New Partnership with Janrain

By Travis Spencer on March 23, 2013 4:25 PM | No Comments

At Nordic APIs this week, I was very proud to announce that we have partnered with Janrain, the leader in social media aggregation. We are delighted to become Janrain's only reseller in Scandinavia, and are excited by the opportunities that this opens up to our customers. This partnership is a critical part of our business model, and our strategy to help organizations more quickly adopt cloud computing, mobile, big data, and social. To do this, we are bringing together standards-based software from best-of-breed vendors like Janrain into ready-made solutions. These pre-made integrations allow organizations to quickly and securely overcome the challenges introduced by these four megatrends. Our ready-made solutions, deep knowledge of our partners' offerings, and the standards on which they're built allows us to speedily implement solutions using their software, sparing our customers from lengthy integration projects.

ingred.gifAs I've blogged about before and described in our whitepaper, solutions for cloud, mobile, big data, and social have to be created from various software components in the same sort of way that a baker combines base ingredients into cakes. To make a torte, you need eggs, flour, sugar, milk, and, in the hands of a skilled baker, these can be whipped, stirred and combined into wonderful desserts. actual_ingred.gifSimilarly, we are pulling together software, services, and expertise into secure solutions for a mobile, cloudy world. Our ingredients are things like Web SSO, account management and provisioning, API security, and authorization. With this new partnership, we can also whip in some social media aggregation using Janrain's products.

At Nordic APIs, I gave a demo of such a solution that combines Janrain's services with CA SiteMinder to securely integrate social into a Web site. We'll post a recording of that in the next couple of weeks, and will show it off again in Copenhagen. We also have other integrations in the works, and we'll blog about those soon. In the meantime, check out Janrain's site which has a wealth of helpful info explaining how engagement starts with identity. You can also shoot us any questions you may have about their products or about how we're helping organizations use their platform to securely leverage social login, profiles, and publishing to increase brand engagement.

Directions to StjärnaFyrkant's Office and the Free BYOD Seminar

By Jacob Ideskog on February 2, 2013 1:30 PM | No Comments
_byod_event_header.jpg
February is here and that means that we are we are getting closer to the free seminar on the topic of BYOD arranged by StjärnaFyrkant  together with Twobo Technologies and Ping Identity. 
Ping Logo

Here are directions to help you find StjärnaFyrkant's office. They are located in Solna, a suburb of Stockholm on Svetsarvägen 24.

From Bromma Airport: 
Take a Taxi. This airport is located very close to the event address, and is the best one to fly into if you can.

From Arlanda Airport:
Option 1: Take a taxi to Solna. There is usually a fixed rate which should be around 500 SEK
Option 2. Take the Arlanda express to T-centralen (Stockholm's central station). Then take the subway (tunelbanen) or the commuter rail/overground (pendeltåg). See directions below.

Subway from Stockholm City (T-Centralen):
Take the blue line from T-Centralen towards Hjulsta. Exit the train at Sundbybergs Centrum then exit the station onto Järnvägsgatan.

Pendeltåg (Commuter Rail) from Stockholm City (T-Centralen): 
Take Pendeltåg 35 towards Kungsängen. Exit at Sundbyberg Centrum, then exit the station onto Järnvägsgatan

Walking Directions from Järnvägsgatan:


Link to Google Maps http://bit.ly/ULTWtp

If you are interested in attending but haven't yet registered, please let us know send an e-mail to marknad@stjarnafyrkant.se.

We are looking forward to see you on February 21st.

Making Scandinavia Programmable: Nordic APIs

By Travis Spencer on February 1, 2013 5:37 PM | No Comments
We are really excited to announce that we are joining forces with Dopter, one of Scandinavia's biggest champions of APIs, to organize the first all-API-related event in the region: Nordic APIs. We will be working together to host a number of events around the region this year, starting next month on March 21. Together with two of our other partners, Jayway and Ping Identity, we'll have a half-day of presentations about:

  • Best practices for launching and deploying an API
  • Tools of the trade
  • Security (our favorite)
  • Innovations in APIs and the future of the space
  • Back-end as a Service (BaaS)
  • And many, many more
We'll be meeting in Jayway's new office in downtown Stockholm. Their space is really open and will give us all the chance to mingle and learn. We'll start w/ lunch at noon and kick off the talks at 13:00. We'll go till 16:00 w/ a little break in the middle. We'll post a full agenda soon on the Nordic APIs site.

We'll be giving a talk on API security. To get a sense of what we'll talking about, have a read through my post on Maspup.se where I discuss some of the security issues that API providers need to consider as they relate to enterprise mobility management and BYOD. (Be sure to also join us, Ping, StjärnaFyrkant and others for more on BYOD February 21.)

Eventbrite - Nordic APIs March 21st, StockholmWe'll also be running a larger 2-day Nordic APIs event in Stockholm on September 18 and 19 at Lustikulla Conference Center. For this conference, we'll bring in a lot more sponsors, attendees and speakers from around Scandinavia and beyond. We have sponsorship and speaking opportunities still available for the fall if you're interested in getting involved. Before then, be sure to register for next month's kick off to what will undoubtedly be a great new series of API conferences. It's free to attend the March event, so RSVP today as space is limited. Please also follow @NordicAPIs on Twitter and subscribe to the Nordic APIs blog to stay up to date. Comment here or drop us a note if you have questions.

Brought to you in partnership w/ these fine folks:

Ping Logo

BYOD Seminarium med StjärnaFyrkant och Ping Identity

By Travis Spencer on January 22, 2013 9:52 AM | No Comments
BYOD event from StjärnaFyrkant, Twobo Technologies and Ping Identity
Välkommen till ett seminarium om Bring Your Own Device (BYOD) med huvudsponsring av Ping Identity.

Den 21 februari arrangerar StjärnaFyrkant tillsammans med Twobo Technologies och Ping Identity ett kostnadsfritt seminarium på temat BYOD.
Ping Logo

Vi kommer bland annat diskutera:

  • Vad är BYOD och varför är trenden så populär?
  • Vilka utmaningar och lösningar associerar vi med BYOD?
  • Hur BYOD tillsammans med "cutting edge" teknologi skapar ökad produktivitet, nöjda medarbetare och en ökad innovationskraft
  • Populära alternativ som "Company-Owned, Personally Enabled" (COPE) enheter.
  • Hur omfattande är antagandet av BYOD i Skandinavien, Europa och resten av världen?

För vem: Telefoniansvarig, IT-chef och produktansvarig
Tid: 21:a Februari kl 12-16
Plats: StjärnaFyrkants kontor i Solna, Svetsarv 24
Program:

12:00Registrering, lunch, nätverkande och mingel, utställning
13:00Välkommnande och introduktion
13:10BYOD möjligheter: Problem och möjligheter som uppstår vid konsumentdriven IT utveckling.
13:40Varför BYOD? Skäl till att organisationer bör överväga denna praxis
14:10COPE-ing with BYOD: Ett alternativ med likvärdiga fördelar
14:30Paus och utställning
15:00Kärnan i alla BYOD lösningar: Ett enhets-neutralt sätt att lösa BYOD
15:30Förvandla din organisation till en plattform: Säkergör överförandet av information till appar som används på anställdas enheter
15:50Avslutning

Under dagen bjuds på lättare förtäring, våra leverantörer visar även upp de senaste mobiltelefonerna och tillbehören. Seminariet kommer delvis att hållas på engelska.

Maila intresse till: marknad@stjarnafyrkant.se

Sponsorer
BYOD event sponsors

BYOD in Sweden, Scandinavia & Europe

By Travis Spencer on December 30, 2012 10:08 PM | No Comments

As the year rolls over, we naturally ponder the future. Reading through popular IT news sources, we are presented with a future where organizations inevitably allow staff to use their own mobiles at work, a practice referred to as Bring Your Own Device (BYOD). It is easy to see why so many people are talking about it with potential benefits such as these:

  • Cost reduction from employees paying for their own devices (at least in part);
  • Increased employee satisfaction and productivity;
  • Greater innovation through employees' use of cutting-edge technology; and
  • Improved business agility and mobility.

I was discussing this topic with a group of friends at a recent Christmas party. To my surprise, one of them who has been working in the Swedish IT industry for years had never heard of BYOD. This got me to thinking: How widespread is BYOD adoption in Sweden, Scandinavia, and Europe? From the one Noel party, it seemed to be lagging, but that's a single data point. After looking around for others, I thought I'd share my findings.

In light of Gartner predictions that BYOD adoption will climb in 2013, Lisa Bjerre asked a handful of Swedish IT execs whether they agreed. Some were skeptical, but the directors of IT for the municipalities of Burlöv, Götene, Lidköping, Essunga, and Skara predicted that BYOD will introduce creative new ways of delighting customers and will greatly impact Swedish organizations in the coming years. Burlövs municipality's IT director, Hans Magnusson, said he especially expected an uptake in Swedish schools as is happening elsewhere in the world. Adoption doesn't seem limited to the public sector though. Patrik Malmquist, Enterprise Mobility Manager at Sigma, says that mobility, including BYOD, is the most frequently requested issue that their customers come to them with. When McAfee asked 153 Swedish CIOs and IT managers about their views on BYOD, 60% said it was strategically important to their business, and over half thought it was something their companies should be investing in.

What about the rest of Scandinavia? Smartphones Telecom, a Norwegian Mobile Device Management (MDM) provider owned by Telenor, says that BYOD is not as common in Norway as in other places like the US, but the growing popularity of tablets means that more employee-owned slates will find their way into Norwegian workplaces. According to Steria's recent survey of 299 IT managers from large organizations in Denmark, Sweden and Norway, BYOD is not top of mind for IT bosses in the region. As Thomas Okke Frahm, former Executive Partner at Gartner in Denmark, warns, however, Danish directors of IT who oppose BYOD do so in vain. This is because workers will simply and insecurely use their own devices beyond the view of IT. Shadow IT is commonplace among BYOD opponents in Sweden, says Andreas Krohn, API Specialist at Dopter, a partner of ours.

As Berlin-based reporter, Charlotte Erdmann, writes, Europe is catching on to BYOD:

Research and consulting firm Frost & Sullivan has established that 75 percent of Europe's CXOs are already using tablet computers. And IDG Connect reports that 60 percent of European IT professionals now use their own iPads for work...Dell ascertained...that whenever private hardware isn't banned in a firm, four out of five employees use their own devices at work.
Erdmann also mentioned a study of IT directors conducted by Absolute Software which found that 52% of companies from France, Germany, and the UK allow staff to use their own devices to access the corporate network. A study by Intel puts the level of adoption of German companies at 1 in 5.

With more data points than the one from my Christmas party, it's clear to me now that many Swedish, Scandinavian, and European organizations are allowing or considering to allow the use of employee-owned devices in the workplace. It's also clear after doing this research that not many people are offering solutions to the problem. We've written a paper with concrete advice, and will discuss this at a BYOD conference in Stockholm on the 21st of February with Ping Identity, UnboundID, StjärnaFyrkant, Telia, Nokia, Sony, and others. More on that and our whitepaper soon. In the meantime, comment here, on Twitter or on Google+ if you have thoughts or views on BYOD adoption in Europe that you'd like to share.

Our Newest Partners

By Travis Spencer on November 23, 2012 11:50 AM | No Comments
My vision for Twobo is extremely large, and I know I can't do it along. That is why I've been building a great team of folks to help me. Some of these are working w/ me at Twobo. Others are companies that have the same sort of vision and want to work together to realize it. Over the past few months, we've been busy forging partnerships w/ such organizations and have established about a half dozen w/ about the same number in the works. I'd like to introduce a few of the most recent ones to you in this post.

CA Technologies

Everyone working in the IAM space knows CA. They have a long history and lots of experience in this field. Many organizations seeking to use cloud computing, mobile, and social are wondering how they can strongly identify users, control access to their data, and provide their auditors with answers. Many such organizations would like to take advantage of existing software products like those from CA as they shift to these new paradigms. Through our new partnership, we will help organizations choose, deploy and integrate CA software to solves these and other such problems. We are really excited to be working w/ CA, and look forward to growing the relationship.

Cozmanova

Founded in 1997, Cozmanova is a vibrant member of Holland's cottage industry of digital identity experts. Their singular focus on identity and deep understanding of the underlying protocols makes them an ideal partner to help us solve our customers' challenges. We are glad to be working w/ Cozmanova, and are eager to combine our efforts.

Jayway

I met Stephen Severin, a senior consultant at Jayway, back in 2010 when I was still living in the States. After I moved to Sweden, Stephen introduced me to his colleagues at Jayway. Over the last couple of years, I have met w/ them on many occasions. They are an extraordinary group of people that are passionate about their craft. They are innovators, not only technologically but also business-wise. Their application of agile to billing models and investment strategies is unique among consulting firms. Their deep expertise in software development, cloud computing, and mobile application development makes them a key partner in helping us realize our vision.

UnboundID

I met the guys from UnboundID as I worked w/ them over the last couple of years to define SCIM, an up-and-coming user account provisioning protocol. As more and more companies struggle w/ big identity data, UnboundID's identity platform provides a massively scalable, high performance solution. Their view of the an emerging economy where identity is a valuable resource is a vision we at Twobo share. It is our pleasure to be working more closely with the folks at UnboundID.

To all our new partners and existing ones: it's wonderful to be working w/ you to bring about our shared vision!

Office 365 Supports SAML 2

By Travis Spencer on October 4, 2012 2:41 PM | No Comments
Today while I was prepping for a training I'll be delivering on Office 365, I came across a very interesting discovery: Office 365 supports SAML 2! I get a lot of emails about this, so I wanted to explain real quick.

The training course is about how to set up Web SSO to Office 365 using a federation server other than ADFS, namely PingFederate from our partner Ping Identity. When I worked out how to do this a year and half ago, I explained at CIS how it required WS-Federation. While prepping my slides today though, I saw something that tipped me off to the possibility of doing it using SAML 2. While looking around for the reference docs for the MSOL PowerShell commands, I found this page explaining how to setup SSO to Office 365 using Shibboleth. From this, I figured that Shib supported WS-Fed, which surprised me a bit. Curious, I looked at the following snippet which is shown on that page for establishing the trust between Shibboleth and Microsoft Azure Active Directory:
Continue reading Office 365 Supports SAML 2.

At Upcoming Cloud, Mobile and Identity Events in Holland

By Travis Spencer on September 21, 2012 11:23 AM | No Comments
We are heading down to the Netherlands next month and again in November for some really exciting events. First, we'll be at the Broadband World Forum in Amsterdam and then at IDentity.Next in the Hague.

Broadband World Forum
The 12th annual Broadband World Forum is taking place from the 16th to 18th of October, and will have hundreds of speakers from various telco providers and other industry experts discussing topics such as cloud computing, mobile computing, M2M, and others. From these keynotes and presentations, attendees will learn more about how Mobile Network Operators (MNOs) can use the cloud to open up new business opportunities and use their existing infrastructure to capture new markets. This is especially interesting to us as it is not possible without a strategic focus on digital identity. Cloud computing will be in the spotlight on the first two days during the co-located Broadband Cloud Summit. This part of the convention will undoubtedly include many good thoughts on how service providers can innovatively use the cloud to develop better business strategies and launch new products. As official bloggers for the event, we'll certainly keep you posted.

Broadband Cloud Summit
If you're attending or are in the area, drop us a line, so we can be sure to connect. Also, our friends, UnboundID, will be exhibiting there, so be sure to stop by their booth and say hi.

Just before Thanksgiving, we'll jet back down to the Hague for the IDentity.Next unconference. We're looking forward to joining James Varga of miiCard, David Birch of Consult Hyperion, and many other friends to talk about the future of digital identity. I will be presenting on use cases for System for Cross-domain Identity Management (SCIM), an emerging provisioning standard that I've been working on w/ UnboundID, Salesforce.com, Ping Identity, and others since its inception. In my talk, I'll elaborate on the scenarios and use cases for the protocol which I touched on in my introductory SCIM presentation at the Cloud Identity Summit in July.

If you are going to be at the conference, which is November 20th and 21st, or will be near the Hague at that time, be sure to shoot us a note, so we can hook up. Too busy baking Thanksgiving pies? Come on. Identity is sweeter than all that, and you can jet home the day before. To see just how sweet identity is, have a look at this video :-)


See you all in the Netherlands this fall!

(This blog post was sponsored in part by Informa, organizers of the Broadband World Forum.)

XACML w/ OpenID Connect, SAML, OAuth and SCIM

By Travis Spencer on August 7, 2012 1:23 AM | No Comments

At the end of Paul Madsen's presentation at CIS a couple weeks ago, he ended with a question that he also posed on Twitter:

XACML is like a fly in the ointment of SAML, OAuth, OpenID, SCIM and the other related security standardsThe integration of SAML, OAuth, OpenID Connect, SCIM, and other neosecurity standards are relatively straightforward. The fly in the ointment though is XACML. How does it fit w/ all these other security specs? Matt Topper offered his thoughts in reply to Paul's tweet:

When I borrowed a similar deck from Paul for a recent presentation in London, I left off w/ the same question. I was followed that day by David Brossard, VP of Product Management at Axiomatics, a company specializing in XACML who we've since partnered w/. Him and I talked about Matt's point in the blogosphere a couple years ago and discussed these things more that day. After all these conversations and time, let me try to summarize my current thinking on how XACML integrates with protocols like SAML, OAuth, and OpenID Connect.

Continue reading XACML w/ OpenID Connect, SAML, OAuth and SCIM.

Cloud Security Standards

By Travis Spencer on August 7, 2012 1:13 AM | No Comments

A few months ago at the Cloud Identity Summit (CIS) in London, I gave a presentation on the emerging standards that enable secure access to cloud APIs. The collection of protocols that form the neosecurity stack that I talked about are Simple Cloud Identity Management (SCIM), SAML, OpenID Connect, OAuth 2, and the JSON-based Identity Protocol Suite (JOSE and JWT). These security protocols are quite new (save SAML), and many attendees had not heard of some of them. They are very important for those implementing APIs and SaaS applications though, so I wanted to explain them in a bit more detail.

OpenID Connect and OAuth 2

These two protocols are a really big deal. Together, they provide authentication and delegated access to APIs, respectively.

OpenID Connect is essentially the third version of OpenID. It is a complete rewrite of the protocol and is not compatible with previous versions. It is an HTTP-based protocol that allows apps to authenticate users in foreign security realms. In this way, it provides SSO. Unlike other protocols like SAML and WS-Federation that solve the same problem, OpenID Connect provides the following unique benefits and features:

  • Built atop OAuth 2 which is much simpler to implement than prior versions of that spec
  • Designed with native mobile apps and HTML 5 Web apps in mind
  • Designed to achieve higher Levels of Assurance (LoA)
  • RESTful in nature, providing all the benefits of that modern design paradigm
  • Low tech barrier that requires little more than HTTP and JSON support

For more info on OpenID Connect, see the OpenID Foundation's Web site. We'll be blogging about the importance and benefits of OAuth 2 in some of our upcoming posts. Connect on Twitter if you are curious before then.

Continue reading Cloud Security Standards.