Hello from Berlin!

In my previous post I teased a brand-new white paper, and now’s the time to tell you a little bit about it.

There’s something in the air, and it has to do with the timeless philosophical question “Who am I?”

When I move about the world — both physical and digital — and interact with others, is it the same “me” in all cases?

When I identify myself to an online service, what parts of me are actually presented, and how much am I allowed to do on that basis?

When I ask a hunk of clever software — an AI agent — to do something on my behalf, how much of “me” is in its workings, and how much does it truly represent me? And when I ask a family member or coworker, same question actually!

We’re only just starting to grapple with the human complexity that makes securing systems tricky. I was excited to come across a recent Linked article from Jen Schreiber and George Fletcher, which combines several of these elements of complexity in a cool way: It moots the idea of “delegating your personas.”

There it is — personas. This has not traditionally been a well-defined or even frequently used concept in the identity world, but it’s coming up more and more.

Over the last several months I’ve been working with my friend, cybersecurity expert Jacob Ideji, to dive deep on the question of whether accounts and login credentials are up to the task of representing this complexity. Our conclusion: It’s high time to turn personas into A Thing — a real artifact that can be used to drive better security and user experience.

To that end, we’ve put together a new white paper that explores these questions, and a few more:

• What are the risks of ignoring the different “characters” we adopt online?

• Can understanding these subsets-of-us help with sharing — and limiting — access in a finer-grained way?

• Can understanding the relationships between people’s various personas fuel better results?

• What’s the right way to use current and emerging tech to take advantage of opportunities around persona thinking?

In the paper, we offer practical findings on making IAM systems both more secure and more empathetic by integrating human complexity into design, architecture, and security controls.

What personas are infused into your digital landscape — joint account holders, patients and caregivers, temporary contractors, others? How do they shape your identity strategy? Are they coexisting or fighting with each other?

Check out Persona-Driven Identity: Enhancing Security by Understanding Human Complexity on the brand-new Venn Factory Learning platform for an in-depth look at persona risks and effective solutions.

To celebrate the launch of both the paper and the platform — along with this week’s EIC conference in Berlin — we’re offering a 50% discount on the paper through May 17. Just use code EIC2025 at checkout; this link builds the code right in.

Share

Many thanks to our expert persona paper reviewers Eric Anderson of IDalchemy, George Fletcher, Nishant Kaushik, John Kindervag of Illumio, and Abhay Kulkarni of WideField Security!