Épisodes

  • Identity Program Operations and Metrics
    Jun 30 2026

    Your dashboard says everything is fine. Intrusion detection normal. Firewall active. MFA compliance at 98%. Meanwhile, somewhere in your environment right now, credentials are being harvested and nobody's metric is moving. That is not a security program. That is an expensive illusion of one.

    In this episode, Ernie and Josée decode Phase 7 of the IAM engagement blueprint: operationalization and metrics. Drawing from SailPoint, CyberArk, Ping Identity, Okta, NIST, and CISA — this is the episode that defines what a living, breathing IAM operating model actually looks like in production. The four-tier human architecture, JML velocity metrics, the psychology of the access review rubber stamp, and the KPI dashboard that tells you whether you are mathematically secure or just compliant on paper.

    You'll leave knowing the difference between believing you are secure and being able to prove it — and exactly which dials to watch to know when something is wrong before your auditors find it first.

    If you are responsible for an identity program that is already live — this episode is not optional.

    Connect with Ernie Prescott on LinkedIn at linkedin.com/in/ernieprescott

    Afficher plus Afficher moins
    42 min
  • Planning Successful Identity Management Rollouts
    Jun 23 2026

    The most dangerous assumption in any identity rollout is that the hard part is technical. It isn't. The hard part is the manager who needs access right now and doesn't care how it gets done. The administrator who knows the bypass is wrong but creates it anyway. And the organization that spent millions on the architecture and nothing on planning for either of them.

    In this episode, Ernie and Josée tear apart Phase 6 of the IAM engagement blueprint: implementation planning. From translating a three-year strategic vision into granular executable projects, to mapping the dependencies that silently kill timelines, to the brutal honest assessment of whether your current team is actually equipped to build what the architecture demands.

    You'll leave knowing why IAM programs almost never fail because the code is broken — and exactly what to do about the three things that actually bring them down.

    If you've ever watched a multi-million dollar rollout collapse on launch day — this episode explains why, and how to make sure it never happens again.

    Connect with Ernie Prescott on LinkedIn at linkedin.com/in/ernieprescott

    Afficher plus Afficher moins
    54 min
  • The Nine Layers of Identity Architecture
    Jun 16 2026

    Most organizations buy identity technology one piece at a time. A directory here. An MFA solution there. A PAM tool when the auditors ask for it. The result is nine disconnected layers that were never designed to work together — and an architecture that fails the moment it's tested.

    In this episode, Ernie and Josée decode Phase 5 of the IAM engagement blueprint: the technology architecture and three-year roadmap. Nine distinct functional layers — from the foundational directory and identity provider, through IGA and PAM, to non-human identity governance, ITDR, CIEM, and ZTNA — mapped, sequenced, and engineered to work as a single coherent system.

    You'll leave knowing exactly how to structure a realistic deployment across three horizons, why skipping steps is fatal, and what separates organizations that simply buy software from those that actually engineer a security program.

    If you're an architect or IT leader responsible for making all of this work together — this is the episode that hands you the architecture.

    Connect with Ernie Prescott on LinkedIn at linkedin.com/in/ernieprescott

    Afficher plus Afficher moins
    48 min
  • Securing Identities from Hire to Fire
    Jun 9 2026

    Your employee submitted their resignation on Friday. By Monday morning their access was still fully active. Every system. Every application. Every privilege they ever accumulated.

    In this episode, Ernie and Josée go deep on Phase 4 of the IAM engagement blueprint: process and lifecycle design. The joiner, the mover, the leaver — every transition point in the human identity lifecycle where access gets granted, recalculated, and revoked. From birthright provisioning on day one, to separation of duties enforcement when someone changes roles, to the instant revocation mechanisms that close the latency window the moment someone walks out the door.

    You'll leave knowing exactly how a minor paperwork delay in HR becomes a fired employee with full access to your financial systems on a Friday night — and how to engineer that window permanently shut.

    If identity lifecycle is your responsibility — or it should be and nobody has claimed it yet — this episode is not optional.

    Connect with Ernie Prescott on LinkedIn at linkedin.com/in/ernieprescott

    Afficher plus Afficher moins
    51 min
  • Why Identity Governance Must Lead Technology
    Jun 4 2026

    Season 1, Episode 4: You automated your practices. You accelerated your procedures. Yet you're still failing your audits. Your platform isn't fixing your identity problem — it's accelerating it. And right now, you're operating blindly when you should be seeing everything.

    In this episode, Ernie and Josée break down Phase 3 of the IAM engagement blueprint: the policy and governance framework. Drawing from the Identity Management Institute, Microsoft Entra, SailPoint, Ping Identity, Okta, and CISA — this is the episode that establishes why governance isn't a phase you revisit after deployment. It's the conductor. Everything else is the orchestra.

    If you're a CISO, a VP, or an architect responsible for an identity program and the technology is already live — this episode is not optional.

    Connect with Ernie Prescott on LinkedIn at linkedin.com/in/ernieprescott

    Afficher plus Afficher moins
    49 min
  • Identity Strategy and Target State Design
    May 30 2026

    Season 1, Episode 3: Identity isn't a technology problem. It's a strategy problem. And until your executive team agrees on where you're going, every platform you buy and every policy you write is just expensive guesswork.

    In this episode, Ernie and Josée map out Phase 2 of the IAM engagement blueprint: Identity Strategy and Target State Design. From building an executive vision that gets the CFO to write the check, to designing a target state capability map that governs employees, contractors, and autonomous AI agents — this is the episode that turns discovery into direction.

    You'll leave knowing how to design a zero-trust architecture that actually gets funded, and why skipping the decision gate guarantees failure regardless of the technology you choose.

    If you're an architect ready to stop fighting fires and start building something that lasts — this is your blueprint.

    Connect with Ernie Prescott on LinkedIn at linkedin.com/in/ernieprescott

    Afficher plus Afficher moins
    46 min
  • Executing a Ruthless Identity Security Autopsy
    May 25 2026

    Season 1, Episode 2: You can spend millions securing the front door. Vault-grade authentication. Biometric access controls. Armed monitoring around the clock. And an attacker will walk right past all of it — through the forgotten maintenance tunnel you didn't know existed. In this episode, Ernie and Josée execute Phase 1 of the IAM engagement blueprint: the identity security autopsy. A keystroke-level discovery process that surfaces every ghost account, shadow identity, and orphaned credential hiding in your environment before you build a single thing on top of them.

    Connect with Ernie Prescott on LinkedIn at linkedin.com/in/ernieprescott

    Afficher plus Afficher moins
    53 min
  • The Seven Phase Identity Security Blueprint
    May 21 2026

    Season 1, Episode 1: One forgotten password. One orphaned VPN account with no MFA. That's all it took to shut down half the fuel supply of the United States East Coast. In this episode, Ernie and Josée unpack the seven-phase IAM Program Engagement Blueprint — the complete, sequenced framework for taking an enterprise from identity chaos to a governed, mathematically verifiable security program. From executive scoping to continuous operations, this is the architecture that separates organizations that get identity right from those that make headlines.

    Connect with Ernie Prescott on LinkedIn at linkedin.com/in/ernieprescott

    Afficher plus Afficher moins
    53 min