highlights below, and watch the demos we previewed during ForgeRock Identity Live: Virtual Edition 2020 in June.  

  • Unmatched AI-driven intelligence: Now available from ForgeRock is Autonomous Identity – soon to be your answer to reducing cost and lowering risk. This game-changing solution has already eliminated 91% of the entitlements for a major ERP application for a multinational financial services organization and identified over half a million permission assignments for automated cleanup at a large U.S. healthcare service provider. Autonomous Identity is a modern approach to identity that provides organizations a wider and deeper understanding into the risk associated with user access by providing enterprise-wide contextual insights, high-risk user access awareness and automated remediation recommendations. 
  • Experiences that flow: ForgeRock Intelligent Access helps organizations build seamless and secure experiences that adapt to a user’s needs in real time. This latest release includes a killer feature called ForgeRock Go that allows you to say goodbye to passwords and usernames. We’ve also updated Intelligent Access to handle registration, progressive profiling, and user self-service to deal with forgotten credentials directly in line with the authentication experience. Intelligent Access now supports device context, so you can enhance user experience with a fast lane for trusted devices or introduce just the right level of security friction, based on data from the user’s device.
  • Cloud without compromiseyour cloud, our cloud, or their cloud: We’ve introduced a major update to ForgeRock Identity Cloud, a true identity platform delivered as a service that is complemented by rich hybrid features, enabling you to deploy identity services where, when, and how they’re needed. With one subscription to ForgeRock Identity Cloud, you get complete freedom to consume ForgeRock’s rich identity functionality from the cloud as well as in your environments – whether those are your data center or your public cloud provider of choice. It’s the same standards-based technology however you consume or deploy, so you are future-proofed and able to address any identity challenge no matter how complicated. With ForgeRock Identity Cloud, your data is under your control. You get full tenant isolation: we don’t commingle your data with other customers’ data. We also provide many options to deploy in the global region of your choice to ensure your data stays where you need it to be.

Are you ready to drive more value out of your digital experiences than ever before? Let’s do it!


ForgeTalks: Beyond Authentication

Welcome back to ForgeTalks, and part 2 of our miniseries on ForgeRock Go - our answer to making authentication easier than ever. In today's episode, I'm joined again by ForgeRock's SVP of Corporate and Business Development, Ben Goodman and Senior Integration Engineer, Frank Gasparovic, for a look beyond authentication. 

In this episode we'll look at:

  • How ForgeRock's Intelligent Access and the ForgeRock Trust Network enable amazing user experiences throughout the access journey.
  • How intelligence can help you dial up or down friction based on your risk preferences. 
  • And demos that show you how the ForgeRock Trust Network creates a layered experience for customers.

I hope you enjoy both installments of this series. If you happened to miss part 1, you can view that here, and make sure to pop by next week where I chat with ForgeRock CTO Eve Maler, and ForgeRock's RVP for US Healthcare Steve Gwizdala, as we look at identity and the current state of healthcare.

ForgeTalks: ForgeRock Go and the Beginning of the End for Usernames & Passwords

Welcome back to ForgeTalks. Today's episode is the first of a two-part series looking at ForgeRock Go, our answer to killing the dreaded username and password. ForgeRock's SVP of Corporate and Business Development, Ben Goodman and Senior Integration Engineer, Frank Gasparovic, introduce me to this exciting technology and how it will help organizations create better user experiences and improve security.

In this episode we'll answer questions like:

  • Why usernames and passwords create such an unsatisfactory and unsafe user experience.
  • How ForgeRock Go fixes this problem with an out-of-the-box implementation of the WebAuthN standard.
  • Plus, we'll look at a demo of ForgeRock Go in action!

I hope you like this week's episode of ForgeTalks. Make sure to swing by next week for Part 2 of this mini-series where we look at how the ForgeRock Trust Network enables even more incredible user experiences. And if you missed last week's episode with Chief Revenue Officer Pete Angstadt on the Five Ways Identity Pays check that out here.

ForgeTalks: Five Ways Identity Pays

Welcome back to another episode of ForgeTalks. Our guest this week reveals different ways poor digital experiences cause businesses to leak money. The good news is Identity solutions can help. ForgeRock's Chief Revenue Officer, Pete Angstadt, shares his list of top 5 Ways Identity Pays. You'll get answers to big questions about the future of digital transformation and the business value identity can deliver.

  • Why are forgotten passwords undermining your organization’s bottom line?
  • How artificial intelligence can save you massive amounts of time by automating manual tasks.
  • And how ForgeRock's approach to cloud can cut thousands of hours for identity architects with accelerator kits.  

I hope you enjoy it!  If you missed last week's episode on Virtual Banking with ForgeRock's Ajay Biyani, you can check that out here. And tune in for next week's episode which will be part one of a two-part mini-series on ForgeRock Go - our answer to eliminating the need for the hated username and password.

Come see how ForgeRock’s platform drives financial upside with our ROI calculator here

ForgeRock Congratulates BMW on Prestigious KuppingerCole Award

I have such a great job. I’m constantly inspired by ForgeRock customers all over the world who are delivering breakthrough digital experiences. So I know that these individuals are innovating beyond expectations, but it’s always gratifying when the industry also gives credit where credit is due. KuppingerCole, Europe’s leading analyst firm for Information Security, awarded BMW its prestigious KC Virtual Award.

The KC Virtual Awards honor outstanding Identity Management (IM) and Security projects and this year the award for the best IAM for Digital Transformation project was bestowed upon BMW. The globally recognized automaker has a strong focus on identity. The company manages 25 million identities ranging from employees to customers to dealers, ensuring the right people are using the right products and apps, and enjoying the best possible digital experience.

How Did BMW Do It?

It was important to BMW to ensure ease-of-use so its customers and partners can easily and safely access various BMW applications. To achieve this, BMW needed to consolidate its numerous disparate systems and build a central Identity Platform (IDP) for the whole organization to better serve its employees, customers, partners, car dealers and technical providers. Prior to the consolidation, BMW was developing tons of custom code to connect various systems, which was costly and time-consuming. The disparate systems also required users to log in to multiple systems multiple times, which complicated the goal of a seamless user experience.

BMW embarked on an identity strategy, called OneIDP, which required the company to consolidate 20 different Identity Management and Access Management (IAM) systems that supported its three brands (BMW, Mini and Rolls Royce and other entities like BMW Financial Services) into one. With this project, BMW wanted to:

  • Offer an exceptional and seamless user experience 
  • Reduce onboarding and maintenance cost through automation
  • Achieve faster time to market through automation
  • Increase scalability
  • Enable new business cases such as IoT
  • Increase performance

ForgeRock’s platform enabled the company to bring together its identity systems and achieve significant cost savings, improve time to market, scalability and compliance. The new approach, which supports 25 million users, also allows BMW to deliver critical data and services to consumers, partners quickly, easily and securely. Stephanus Reiger, Group IT--Infrastructure and Technology Management for BMW Group, recently participated in a virtual panel during ForgeRock Identity Live and said, “ForgeRock is essential for us to create a central IDP for BMW.”

BMW for the Win!

Since deploying OneIDP, BMW has surpassed expectations. For example, rolling out new applications was costly and took up to 15 days. With ForgeRock, the process is automated, making it possible to deploy new apps within seconds and at zero cost. Additionally, internal performance tests revealed that BMW can process 8,000 authentication requests per second. During the award ceremony, Gerald Maier, IT Solutions Architect for BMW, said, "I'd really like to thank the 2 partners, IC Consult...and of course ForgeRock because in my opinion they not only have excellent software, they really supported us with excellent knowledge and experience."

Click here to read more about the BMW story. Want to learn more about how to replicate BMW’s transformative identity solution? Find out how you coexist, migrate, or retire your IAM system here


ForgeTalks: The Rise of the Virtual Bank

Welcome to another episode of ForgeTalks! This week I caught up with Ajay Biani who heads up the ASEAN team here at ForgeRock. In Southeast Asia, they're seeing a massive uplift in virtual banking, and Ajay was kind enough to take me through what a virtual bank is, why we're seeing such a big surge in virtual banks, and what it takes for financial services companies to be successful in today's digital world.

I hope you like this week's episode. If you missed my discussion last week with ForgeRock CTO Eve Maler, you can check that out here. And make sure to stop by next week when ForgeRock's CRO Pete Angstadt gives us his Top 5 Ways Identity Pays.

Autonomous Identity: Maximize Your Identity Investments With AI-Driven Identity Analytics

Like most organizations, you’ve probably relied for years on legacy identity governance and administration (IGA) solutions to manage user access, ensure compliance, and protect vital data. Unfortunately, these solutions are falling short in their ability to meet your ever-changing business requirements and needs today. Why? Legacy IGA solutions don’t provide enterprise-wide visibility or identity context. Instead, they operate in ‘identity silos’ based on static data, including assignments, roles, and entitlements. Combined with the increasing volume and type of identities, this can leave your already overburdened risk and security teams struggling to keep up as they manually provision access privileges and rubber stamp access requests and certifications. The resulting operational inefficiencies can leave your teams blind as to who has access to what and, more importantly, why they have access. Without enterprise-wide visibility and contextual insights, organizations will continue to have outdated access rights and privileges, which can leave them increasingly exposed. 

Take heart. There is a light at the end of the tunnel. ForgeRock has developed an AI-driven identity analytics solution, Autonomous Identity, that allows organizations to maximize the business value of their existing IGA solutions by addressing identity and governance solution gaps. So, how is this accomplished? Read on.

How ForgeRock Autonomous Identity Addresses Legacy IGA Challenges  Legacy IGA Challenge: Identity Silos ForgeRock Solution: Contextual, Enterprise-Wide Visibility

Unlike siloed legacy IGA solutions, ForgeRock Autonomous Identity collects and analyzes identity data from all data sources to gain enterprise-wide visibility into all identities and their access rights. This provides security and compliance teams with contextual insight into who has access to what and why. 

Legacy IGA Challenge: Access Blind Spots ForgeRock Solution: Access Risk Awareness

Legacy IGA solutions have user access blind spots. ForgeRock Autonomous Identity increases your visibility by leveraging AI and ML techniques to proactively analyze all identity data and contextually identifies user access and entitlement risk across the entire organization. In turn, it identifies and highlights high-risk access and inappropriate access privileges to compliance and audit teams.

Legacy IGA Challenge: Inappropriate User Access ForgeRock Solution: Access Rights Identification

Say goodbye to manual rubber stamping and bulk approvals. ForgeRock Autonomous Identity automates the analysis of all identity-related data across the enterprise. By analyzing and quickly identifying the entire user access landscape, organizations can proactively rectify overprovisioned users and outliers, recommend remediation, and automate the removal of access rights when appropriate.

Legacy IGA Challenge: Inappropriate Access Privilege Patterns ForgeRock Solution: Enterprise-Wide Access Insights

Instead of relying on manual access analysis of security and compliance teams, ForgeRock Autonomous Identity saves time and effort by automating insights into all user access patterns. By continuously ingesting new identity data, Autonomous Identity evolves its machine learning (ML) model to understand dynamic changes within the organization. This enables it to predict and identify outliers, including inappropriate access privilege patterns and unauthorized user access across the entire enterprise. 

Legacy IGA Challenges: Manual User Access Approvals ForgeRock Solution: Automated User Access Approvals and Remediation

Eliminate the need for manual approvals and remediation. ForgeRock Autonomous Identity enables the automatic approval of high-confidence, low-risk access requests and certifications, as well as the revocation and removal of stale user access rights. This AI-driven identity analytics approach reduces operational access request burdens and accelerates certification campaigns without exposing the organization to unnecessary risk.

ForgeRock Autonomous Identity Benefits


By integrating ForgeRock’s Autonomous Identity AI-driven identity analytics on top of your legacy IGA solution, you can save time and money and meet compliance standards with confidence. Additionally, with the solution’s actionable information, your security and risk teams can quickly and efficiently achieve least privileged access by continually receiving a refreshed enterprise view of all user access rights. 

Maximizing the business value of your existing IGA solution with ForgeRock Autonomous Identity results in improved operational efficiencies and accelerated decision making, while significantly improving your risk posture in our dynamically changing digital world. 

Read Maximize the Value of Your Identity Solution with AI-driven Identity Analytics to learn more about how Autonomous Identity addresses the challenges caused by legacy IGA, or contact us today to start your AI-driven identity analytics journey.

ForgeTalks: Are Privacy and Security Still Important?

Welcome back to ForgeTalks. In this week's episode, I catch up with Eve Maler, who was recently appointed Chief Technology Officer at ForgeRock.  I sat down with Eve to discuss whether privacy and security are still important in the digital identity industry, and what advice she has for businesses trying to balance privacy and security with amazing digital experiences.

I hope you enjoy this ForgeTalk!  If you missed our last episode where CPO Peter Barker breaks down Autonomous Identity, check it out here. And tune in next week where I dive into virtual banking with my good friend and Managing Director of ASEAN, Ajay Biyani.