Ever wondered how an economics graduate ends up orchestrating identities in the tech world? Join us as Gerry Gebel unpacks his incredible journey from an unexpected programming class to spearheading a bank's leap into IBM technology. His story, far from typical, is a testament to seizing opportunities and navigating the dynamic landscape of IT. In our engaging conversation, we uncover the perks of smaller companies, the diverse roles waiting to be filled, and why understanding the bigger business picture is just as crucial as technical expertise.
This episode goes beyond code, shining a light on an often-overlooked skill in IT: writing. Gerry Gebel and I dissect how penning down complex tech concepts isn't just about documentation—it's a powerful tool for persuasion and clarity in a field where the right words can mean the success of a project or the resolution of a dispute. We also peer into the future of Identity and Access Management, speculating on how it must evolve to keep up with the cloud's scale and what this means for strategies and solutions in the space.
Finally, we navigate the latest currents in identity management, from the allure of passwordless systems to the necessity of AI's touch in the domain. We scrutinize how design considerations, like user-friendly interfaces, are critical in the era of serverless computing and how IAM solutions must adapt to offer robust oversight. And as we zero in on the push for standardized fine-grained authorization systems, we highlight the strategic edge of staying abreast of AI advancements, ensuring our listeners are well-positioned to ride the wave of tech evolution. With Gerry Gebel's insights, this episode is a treasure trove for both seasoned IT professionals and those considering a fresh career path.
Affiliate Links:
NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902
Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today
Ever wondered how an economics graduate ends up orchestrating identities in the tech world? Join us as Gerry Gebel unpacks his incredible journey from an unexpected programming class to spearheading a bank's leap into IBM technology. His story, far from typical, is a testament to seizing opportunities and navigating the dynamic landscape of IT. In our engaging conversation, we uncover the perks of smaller companies, the diverse roles waiting to be filled, and why understanding the bigger business picture is just as crucial as technical expertise.
This episode goes beyond code, shining a light on an often-overlooked skill in IT: writing. Gerry Gebel and I dissect how penning down complex tech concepts isn't just about documentation—it's a powerful tool for persuasion and clarity in a field where the right words can mean the success of a project or the resolution of a dispute. We also peer into the future of Identity and Access Management, speculating on how it must evolve to keep up with the cloud's scale and what this means for strategies and solutions in the space.
Finally, we navigate the latest currents in identity management, from the allure of passwordless systems to the necessity of AI's touch in the domain. We scrutinize how design considerations, like user-friendly interfaces, are critical in the era of serverless computing and how IAM solutions must adapt to offer robust oversight. And as we zero in on the push for standardized fine-grained authorization systems, we highlight the strategic edge of staying abreast of AI advancements, ensuring our listeners are well-positioned to ride the wave of tech evolution. With Gerry Gebel's insights, this episode is a treasure trove for both seasoned IT professionals and those considering a fresh career path.
Affiliate Links:
NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902
Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today
I was going. Jerry, it's great to finally get you on the podcast. It feels like we've been trying to plan this thing for probably a year at this point.
Speaker 2:Almost. I don't think it's been that long, but it has been a while. Yeah, it's great to be with you here today.
Speaker 1:Yeah, it at least feels like it. I'm really interested in hearing your background. You know how you got into IT, what made you want to get into that field, you know, and just hearing that story, the reason why I started everyone off there is because you know there may be some listeners that are trying to do that jump themselves. They're trying to do a career change in IT and I feel like hearing everyone's story, you know, lets them know that, hey, this is possible for me. If this person did it, maybe it's possible for me.
Speaker 2:Yeah, sure, I guess I have one of those non-traditional entries into the IT world.
Speaker 2:I did not have a computer science degree, this is an economics degree back at college, did a little bit of programming work there.
Speaker 2:I was doing one or two of my courses and then I bounced around a little bit and then decided to take a programming class at a technical school and I think there was like a six month program or something like that and was fortunate to get an opportunity at a small savings bank in New Jersey that was converting from, of all things, burrows, the gaming equipment, onto IBM Tech. So I was part of the new IBM based team plan and that was really my start into the IT world and then later on worked at Chase Bank in New York and got more focused on the security aspects of the mainframe and middleware and literally web-based and you know it was before we called it identity management, but later on was part of the identity management emerging market, if you will. When I joined the group as an industry consultant and then as an analyst and then from that and went to the software side, you know was that Axiomatics a sweetening based, fine-grained authorization vendor for several years and then now coming up on three years at Stratap, identity and Head of Standards.
Speaker 1:You know, when you, when you look back on your start, you know it kind of sounds like it was a right time, right place sort of situation. Is that how you look at it as well?
Speaker 2:Absolutely. It was very fortuitous that, you know I decided, then you did the data of the program in class and then, of course, you know that there was a local opportunity at this bank that I was able to join and really learned a lot under the through-lead of, you know, some more senior folks there. It was really a great place for me to get started. You know, got about it.
Speaker 1:Yeah, I'm sure you know, starting in that kind of environment is it's like trial by fire, right? Do you? Do you find yourself enjoying those larger environments, or do you like the smaller, the smaller environments?
Speaker 2:Yeah, definitely in more of a small company kind of person these days. You know the savings bank well. We had to think about 100 branches. At the time. You saw a lot of the employees were, you know grab range-based people, but the IT department that I worked in was was fairly small. Of course, chase Bank was a huge company. When I left there were almost 100,000 employees. Now it's quite a bit larger than that even. And when I joined Burton Group I think we were about 50 people and 150 earlier about when the company was acquired by Gartner, and then you know with Axiomatics and now Strata, you know both less than 100 person companies. So yeah, I definitely like the smaller environments. You know there's no place to hide. You know everybody in really has to pull their weight. You get to do a lot of different things so you're not just boxed into one single area. You get to work on different things. I enjoy that for sure.
Speaker 1:Yeah, I feel the same.
Speaker 1:You know, like after being in the field for about 10 years now, you know I've worked at really large companies and very small companies.
Speaker 1:You know 30 person startup like companies, and I really appreciate the experience that I've gotten at the really small companies. You know, because you have to wear so many hats, you know you're wearing customer service, you're wearing engineer, even some developer or whatever might be right, and the experience that you get is like invaluable. You know, I feel like I feel like people you know always think that like the only place that you could get real valuable experiences from, like you know, the big name tech companies like video or Facebook or whatever might be, but I feel like there's a lot of other companies that are doing really cool things. Especially now, with how you know the space is where everyone can really dive into whatever they want to write with AI, you know you can easily very cost affordably, you know get into AI and integrate it with your product and things like that, right. So there's a lot of room now that exists with these smaller companies that are able to do a lot more with it for you to get that experience.
Speaker 2:Yeah, I think that's right and you know, the barriers to hatred into different fields are definitely lower with a lot of the automation and AI capabilities that are out there. You know that can help bootstrap you in different ways. I definitely agree with that. I didn't, you know, get going back to the smaller work environments. You can get exposed to different areas, like you're saying, and maybe ultimately you specialize in one area or another. But I think having that exposure is also valuable because it gives you a sense of a bigger picture.
Speaker 2:You know what does it take for a company to operate, and that's going to be super valuable, even if you go to a large company with 10,000 or 50,000 employees. And having that awareness of how the company operates and functions from a business perspective is super important, especially to us, I think, people you know just sometimes we're disconnected from that but also learning how different departments have to work together and but it is a matter of scale, you know, can that scale up to a large organization? And maybe, if you're more comfortable in that environment or maybe not, you will realize that. You know, I prefer to know that 100 to 500 employee size company. So it gives you that level of exposure experience, I think is super important.
Speaker 1:Yeah, the larger companies. They have very unique problems. You know, like how do you build an internal application to scale, you know, across the globe for half a million people, right, like it's internal and you have to make sure that it's completely protected with everything. You know it has people's, you know, private information in it. That's a problem that you're not going to get at a really small company, right.
Speaker 1:And it's interesting to go back and forth between you know, kind of the two sizes I haven't really seen too much in the middle, but you know it's interesting to go back and forth between them because you see these really large problems. And then you know you go to the smaller environments like, oh, we need to. You know kind of plan for this and this and this. You know we need to be thinking ahead for this Because that's where those bigger problems down the road are really mitigated. You know up front. You know, when you look back on your career and the different skills that you've obtained, is there one place that you've been that you have felt has given you the most I guess ROI, right the most skills, the most valuable skills, whatever it might be.
Speaker 2:I think I would have to point back to my time as an analyst because it really helped to sharpen my writing skills, because you know, we're doing research reports every quarter and you have to review that with your peers and then it goes through a copy edit process and let me just say that it was like getting the English comp lesson every quarter when those redlined reports did that.
Speaker 2:So I think that was being valuable in helping you to be a better, brighter and had a great writer, and I think that's a universally valuable skill to have, I would say. Second to that is being able to become a decent presenter at a conference or on a webinar or what have you. But overall it was teaching me to be more specific and precise with the language that I used, because that's what you know that environment was all about was being able to put forth an analysis of a market segment or a vendor or what have you, and kind of top it and then be able to defend that position when you're being questioned by your customers or by the audience. So that's a skill set that I really am grateful to have, you know, being able to go on during that time.
Speaker 1:Yeah, that's really fascinating, right. I've been talking to a lot of people lately and the idea of writing as a skill in IT keeps coming up, and it keeps on coming up as being a very valuable skill, which is it's interesting to me because, like me personally, you know, I am not interested at all when I'm told I have to write some document on something. You know I try to avoid it. But I've been on teams where we have had, you know, a technical writer right there on the team and they're writing down everything you know that we're doing for different processes and whatnot, and they're, you know, adding context and everything and they create, you know, fantastic documents. Right, they're doing the stuff that none of the engineers want to do, that's for sure. But it's coming up, as you know, a really valuable skill which I find interesting mostly because it's not like a traditional skill of IT and yet people are finding that it's in higher demand or in growing demand for them to have that on their IT team.
Speaker 2:Absolutely. I mean for me personally. It's a bit ironic because you're in college. What did I hate the most of in the final exams? Doing research reports. Yeah, here, I ended up doing it for more than nine years as a profession, so definitely some of my professors were enjoying that moment, I'm sure in the graves. But it is super important to be able to write because if you need to justify a project you know you want to start, you can say, from a customer's perspective, I'm going to deploy some new identity or security system. Well, you need to be able to convince the stakeholders who are going to approve that budget that this is a worthy cause. And if you can't adequately write that in a document or do you present that in a presentation format, then your chances of getting that project approved go down precipitously. So, yeah, it's super, super important for those reasons and many others, yeah.
Speaker 1:Yeah, absolutely, it's becoming invaluable, honestly, especially if you're a technical person that has those skills and they're able to do it. Being able to defend your work in a written email to an angry customer is a skill that you're only going to use a couple of times. Hopefully, I mean hopefully you're not making a lot of customers angry, right? But it's a skill that if you have it, you're really going to shine. And I remember earlier on in my career I was always taught like when you're building these cases against customers necessarily not a case, but the situation was where when we're setting up the system, if a customer misconfigures it, they can incur a $100 charge for doing the wrong thing, for making the wrong phone call, and that's not a $100 charge from us, it's a $100 charge from this national agency. So it's the same thing for everyone in the country, irrespective. You know we're just passing on the feet and when that's going on, you know when you're getting them set up, it's your job as the technical SME to identify that immediately and reach out to them and say, hey, let's avoid, let's avoid these. Right, because we'll cover, you know, the first couple and whatnot. Right, because we're getting you set up and whatnot.
Speaker 1:Well, this customer, you know I don't know where, where it came from for them. They just decided we're going to test. You know 20, 30, 40 of these things you know in one sitting, within 30 minutes, and you know let's see what happens, right, and they didn't want to pay. They didn't want to pay when it, when it came due, and I wrote this. You know really well described email of all the phone calls I made, the timestamps, the emails I sent, the screenshots. You know every single thing. And the guy at my company that's actually tasked with, you know, getting the customers to pay this fee. He came over and he said, if they send anything other than a check, I would be shocked. It's like, how can you defend any of that? Right?
Speaker 1:Well yeah, I mean, that's, that's a skill you know that I've had to use a couple times, right, not a lot, but it does absolutely separate you apart because after that, after that one experience, you know, I had other people coming to me for input with a difficult customer email and things like that. You know, and you know I'm just a young, you know tech guy, young app specialist. You know I don't know anything, right, I could probably write better than I could any technical you know task or whatnot. Right, it's, it's interesting how that played out. So, you know, I wanted to, wanted to ask you where do you think the future of IEM is going? And the reason why I ask is because we're kind of in, we're kind of in a limbo phase right now within IEM.
Speaker 1:I would say right, because we're on the cusp of IEM really changing, really changing significantly, I feel. But we're still trying to use older solutions for new problems. You know where a PAM solution used to be the end, all be all. You get a PAM solution, you get something that you know can, can kind of have a self-service functionality with roles and and permissions, and you're pretty set. You know, you're pretty locked in, you're good to go. And now we're finding that that doesn't really scale well with the cloud, and the cloud has so many different facets to it. Iem is so different in, you know, each cloud that that that teams are having issues keeping up and their, their solutions, that they've already invested millions of dollars into, are not keeping up and they're not going to keep up. So you know, where do you, where do you see this going? Where do you think the future is with this?
Speaker 2:Well. Well, there's I mean, lots of different things happening within the identity management market. You know a lot of advancements have occurred recently in authentication. I think over the last several years we've had more and more emphasis on using stronger methods of all the dedicated rather than just relying on passwords. You know we keep hearing that year X is the year that passwords go away. We've made some progress toward that. I think the latest iteration of that technology trend is now in password list systems. We're using other technologies rather than the different line on the other number of passwords, the longings, so that that's going in its own trajectory.
Speaker 2:But there, as you said, there are so many different components to identity management infrastructure and so many of them, as you said, that we used in the data center are not very applicable to cloud native environments. And of course, every cloud has its own method of doing it and the or doing access, and within the cloud it's up and down the stack to write, you know, the application layer, the infrastructure, the network for data, all of these different techniques and technologies. So I guess one of the one of the things we see being valuable in this area that has been applied elsewhere is abstraction and orchestration. You know, if you think about where Kubernetes is today, you know what happens. Before. Then you had the end where making virtualization a commodity, right, or you get to the mass market, and that was the prevalence for a period of time.
Speaker 2:And then we switched to containers. You're running our apps and workloads and APIs within containers, but then how do you manage a containerized environment, due to all the complexities that you point out? You know, if I want to run workloads across clouds, you know how do I do that. Or even across different regions within a single cloud platform. So that's where Kubernetes evolve, right. Kubernetes abstracts away the complexities of each cloud platform and allows you to do that. Orchestration, right to manage workloads for availability, for, you know, automatic or elastic assay, and so on. So I think these principles more and more. He applies you to identity and that's a time that will continue.
Speaker 1:Yeah, you talk about the different trends overall of technology and now we have this serverless thing right. It's funny because you know we call it. Serverless functions right, but they're running on servers, yeah ultimately, they are yes.
Speaker 1:Yeah, and they're significantly more complex to track and monitor within the environment. You know, because I feel like the overarching technology evolution is growing much faster than what security solutions are keeping up with. You know, that's why we kind of see so many new security companies, I feel, come out of the market so often is because there will be a fringe. You know technology evolution in one area like serverless, and now we have a security company that's built around how to protect it, how to monitor it, things like that, something that we didn't need before, but now you know there's a growing need for.
Speaker 1:And you know, same thing with IAM. Right, like, these IAM solutions, they have to grow, they have to have more visibility into the cloud, they have to be able to tie things together and monitor who's accessing, what roles are accessed and used. And you have to do this, you know, across all of the clouds right, all at the same time and be able to tie it together in a way that is simple for that analyst to look at and understand what's going on. Right, like there's a very short window that these analysts actually have to look at these things right to determine if they need to pay attention to it or not, and I always appreciate a good product that takes that into account right and kind of thinks that through, and you can always tell when a product thinks that through. Is that something that you also look at because of your prior experience as an analyst?
Speaker 2:Yeah, and also comes through. With my experience at an end user company, you know, being on that side of the table where we're concerned about uptime and availability and resiliency, for example, and wanting to make sure that a product, while it has, you know, a purpose of securing a certain aspect of the operation, will that work in my operation? You know it is applicable to me in my environments and so, yeah, that really comes through and we do. We have to think about that right now as we're looking at new features or functionality or capabilities to move a strata product set and trying to address certain scenarios. You are we approaching this from the end user's perspective? You know that that sock analyst or, you know, the CISO office or the auditor or whomever, is the person that would be operating that functionality from the other side. You know, are we hitting all the notes that they are interested in? You know? So that's absolutely part of that. You know that product planning perspective.
Speaker 1:Yeah, it's, um, I find it, you know, kind of UI design. I find it to be fascinating, right, because when I, when I was an analyst, and I was going through the different venues in our solution, you know, there would be times where I could I would say, hey, these two things, they can be combined. Right, like, why do I have to go to these several different places to configure this one thing? You know, like, this is a common use case, right, why don't we just put this all in one place? And so I'm not going around? Right, and looking at it from a process perspective, I feel like it forces you to be more customer centric, you know, especially when you deal with bad products and products that you know don't make any sense and you have to configure the same thing and three or four more different places just to, you know, make sure that it's configured and acting right and all that sort of stuff.
Speaker 1:Like that sort of you know, product I typically hate and I try to steer away from, because I've had poor experiences with it. Right, I've had, I've had products do things that were unintended and I thought that I had configured it. You know, one way and it did another thing, and I reach out to support and they're like oh, you know, you forgot this other. You know, tucked away sub menu, you know that has this configuration as well, that that's what it really keys off of. You know it's like guys, what If it says it? If it says it in one place, it should just be it. You know, like that should be the solution.
Speaker 2:Yeah, a couple, yeah, a couple of thoughts there. I mean, even when you're using a website, you know, for personal use and things are disorganized, or you know I'm mentoring data over here, but that it could. The button for accept or next is, you know, all the way in the far corner. It's just even simple usability. Things like that stand out to us.
Speaker 2:I guess you know, based on our past experiences, but also we, when we're thinking about, you know, product design, you know we have folks that have really specialized in that area and they're super good at it and we don't want to just focus on what we call the happy path. You know, when everything works well, great. But, like you were just describing, you know where, if I get myself into a corner and something doesn't work, you know we want to which part of steer people back or give them. You know that's a place to have a help you know logo or something to help them get out of that corner. So you want to think of okay, where, where can the user go wrong because I haven't maybe designed things perfect and help them out of that so they don't have to get on the you know the phone to your support folks.
Speaker 1:Right, yeah, always limiting how often you know a customer has to call support is it's a great thing, that's for sure, and he's. Any support person would say that you know. To kind of circle back to IAM, what are some emerging areas for emerging problems that you see IAM, you know, kind of transforming or evolving into to solve?
Speaker 2:Yeah, maybe I can talk about a couple of initiatives that I'm involved with. You know one we started here at Strata to deal with access policy differences across that multi-cloud scenario that we talked about earlier. You know, with each of those platforms having different ways of defining an access rule or policy, and you know how do you manage that because, you know, without some kind of policy orchestration model, you've got to have some subject matter expertise, you know, to cover all of those areas. So we've come up with a, you know, a standard way to define an access policy. You call it identity query language and we built an open source system called HEXA that can translate to and from the. You know that identity will standard format into, you know, the slope format of a cloud system and that's a CNCS project, probably made it from CUNY Foundation, and you know we continue to build out that accessibility and, you know, show how that kind of model can work. So that's, you know, one way we're trying to help address the complexity of the cloud access systems, you know, through, again, abstraction and orchestration. So that's one area.
Speaker 2:A second area that is involved in is now a working group at the OpenID Foundation. So those are the folks that pre-use. You know share signals framework and continue to do this access evaluation profile and open ID connect and such. So there's a new working group that's working on standardizing some of the interactions of fine-grained authorization systems. So there's many of them out on the marketplace. You know most of them are proprietary models. You know some of them are based on Open Policy Agent or the exactable standard or other formats, but there's not a lot of interoperability. So the authorization exchange, or a lot of Zen working group for short, is working to standardize some of those interactions between authorization systems and we're aiming to do an interop demonstration at the Identiverse Conference late May with the first basic profile. So those are a couple of things that you know we're involved in here at Strata. You have to try to help the industry move forward in a more standardized way.
Speaker 1:How do you think AI is going to be impacting IAM? What impacts IAM? How do you see that going?
Speaker 2:Well, there's a lot of people interested in both of those projects and a lot of focused energy on it right now and I think, with the intention in the industry around security and all of the breaches that we continue to hear about, some of those kind of issues can be dealt with with these two projects, but it's just a way to try to improve security overall and there's a lot of interest out there and a lot of grounds will be mentioned behind them, he says.
Speaker 1:Yeah, it's interesting to see where the space goes in the next five years. Right, it's just a fascinating time because I feel like there's a lot that we don't know of what's to come just yet, especially with that huge X factor of AI.
Speaker 2:Well, it took us before we mentioned AI, and it's pretty good actually.
Speaker 1:Yeah, I mean, I've had a whole podcast about AI and quantum cryptography and all that sort of stuff. It's a fascinating area, that's for sure. But I wonder. I just try to look at everything from the perspective of if I was starting over today, right, what's the thing that I'm trying to future proof my career against? What's the thing I'm trying to learn now that in five or 10 years is going to be very valuable, right? And obviously one of those things is AI. But AI is so broad you really have to dial it in and figure out what niche of AI you should be taking part in. So that's how I approach it. Is that how you look at it as well, or how do you view the industry like that?
Speaker 2:I think with any new technology that comes onto the scene, especially one that is so impactful as artificial intelligence, you really need to examine how that number one ethics your own career path. Which is going to do for me or against me and I would say most people should look at learning more about AI. How could it be used to help me in whatever job I have, whether I'm a developer. Look at these code generators and co-pilots Is that something that's going to help me become a better developer or not?
Speaker 2:Another way to look at this is well, if I am a developer and there's all these co-pilot code generators out there, find out what the limitations are, because if you can fill in the gaps of where they have a limitation, then that's a valuable asset to be able to bring forward. If you're just a me too I'm just a basic, I can run of a little developer then your value is, I think, a little bit decreased. But if you know how best to use AI in your role, then that's a value add Because, as we can see, we're still in the very, very early days of it. I mean, look at the stumbles of even the giant like Google in their launch of Gemini recently, which that just is further evidence that we're in early days, so getting it now learn where the limitations are and how that evolves over time, and that's, I think, the best position you to take advantage of that where appropriate or where necessary.
Speaker 1:Yeah, we haven't dove into it very much yet, but could you tell us what the problem is that Strata is solving and how you're going about solving it?
Speaker 2:As far as with AI or just in general? No, just in general. Okay, sure. Well, Strata is an identity orchestration company. So when we think again back to the multi-cloud environment, if your company is adopting more than one cloud platform, then by definition your multi-cloud will use your multi-indentity.
Speaker 2:What Strata enables you to do with identity orchestration is manage these different identity components, whether they're legacy and on-premises or in the cloud, so that in the user journey of when a user logs on to an application environment, we can direct that user to authenticate to the right identity provider.
Speaker 2:If they need to also add a multi-factor authentication, like an ass-wiz or two-FA authentication, we can direct them to that source. If we need to gather up additional data points to start the session, you know that the application needs we can go over and retrieve those. So we're in the middle of that session, orchestrating what happens in order to get the right information to that application so that it can operate for our crookier. So that's the abstraction that we talked about earlier. So we extract away the hard-thoded implementation of your apps to your application so that you can choose out these identity components as the technology does advance. You know a few implemented and ordered multi-factor authentication technologies, say, five years ago. Now you want to move to pasties or some other ass-wiz-less model. Well then we can just pull out one component and plug in the other and make that migration much easier and faster than if you get everything was hard wired to each application.
Speaker 1:Yeah, it's really interesting. It's really fascinating that you know you're approaching the problem from that angle, because I feel like that is that's something that you typically don't want to change very often, because it is so difficult for your developers to set up the new identity authentication process or method or whatever it might be, and you need something very lightweight to sit in there that can manage it right. That's really the only solution. But from what you're describing, it's kind of like almost plug and play.
Speaker 2:Well, it becomes that right. Because if you want to change the technology without that abstraction in the middle, then you have to refactor those existing applications to change out their own indication modules and that's costly from a resource and time perspective. You know, that's what our research has showed us and shown our customers. So introducing that abstraction gives you that flexibility to adapt to technology just much faster. Because you know there's I think historically there would be a resistance to change. Well, I just installed that system five years ago. I'm expecting a seven to ten year lifespan out of that investment. But if technology is faster than that and the security threats accelerate faster than that time frame, what do you do? You're forced now to make an investment earlier than you wanted to and that could be costly. But with abstraction in the middle it's much, much easier to get those changes when we need to, other than you know, forcing a specific timeline on that.
Speaker 1:Yeah, that makes a lot of sense. Well, you know, unfortunately we're at the top of our time here. You know I try to be very cognizant of everyone's time before I let you go. How about you tell my audience, you know, where they can find you if they wanted to reach out, where they can find Strata If they want to learn more great information about your company.
Speaker 2:Sure appreciate that, joe. Yes, you can find me via email at Gerry, at strataio, gerry with G, and the Strata's website is also strataio. So we've got lots of great information out there and we're typically at some of the major industry conferences around the world. You know European identity conference in Berlin come up in June and I get a verse in May out in Vegas, probably at the Carter identity event later in year as well. So we're usually at those major events. Stop by and say you are see some of my colleagues and appreciate being on the show, joe, and it's been great talking with you.
Speaker 1:Yeah, absolutely Likewise. Thanks everyone for listening. I hope you enjoyed this episode.