The “Getting to Know IDPro” blog series is back with Greg Smith, Chairman of the IDPro Editorial Committee. Greg discussed how he got involved with IDPro, his journey into the world of IAM and why IDPro is key for the growth of the identity industry.
IDPro: Can you share a bit about yourself and how you got involved in the identity industry?
Greg: My earliest involvement in “identity” was long before we started referring to it as identity. I started out working in higher education at Bucknell University and I came up with automation for user management on Unix and VMS systems used by our students. (Yeah, okay, no spring chicken.) Later, when I moved into the pharmaceutical industry, I did a lot of work with NT4 and later Active Directory, again automating user provisioning (and deprovisioning) for our business. Most of what I know in the IAM (Identity Access Management) space was self-taught or stolen from peers and people in my network, this was definitely not a topic where I was able to take a course. In the mid-2000s, we had the opportunity to deploy an actual Identity Management System at my current company. No more home-grown IAM systems for me! We have since replaced it with a best-in-class platform that has enabled us to improve the entire identity lifecycle management process. I am eternally grateful to our CISO for understanding the importance of identity and making investments to support our efforts!
IDPro: What brought you to IDPro and why did you decide to join?
Greg: I recall being at the IDPro launch in 2017 at the Cloud Identity Summit in Chicago and listening to Ian Glazer and Sarah Cecchetti explain why we needed IDPro and what it was going to do for all of us in this industry. I went home meaning to sign up, but life happened and I didn’t get around to it like I should have. A few months later, I had the fortunate opportunity to appear on a panel with Steve Hutchinson, one of our original Board members. Listening to Hutch talk about IDPro passionately and persuasively made me question what I was waiting for. As soon as I got home, I signed myself up for a personal membership. At Identiverse 2019 in Washington DC, I dropped by the IDPro booth to socialize, and had a chat with Lance Peterman (our current IDPro President), who asked why his company had a Bronze Enterprise membership in IDPro and mine didn’t. I couldn’t let that stand, so when I got home from that trip, I successfully lobbied my CISO to sign us up for a Bronze membership so our full IAM team could partake in the benefits of IDPro.
IDPro: Can you explain your role in IDPro?
Greg: As you know, I’ve been a member since 2017, and throughout that time, what we’re all trying to do with this organization has continued to resonate with me. I wanted to find a way to contribute but was struggling with how I could do something meaningful and useful. I didn’t see myself as necessarily having a lot to contribute to the Body of Knowledge, but the monthly newsletter looked intriguing, so I volunteered. It was great being a member of the editorial committee and I felt that my contributions were valued. Plus, it was a nice alternative outlet to my day job. After a time, I was asked to be the co-chair. I suspected a trap but went for it anyway. Not terribly long after that, the then Chair asked me if I would be interested in taking on the top job when he stepped down. Of course, I had to answer the call! My role here is running the monthly process to collect and sometimes author material, proofread it, organize it, and get it all ready for delivery before we run out of days in the month. The committee is currently nine strong, including myself, but we are all volunteers and have day jobs, so we’re still open to adding additional members to help share the load. Drop us a line at firstname.lastname@example.org if you’d like to help.
IDPro: Why do you think IDPro is important for the identity industry?
Greg: Like many of us in this industry, I’m largely self-taught. I have learned through experience and by making mistakes, figuring out what works well and what doesn’t as I went. I’ve gained experience around effective IT controls for identity by working with our corporate auditors and doing my best to stay ahead of them. Conferences have also been a great source of inspiration over the years, especially Cloud Identity Summit and now Identiverse. Through sessions, master classes, panels, and networking with our fellow Identerati, I’ve been able to keep pace to a large extent and deliver value through my team to my company. I’ve also put great effort into helping my team develop their own identity management skills, and these folks are great!
What has been missing this whole time is a good means to groom new I&AM talent. This is still a small, but growing industry where it is difficult to recruit for open positions. Frequently, we end up hiring people with some strong relevant skills and the ability to go learn the rest. There’s great interest in cybersecurity in general and some great classes and programs out there, but before IDPro was formed, there wasn’t a good curriculum available for I&AM practitioners. There were no certifications totally focused on I&AM, no degrees, just this great void waiting to be filled. Not only does IDPro provide a great means for us to come together, but we also now have the first few issues of the Body of Knowledge out there, written and curated by experts in our field. There’s active work on creating an exam and certifications. I’m optimistic that as we continue to grow in numbers and to expand the BoK, we’ll deliver a means for people to develop the skills we’re all seeking to hire, in a fraction of the time it took me in the School of Hard Knocks. I am looking forward to the day when I can hire a new team member with an IDPro certification!