Welcome to our new series, “Hum@n Leader”, where we introduce you to some of the most outstanding thought leaders in the IAM field.
Today we’re highlighting: Richard Iandoli – VP , Head of Identity Management & Data Classification, Information Security / Risk Management at Investors Bank
Career spanning over 25 years as technology manager across diverse domains and platforms supporting Data Governance, IAM / Privilege Access Management, Audit and Regulatory Compliance, Quality Management, and Change Management.
Specialties: Identity & Access Management, IT Governance, Release & Change Management, Project Management, Quality Assurance & Testing, Process Maturity, SDLC, Data Management, Talent Development
How did you begin your technical career?
My career spans over 25 years, I started as a developer (remember COBOL?) on the mainframe, followed by many years in Quality Assurance and testing, change management focusing on process maturity adoption at various retailers and financial institutions. After programming for a few years, I found my passion in testing and have implemented testing center of excellence (TCoE’s) and test automation teams globally. Establishing the Change Advisory Board and as chairperson, I become responsible for managing over 12,000 changes at year at Brown Brothers Harriman (BBH).
How did you end up in IAM?
During my stint in change management is where I began my interest in data privacy and identity management working closely with compliance and audit functions. My current CISO and I worked together for many years at BBH, we’ve fostered an excellent working relationship joined at the hip delivering many strategic initiatives including change advisory board, RCSA methodology, Secure SDLC adoption, and data management / privacy technology deployments. Along with Simeio Solutions, we evaluated leading IAM technologies and selected Saviynt as our choice for Investors Bank.
What attracted you to the field of IAM in the first place?
I’m a builder by nature, when my CISO discussed this opportunity at Investors Bank, it sparked my interest – it was a green field, I leveraged my CMM training and assessed current state of identity management at the Bank, looking at people, process and technology and developed a 3 year IAM roadmap. While addressing regulatory and audit gaps, we looked to partner with an integrator and identify best of breed technology solutions as we build out our technology stack in the areas of IAM, PAM (privilege access), SSO (single sign-on) and password reset.
Which technologies do you expect we will see more of in IAM in the future?
More integration with the cloud needs to happen, behavioral analytics is huge – the ability to predict user entitlements, based on adaptive behavior (role management). I’m interested to see where block chain takes us and how it changes the identity landscape. Improvement in federation is also key to streamline integrations throughout the identity lifecycle.
What is the most pressing unsolved problem in IAM today?
I think privilege access management always is near the top, we are not only worried about external threats but the threat from within keeps our security team up at night. With the GDPR now in full force, protecting our employees and customers privacy is in the forefront. The more we can know about our digital identities, the more secure our resources
Which kinds of professionals does a good IAM team consist of?
Based on my experiences, I believe those with customer care / help desk technicians that understand the applications and products leveraged by the company make excellent IAM team members as well as auditors, network, and security professionals. Someone who pays attention to detail and can think out of the box and finally, not afraid to affect change in the organization.
What inspires you outside of the workplace to continue doing the great work you do every day?
It’s personal pride in what you do, it’s my name on it, so I want to ensure the best possible solution is implemented given the technology at the time. It’s ensuring that what’s delivered meets the requirements and is easy to use, is adaptable to change, and supports growth.
If you or someone in your enterprise would like to be considered to be a “Hum@n Leader”, please contact Tim Jester at tjester