Bare Identity

"All too often I'm seeing people get totally wrapped up in complex "boil the ocean" projects that never go anywhere, vs. defining and solving a specific problem. You don't need to start your entire data security program with some massive data classification program. Pick one defined type of data/information, and just go protect it. Find it, lock it down, watch how it's being used, and stop it from going where you don't want."

"For the sake of simplicity we will assume in this article that ERM is the practice of having a consistent set of procedures and methodologies around the definition of roles for all systems in a company."

"Either way, some model will be applied and guesses/estimates will be used. The point of analysis is to give decision-makers better information than they would have had in the absence of analysis."

"It is often difficult for a company to adjust its strategy to conform to the market's view. Inevitably a lot of stakeholder passion was poured into the original vision. Sometimes a market will evolve to value the developer's perspective (in this case I suspect that's highly likely). In the short term these companies should be comforted by the cash buyers will spend to solve their high priority problems."

"Some of the measurements marketing needs to be able to show include:
* lead progression across buying stages
* impact on pipeline growth
* rate of contact-to-lead transition
* growth in lead-to-opportunity conversions (sales-accepted)
* individual vs. aggregate behavioral trends
* reduction in time to revenue
* increase in dollar volume – nurtured vs. not"

"Take a look at the chart below, graciously provided by CSO Insights. If you're a B2B software marketer, this may not be inspiring." – As one who leans further into the Product Management camp than the Product Marketing camp, I love these results. When you listen to your customers and build products that solve their problems, then selling becomes easier. …solve problems that are "urgent, pervasive, and with companies that are willing to pay…"

"The strategy I am proposing is to segment user accounts into active and dormant where the definition of dormant is set by audit guidelines or IT policy; dormant accounts can then be excluded from attestation. At its simplest (and for the sake of this example), we can define dormant as any account that has not been used since the last attestation."