Technology Trends

ForgeTalks: ForgeRock Go and the Beginning of the End for Usernames & Passwords

Welcome back to ForgeTalks. Today's episode is the first of a two-part series looking at ForgeRock Go, our answer to killing the dreaded username and password. ForgeRock's SVP of Corporate and Business Development, Ben Goodman and Senior Integration Engineer, Frank Gasparovic, introduce me to this exciting technology and how it will help organizations create better user experiences and improve security.

In this episode we'll answer questions like:

  • Why usernames and passwords create such an unsatisfactory and unsafe user experience.
  • How ForgeRock Go fixes this problem with an out-of-the-box implementation of the WebAuthN standard.
  • Plus, we'll look at a demo of ForgeRock Go in action!

I hope you like this week's episode of ForgeTalks. Make sure to swing by next week for Part 2 of this mini-series where we look at how the ForgeRock Trust Network enables even more incredible user experiences. And if you missed last week's episode with Chief Revenue Officer Pete Angstadt on the Five Ways Identity Pays check that out here.

ForgeTalks: Five Ways Identity Pays

Welcome back to another episode of ForgeTalks. Our guest this week reveals different ways poor digital experiences cause businesses to leak money. The good news is Identity solutions can help. ForgeRock's Chief Revenue Officer, Pete Angstadt, shares his list of top 5 Ways Identity Pays. You'll get answers to big questions about the future of digital transformation and the business value identity can deliver.

  • Why are forgotten passwords undermining your organization’s bottom line?
  • How artificial intelligence can save you massive amounts of time by automating manual tasks.
  • And how ForgeRock's approach to cloud can cut thousands of hours for identity architects with accelerator kits.  

I hope you enjoy it!  If you missed last week's episode on Virtual Banking with ForgeRock's Ajay Biyani, you can check that out here. And tune in for next week's episode which will be part one of a two-part mini-series on ForgeRock Go - our answer to eliminating the need for the hated username and password.

Come see how ForgeRock’s platform drives financial upside with our ROI calculator here

ForgeRock Congratulates BMW on Prestigious KuppingerCole Award

I have such a great job. I’m constantly inspired by ForgeRock customers all over the world who are delivering breakthrough digital experiences. So I know that these individuals are innovating beyond expectations, but it’s always gratifying when the industry also gives credit where credit is due. KuppingerCole, Europe’s leading analyst firm for Information Security, awarded BMW its prestigious KC Virtual Award.

The KC Virtual Awards honor outstanding Identity Management (IM) and Security projects and this year the award for the best IAM for Digital Transformation project was bestowed upon BMW. The globally recognized automaker has a strong focus on identity. The company manages 25 million identities ranging from employees to customers to dealers, ensuring the right people are using the right products and apps, and enjoying the best possible digital experience.

How Did BMW Do It?

It was important to BMW to ensure ease-of-use so its customers and partners can easily and safely access various BMW applications. To achieve this, BMW needed to consolidate its numerous disparate systems and build a central Identity Platform (IDP) for the whole organization to better serve its employees, customers, partners, car dealers and technical providers. Prior to the consolidation, BMW was developing tons of custom code to connect various systems, which was costly and time-consuming. The disparate systems also required users to log in to multiple systems multiple times, which complicated the goal of a seamless user experience.

BMW embarked on an identity strategy, called OneIDP, which required the company to consolidate 20 different Identity Management and Access Management (IAM) systems that supported its three brands (BMW, Mini and Rolls Royce and other entities like BMW Financial Services) into one. With this project, BMW wanted to:

  • Offer an exceptional and seamless user experience 
  • Reduce onboarding and maintenance cost through automation
  • Achieve faster time to market through automation
  • Increase scalability
  • Enable new business cases such as IoT
  • Increase performance

ForgeRock’s platform enabled the company to bring together its identity systems and achieve significant cost savings, improve time to market, scalability and compliance. The new approach, which supports 25 million users, also allows BMW to deliver critical data and services to consumers, partners quickly, easily and securely. Stephanus Reiger, Group IT--Infrastructure and Technology Management for BMW Group, recently participated in a virtual panel during ForgeRock Identity Live and said, “ForgeRock is essential for us to create a central IDP for BMW.”

BMW for the Win!

Since deploying OneIDP, BMW has surpassed expectations. For example, rolling out new applications was costly and took up to 15 days. With ForgeRock, the process is automated, making it possible to deploy new apps within seconds and at zero cost. Additionally, internal performance tests revealed that BMW can process 8,000 authentication requests per second. During the award ceremony, Gerald Maier, IT Solutions Architect for BMW, said, "I'd really like to thank the 2 partners, IC Consult...and of course ForgeRock because in my opinion they not only have excellent software, they really supported us with excellent knowledge and experience."

Click here to read more about the BMW story. Want to learn more about how to replicate BMW’s transformative identity solution? Find out how you coexist, migrate, or retire your IAM system here


ForgeTalks: The Rise of the Virtual Bank

Welcome to another episode of ForgeTalks! This week I caught up with Ajay Biani who heads up the ASEAN team here at ForgeRock. In Southeast Asia, they're seeing a massive uplift in virtual banking, and Ajay was kind enough to take me through what a virtual bank is, why we're seeing such a big surge in virtual banks, and what it takes for financial services companies to be successful in today's digital world.

I hope you like this week's episode. If you missed my discussion last week with ForgeRock CTO Eve Maler, you can check that out here. And make sure to stop by next week when ForgeRock's CRO Pete Angstadt gives us his Top 5 Ways Identity Pays.

Autonomous Identity: Maximize Your Identity Investments With AI-Driven Identity Analytics

Like most organizations, you’ve probably relied for years on legacy identity governance and administration (IGA) solutions to manage user access, ensure compliance, and protect vital data. Unfortunately, these solutions are falling short in their ability to meet your ever-changing business requirements and needs today. Why? Legacy IGA solutions don’t provide enterprise-wide visibility or identity context. Instead, they operate in ‘identity silos’ based on static data, including assignments, roles, and entitlements. Combined with the increasing volume and type of identities, this can leave your already overburdened risk and security teams struggling to keep up as they manually provision access privileges and rubber stamp access requests and certifications. The resulting operational inefficiencies can leave your teams blind as to who has access to what and, more importantly, why they have access. Without enterprise-wide visibility and contextual insights, organizations will continue to have outdated access rights and privileges, which can leave them increasingly exposed. 

Take heart. There is a light at the end of the tunnel. ForgeRock has developed an AI-driven identity analytics solution, Autonomous Identity, that allows organizations to maximize the business value of their existing IGA solutions by addressing identity and governance solution gaps. So, how is this accomplished? Read on.

How ForgeRock Autonomous Identity Addresses Legacy IGA Challenges  Legacy IGA Challenge: Identity Silos ForgeRock Solution: Contextual, Enterprise-Wide Visibility

Unlike siloed legacy IGA solutions, ForgeRock Autonomous Identity collects and analyzes identity data from all data sources to gain enterprise-wide visibility into all identities and their access rights. This provides security and compliance teams with contextual insight into who has access to what and why. 

Legacy IGA Challenge: Access Blind Spots ForgeRock Solution: Access Risk Awareness

Legacy IGA solutions have user access blind spots. ForgeRock Autonomous Identity increases your visibility by leveraging AI and ML techniques to proactively analyze all identity data and contextually identifies user access and entitlement risk across the entire organization. In turn, it identifies and highlights high-risk access and inappropriate access privileges to compliance and audit teams.

Legacy IGA Challenge: Inappropriate User Access ForgeRock Solution: Access Rights Identification

Say goodbye to manual rubber stamping and bulk approvals. ForgeRock Autonomous Identity automates the analysis of all identity-related data across the enterprise. By analyzing and quickly identifying the entire user access landscape, organizations can proactively rectify overprovisioned users and outliers, recommend remediation, and automate the removal of access rights when appropriate.

Legacy IGA Challenge: Inappropriate Access Privilege Patterns ForgeRock Solution: Enterprise-Wide Access Insights

Instead of relying on manual access analysis of security and compliance teams, ForgeRock Autonomous Identity saves time and effort by automating insights into all user access patterns. By continuously ingesting new identity data, Autonomous Identity evolves its machine learning (ML) model to understand dynamic changes within the organization. This enables it to predict and identify outliers, including inappropriate access privilege patterns and unauthorized user access across the entire enterprise. 

Legacy IGA Challenges: Manual User Access Approvals ForgeRock Solution: Automated User Access Approvals and Remediation

Eliminate the need for manual approvals and remediation. ForgeRock Autonomous Identity enables the automatic approval of high-confidence, low-risk access requests and certifications, as well as the revocation and removal of stale user access rights. This AI-driven identity analytics approach reduces operational access request burdens and accelerates certification campaigns without exposing the organization to unnecessary risk.

ForgeRock Autonomous Identity Benefits


By integrating ForgeRock’s Autonomous Identity AI-driven identity analytics on top of your legacy IGA solution, you can save time and money and meet compliance standards with confidence. Additionally, with the solution’s actionable information, your security and risk teams can quickly and efficiently achieve least privileged access by continually receiving a refreshed enterprise view of all user access rights. 

Maximizing the business value of your existing IGA solution with ForgeRock Autonomous Identity results in improved operational efficiencies and accelerated decision making, while significantly improving your risk posture in our dynamically changing digital world. 

Read Maximize the Value of Your Identity Solution with AI-driven Identity Analytics to learn more about how Autonomous Identity addresses the challenges caused by legacy IGA, or contact us today to start your AI-driven identity analytics journey.

ForgeTalks: Are Privacy and Security Still Important?

Welcome back to ForgeTalks. In this week's episode, I catch up with Eve Maler, who was recently appointed Chief Technology Officer at ForgeRock.  I sat down with Eve to discuss whether privacy and security are still important in the digital identity industry, and what advice she has for businesses trying to balance privacy and security with amazing digital experiences.

I hope you enjoy this ForgeTalk!  If you missed our last episode where CPO Peter Barker breaks down Autonomous Identity, check it out here. And tune in next week where I dive into virtual banking with my good friend and Managing Director of ASEAN, Ajay Biyani.

ForgeRock Identity Live 2020: What Our Customers Are Saying

CEO Perspective 

ForgeRock Identity Live 2020 went virtual last week! It was exciting to connect with everyone, share what is happening at ForgeRock, and learn from each other. While I would have preferred to meet in person, the conversations with customers and partners were just as meaningful. We heard from leading brands around the globe about how identity is shaping the future of their organizations and saw some amazing product demos from our ForgeRock team. 

Top of mind for everyone was how we’ve all experienced the way we live change overnight. The pandemic has put greater emphasis on the need for digital identity solutions that can keep employees productive and consumers connected while still protecting the security of the enterprise and the privacy of the user.

In the last nine weeks, we’ve all been grappling with similar questions. 

How do you provide secure and frictionless access to apps and information for a remote workforce? How do we reduce the enormous strain and complexity an increasingly remote workforce puts on IT teams? How can businesses keep the costs of things like password resets down when more people are creating new online accounts daily? And how can we help consumers, citizens and students get to the things they need easier and from any device? 

We heard our panelists ask and answer these very questions. We believe artificial intelligence (AI) is the way forward when it comes to access and enabling smooth and secure experiences. 

We were also reminded that digital transformation is a journey – no two organizations are the same. Aside from delivering amazing solutions that are simple to use, provide superior security and intelligence, and are delivered as a cloud service – we must also create a path that can either help you leapfrog from where you are today or build on what you have at your own pace. 

With the advancements in the ForgeRock Identity Platform, we’ve made orchestrating identity journeys even simpler and more secure, and that includes solutions like ForgeRock Go, aimed at making usernames and passwords a thing of the past. It was gratifying to hear Sean Carrick, vice president, identity operations and engineering, LPL Financial, echo our belief that it's a strong addition to the platform. 

Balancing user experience with security is critical. Verizon IT Executive Director Manah Khalil pointed out that the power of artificial intelligence (AI) will help determine what makes one of their millions of customers distinct while also protecting their privacy. 

The cloud is a great opportunity for organizations to deploy their infrastructure faster and at less expense. Understanding that everyone’s cloud journey is at a different stage, we’ve made it simple to manage identities across all use cases and with any cloud option – your cloud, our cloud, or a public cloud. 

Rich Kneeley, managing director of cybersecurity and privacy at PwC, shared that companies that have already moved to the cloud were in a much better position to respond to the pandemic than others: “Employees, consumers, and business partners are expecting greater collaboration, increased security, deeper personalization, and unique experiences as they interact with their trusted brands. Identity should be a business enabler for increased cloud adoption.”

When the reality of the pandemic hit, our customers had to act fast. Scalability and simplicity of deployment really matters. For example, the New South Wales Department of Education in Australia manages more than one million student and employee identities, making it the second largest school district in the Southern Hemisphere. Shane Gandy, director of identity management for the district, successfully navigated the pandemic and points to AI as a tool that will make similar challenges easier to overcome in the future: “With COVID-19, we had two weeks to mobilize all these identities for online learning with the understanding that some students don't have access to devices or even the Internet. We had to quickly and securely get people access to these services.”

Creating delightful user experiences is a passion at ForgeRock and essential in a digital world. That came into play at the Australian Securities Exchange (ASX) when the pandemic struck. “With COVID-19, we had to adjust to the volatility. In April and May, we had historic volumes of trading - 150,000 people joined or re-joined their accounts – and we went from $1.6 billion to $33.3 billion a day in revenue. Tools like multi-factor authentication (MFA) were very helpful in providing one front door for customers to enter and offer a better user experience, ” said Tristan Geering, Chief Information Security Officer, ASX. 

Final Thoughts 

The pandemic won’t be the last disruption for your organization. Customer expectations will continue to push your business to evolve. Accordingly, you need an identity platform that can flex with you and help you grow your business no matter the circumstance. 

We are committed to building on the strength of our AI-driven platform and enabling your workforce to be productive from anywhere, putting consumers on a happy path, and, most importantly, continuing to deliver innovation that does the heavy lifting for you.

This is how we see the future of identity and the role it plays for our customers. We launched a wave of new innovation last week designed to help you achieve this new reality.

I’d like to thank all our customers and partners who helped make Identity Live 2020 a success. Catch highlights from all three shows and hear from BMW, Accenture, Deloitte, and others here


CEO ForgeRock 


ForgeTalks: Smarter Access Is Here With Autonomous Identity

AI and the Arrival of Automated Access with ForgeRock Chief Product Officer Peter Barker 

We've talked a lot about the promise of AI and ForgeRock's investments in bringing the power of automation to its platform. I wanted to find out more about how we're delivering this advanced capability to our customers and how it will help them succeed. This week, I met virtually again with ForgeRock Chief Product Officer Peter Barker, to learn all about ForgeRock's amazing new Autonomous Identity offering. 

I hope you enjoy this latest installment of ForgeTalks. Make sure to tune in next week where I discuss Security & Privacy with our CTO, Eve Maler. And, if you missed last week's episode with Alex Laurie, you can catch it here.

ForgeTalks Episode 3: Creating Delightful Digital Experiences

Welcome back to another episode of ForgeTalks. I've heard the phrase "Delightful Digital Experiences" thrown around a lot, and I've never really been sure what it means. I caught up with Alex Laurie, who heads Global Solution Architecture at ForgeRock, to find out exactly what is meant by "Delightful Digital Experiences," and why it's so important for businesses competing in a highly digital world.

I hope you enjoy this latest installment of ForgeTalks. Make sure to tune in next week for my discussion with our CTO, Eve Maler who shares her perspective on why security and privacy are important in 2020. And, if you missed last week's episode with our CEO, Fran Rosch, you can catch it here.

Do We Still Need Pride in 2020?


The Stonewall riots in 1969 were a pivotal moment in LGBTQ+ history, leading to the first Pride events the following year in New York, Los Angeles, and San Francisco. London followed with its first Pride event two years later in 1972, and then the first Mardi Gras took place in Sydney in 1978.

Pride in those early days had a very obvious purpose. It was the coming together of gay people in a very visible way, with security in numbers. For one day every year, gay people could be out and proud in their home-town streets. They could be themselves. And they could hold their same-sex partner’s hand and not fear abuse. That’s why Pride was needed and celebrated.

Fast forward 50 years and the world has (mostly) changed. Being gay is much easier today than it has ever been, but there are still many parts of the world where it is illegal and even punishable by the death penalty. (Check out this interactive map.) The main thing you'll notice is that lesbian, gay, bisexual, and transgender people in Europe, the Americas, Australia and New Zealand are not criminalised. But does that mean, they have true equality and face no discrimination? 

As a gay woman in the UK, I can say things have massively changed in my lifetime. I no longer have abusive comments shouted at me on the streets as I did when I first came out. I had a civil partnership ceremony with my partner 13 years ago, which we converted to a marriage four years ago, so in a legal sense, we are equal now. 

But I have to come out time and time again. It's obviously a lot easier than when I did it the first time and most people don't bat an eye. But society is still very heterosexual in its outlook and that comes with its own set of assumptions based on how you look or act. So if you don't look “gay”, then people assume you will have an opposite sex partner, which can lead to awkward conversations and you having to come out again and again.

On a lighter note, my boss at one of my first jobs, on hearing I was gay, exclaimed, “She’s not gay, she’s French” as if the two were mutually exclusive. (And besides, I’m not even French!)

I have to consider my safety and personal well-being when choosing holiday destinations. There are large parts of the world where I don't want to travel because being me is illegal and I could face the death penalty. 

Even closer to home, we have seen an increase in attacks on gay people. Last summer, two women were attacked on a London bus by several men who felt they could demand that the women kiss for their benefit. This was not only a homophobic attack, but a blazing display of male entitlement. 

So is Pride needed today or is it just an excuse for a party? I would argue Pride is still very much needed, even in places where we have a lot more equality. For one thing, although things have got a lot easier for gay men and lesbian women, bisexual people still are perceived negatively and transgender people still face huge prejudices, even from within the LGBTQ+ community. And being “queer” is often completely misunderstood, as is anyone who chooses not to be constrained by gender labels. 

Pride is a chance for everyone in the LGBTQ+ community to come together as they have for the last 50 years – to be visible, be out and proud, and feel included for at least one day. It is there to make it easier for a younger generation of LGBTQ+ people, who may be bullied or feel pressured to be straight, to come to terms with who they are, know they can be themselves, and not feel marginalised. Even if it’s just temporary, it gives hope. Equally important, Pride is for our allies, for us to all stand together, united. Pride should very much continue to be celebrated.

I went to my first Pride event in years last year – spurred on by the LGBTQ+ initiative at ForgeRock. It felt great, marching with my wife and coworkers at Bristol Pride. This was not something my younger self could ever have imagined!

I wholeheartedly support the ForgeRock LGBTQ+ initiative. It is a great way to make everyone feel more included and has created a safe space for LGBTQ+ people. Undoubtedly, it has helped the company recruit a more diverse workforce. I chose a company with an active drive for inclusivity over any other company when looking for work. I know there are a lot of allies within ForgeRock – and that is really cool. Unfortunately, there are people who don't think it's needed, and they are the very reason why these types of initiatives (and Pride in general) remains important. Having said that, I am confident that we will continue to make progress in educating ForgeRockers.

2020 would have been the year to celebrate 50 years since those very first Pride events but unfortunately, many have been cancelled or postponed due to the Coronavirus pandemic. Despite this, we must continue to celebrate Pride virtually, and we must strive to become more inclusive and more equal. There have been great strides made in LGBTQ+ rights in 50 years, but we must not become complacent, as there's still a long way to go.

Click here to learn more about Inclusion and Diversity at ForgeRock.

ForgeTalks Episode 2: Jumping Into the Shoes of Our Customers

Welcome back to ForgeTalks. Our CEO Fran Rosch is always telling us that "feedback is a gift", and it's true, we do value customer feedback at ForgeRock. In this episode, I sit down with Fran to discuss his thoughts and learnings from a recent virtual session he had with our customer advisory board. It was great to hear how our customers are using identity, as well as what they think of our future innovations.

Grab a drink and a snack and enjoy this episode of ForgeTalks.

Coming Soon: Don't miss our next episode where I sit down with Alex Laurie and discuss delightful digital experiences.

Check out ForgeTalks Episode 1: A Roadmap Deep Dive here

Evolution from IDaaS to the SaaS-Delivered IAM

As enterprises rapidly evolve their overall cloud-first strategy, they are also rethinking their identity and access management (IAM) deployment models. The question on everyone’s mind is how to transition from on-premises IAM, which they invested in so heavily over many years, to the cloud and still maintain full functionality.

Many organizations embarked on the journey to cloud with a hybrid cloud approach. Often, they deployed their legacy on-premises IAM solutions in their own private clouds and just leveraged the public cloud as another data center. This gave them more flexibility to scale on demand and provided the agility to meet the business needs of dynamic and ever-changing workloads without the need to invest heavily in their infrastructures.

Others chose managed services, outsourcing identity management to a third party that has the expertise and staff to run and maintain on-premises identity solutions. IAM managed services was a viable alternative for organizations that were challenged to hire, train, and retain professionals with the skills required to manage and support IAM operations.

And some were early adopters of pure-play identity as a service (IDaaS) solutions – a term whose meaning has evolved over the past few years. In the past, Gartner published a dedicated magic quadrant for IDaaS and defined it as, “a predominantly cloud-based service in a multi-tenant or dedicated and hosted delivery model that brokers core identity governance and administration (IGA), access, and intelligence functions to target systems on customers' premises and in the cloud.”

The problem with these solutions, even back then, has been their limited capabilities. But the good news is that they are evolving quickly and are becoming more feature-rich and robust. With that evolution, Gartner has changed the name of the category as well to SaaS-delivered Identity and Access Management (SaaS-delivered IAM).

Why are people transitioning to SaaS-delivered IAM?

This is primarily driven by the increasing demand for more comprehensive cloud IAM capabilities from customers who want to consume more and more IAM functionality as a cloud service.

Market projections show that the IDaaS market is expected to grow from USD $2.5 billion in 2019 to USD $6.5 billion by 2024, a compound annual growth rate of 21.1%.1

We here at ForgeRock offer a comprehensive IAM platform, whether you choose our software version to deploy it in your own data centers, private cloud, hybrid cloud, or public cloud or you choose to consume it as a service provided by us. This is the foundation of the ForgeRock “your cloud, their cloud, or our cloud” strategy. The goal here is to provide you all of the features and functionality that meets your enterprise needs, however you decide to consume it.

ForgeRock Identity Cloud

Identity Cloud is the comprehensive ForgeRock Identity Platform delivered as a cloud service. It enables you to reduce operational risk by consuming the IAM service from a trusted vendor and reducing the total cost of ownership (TCO) by offloading the infrastructure and maintenance of the platform. This allows you to focus your energy on developing business IP, not creating and running IDAM solutions or infrastructure.

Even if you’re thinking about moving to the cloud but are not quite ready for it, you can still take advantage of ForgeRock’s complete suite of modern capabilities that address any identity need, in any environment.

Read more about the ForgeRock Identity Platform and the ForgeRock Identity Cloud or contact us to get your specific questions answered.