Andre Durand

Discovering life, one mistake at a time.

Archive for the ‘Identity’

NEW: now supports SAML & Google Apps

May 12, 2008 By: Andre Category: Identity

Our guru’s of advanced identity work and labs, Ashish Jain and David Waite just completed a new release of This time, they added PingFederate to the mix, which in turn adds SAML single sign-on to’s capabilities.  Specifically, the integration allows users of to SSO into Google Apps. Details are here.

It’s really fun to see the whole identity mash-up in action. Even if the use-cases are narrow and limited at this stage, you can see the islands being stitched together.

“product doesn’t matter”

May 06, 2008 By: Andre Category: Identity

I sat on a federation vendor panel in Munich a few weeks back, and following my comments to the audience about Ping’s focus on building simple products that speed time-to-connect with partners, one gentleman who represented one of the suite vendors actually said,

… I don’t think product or 3 days or 5 days to production really matter to customers…

I’m not exaggerating, he actually said that! Of course, our 215 customers and counting beg to differ.

SSO Summit Agenda & Discussions

May 06, 2008 By: Andre Category: Identity

We’ve finalized a great list of speakers and case-studies for this years SSO Summit,
taking place in Keystone CO on July and 25th. Case Studies on
everything from ESSO to Federated SSO will be presented by the likes of
General Motors, Chrysler, Deloitte, Rearden Commerce, Prudential Insurance, Wyeth and 3M. In 30 minutes, each case study will cover project scope, business drivers, problems addressed, hurdles surmounted, what worked and didn’t and lessons learned.

While the perspectives and case studies will no doubt be very good, I’m really looking forward to the open discussions, where we’ll tackle: 

  • Single Sign-On, Reduced Sign-On, Simplified Sign-On, Zero Sign-On – which is right for you?
  • Describing the business value of your SSO initiatives to the CIO
  • What’s next for Web Access Management SSO?
  • Kerberos everywhere – true statement?
  • What’s the ‘holy grail’ for Enterprise SSO – we‘ve been trying for 20 years!
  • SSO for Web services?
  • Single Sign-On’s role in Governance, Risk and Compliance (GRC)
  • PKI or Federation — which is right for me?
  • SSO for non-browser clients – PDA’s, RIA’s, Phones
  • Leveraging NAC Authentication for Single Sign-On to Apps
  • Where do OpenID and InfoCards fit?
  • SSO for partners and customers – why bother?
  • Enterprise 2.0 and the Web 2.0 mash-up – how do we do SSO for these?
  • What is Oauth and where does it fit into your web services SSO initiatives.
  • The role of claims and the security token server in web services SSO


May 05, 2008 By: Andre Category: Identity

I just returned from the 2nd European Identity Conference in Munich. I came away very impressed not just with the quantity, but innovation going on in the field of federation. It’s as if the cultural diversity in Europe is driving a lot of innovation in the space, which I think will be healthy for the industry overall.  Munich is a beautiful city, so I was sure to bring my camera with me this time, but unfortunately the weather didn’t cooperate. I did however get a few interesting photos worth sharing. The first nearly escaped me. It was located down a dark narrow passageway some 30 feet from a side street. I was lucky to see it.


May 05, 2008 By: Andre Category: Identity

A gentleman came by the Ping booth at Software 2008 and asked Andrea how
long it took make a federated connection. He was with a large insurance
company that had 40 people dedicated to a federation project with 40
connections to make. He said they had been working on it on and off for years.

When Andrea responded, “…less than 30 days”, he replied,
“…piss-off! You’re kidding right? They lied to me!”. We got a good
laugh out of it and a new prospect. 

Yea, we do it in less than 30 days all the time. Try us.

Software’s Half-Life

March 26, 2008 By: Andre Category: Identity

I was speaking with a high ranking individual at one of the platform vendors yesterday and the conversation diverged into a series of rather targeted questions aimed (I believe), at discerning whether or not Ping appreciated the dynamics (and possible tension) between any ISV in relation to their platform vendor. 

Without being quite this direct, the questioning essentially got to, “...are you smart enough to recognize you need to continually move up the stack in order to stay out from under our steam roller.

Any software entrepreneur who’s been around for a while quickly realizes that you can never rest. We’re all on a rat wheel, and you’ve got to keep your legs moving. The value of software has a half-life. The second you ship a feature, the commercial value begins to decay. In 18 months, it might be worth half and in 36 months, it’s completely commoditized.

The key to survival then is to understand where you are in the stack and the speed with which the pieces underneath you will undermine your value.  One of the undocumented benefits / features of Software delivered as a Service is that it bi-passes some of the erosion effects I’m describing here. That is, until someone figures out how to deliver not only free and open software, but free and open services. Oh yea, that’s Google.

Warren Buffett

March 12, 2008 By: Andre Category: Identity

I’ve read about, but never anything directly from Warren Buffet.
After reading this years shareholder letter however, it’s no wonder he runs one of
America’s most admired companies, is the world’s richest man (again), and so
admired as a human. He represents everything worth aspiring to in a business
leader with integrity and humility.

I’m in awe of this person.

Ping Identity Acquires Sxip Access SaaS Business from Sxip Identity

March 11, 2008 By: Andre Category: Identity

In the past year, I’ve come to appreciate something many CEO’s at one point learn in their careers. And that is, there are stages in the growth of a business, which though not exciting, and are in fact indicative of growing viability and maturity. The stimulation so abundant by default with a startup, simply gives way over time to a different sort of reward, that of doing something really well, repeatedly, and satisfying the needs of your customers, one customer at a time.  Building a real business requires that you never tire of simply listening to customers and committing to their support after the initial sale. This stage entails a lot of patience and endurance.

Every once in a while however, an opportunity comes along that allows you to really accelerate your business. In the six years that I’ve dedicated myself to Ping Identity, I’ve only seen a few of these opportunities, but none so aligned with what we were trying to achieve here at Ping Identity as today’s announcement.

So it’s with great pleasure that we announce the acquisition of the Sxip Access business from Sxip Identity. The Sxip Access business consists of the single sign-on, provisioning and de-provisioning software, appliance and hosted services of Sxip Identity, which serve enterprises using software-as-a-service applications. The acquisition will strengthen our relationship with existing Sxip Access partners such as and Google, and will accelerate our commitment to enabling secure SSO to SaaS providers, an area we believe enterprises increasingly will value as they extend their identity and security infrastructures to encompass these new services.

I’ve known Dick Hardt the founder and CEO of Sxip Identity for several years now, and have a tremendous amount of respect for his intelligence, fortitude and contributions to the education and protocol development of identity industry. He has single handedly educated the universe of people beyond the identity ecosphere with his world-class presentation on Identity 2.0, something I feel Ping Identity and many others in this industry should be very thankful for.

As part of the acquisition, we will take over the existing customer relationships and support contracts of Sxip Access users, and will work with these businesses, and our existing PingFederate customers, to understand how the new Sxip Access software, appliance and hosted technology can help solve a growing portion of their immediate and future problems.

Also worth mentioning is that while the opportunity to acquire both customers and technology was certainly attractive, none of these would have been of value to us without the opportunity to work with the talented people behind the technology, sales and support.  The opportunity to hire and work with these individuals is highly valued, and our new team members will no doubt help us manage and grow the business in the coming months.

Read full press release…

Costa Rica

March 09, 2008 By: Andre Category: Identity

I just returned from a family trip to Costa Rica. It’s the first time since an adult that I’ve vacationed with my parents, but it  was my second time to Costa Rica, which is definitely one of my favorite places on earth. The country is clean, the people friendly and the land, farms and animals are a throw back in time. Below are a few of some of the newly created memories. If you care to see more, I’ve posted them here.

Single Sign-On Summit Launched

February 20, 2008 By: Andre Category: Identity

In cooperation with our sponsors (Covisint, Passlogix & Sun Microsystems), Ping Identity today launched the Single Sign-On Summit, a new industry event dedicated to single sign-on. The event will take place in Keystone Colorado in July. We’re really excited about this event, because for the first time, we’re going to have enough time to go deep into all things single sign-on, the most widely deployed use-case of Identity Management.

For complete details, visit the website.