You may remember the May hoopla regarding amendments to Illinois’ Biometric Information Privacy Act (BIPA). These amendments do not eliminate the long-standing law, but lessen its damage to offending companies.
The General Assembly is expected to send the bill to Illinois Governor JB Pritzker within 30 days. Gov. Pritzker will then have 60 days to sign it into law. It will be immediately effective.
While the BIPA amendment has passed the Illinois House and Senate and was sent to the Governor, there is no indication that he has signed the bill into law within the 60-day timeframe.
A proposed class action claims Photomyne, the developer of several photo-editing apps, has violated an Illinois privacy law by collecting, storing and using residents’ facial scans without authorization….
The lawsuit contends that the app developer has breached the BIPA’s clear requirements by failing to notify Illinois users of its biometric data collection practices and inform them how long and for what purpose the information will be stored and used.
In addition, the suit claims the company has unlawfully failed to establish public guidelines that detail its data retention and destruction policies.
The cohesive suite of security and productivity solutions provided by an E5 licence can significantly streamline your technological landscape, doing away with a number of on-premises and SaaS tools.
While many organisations opt for the lower-cost E3 licence, they may find this soon requires a supplementary selection of single-solution tools from alternate vendors to patch gaps in its capabilities.
Too many solutions means confusion, an often-disjointed workflow, potential overlap and overspend, and crucially, increased security risk.
By consolidating your collaboration, productivity, automation, and security solutions into a single trusted vendor platform, IT management becomes simplified, redundant solutions can be axed, and ROI can be better measured.
The Microsoft E5 Security Components
So you get everything from a single source with no finger pointing. What could go wrong?
Plenty, according to those who still think of Microsoft as an evil empire.
Microsoft is making a compelling case to businesses to consolidate into the Microsoft umbrella of products. The ease of use, and financial motives just make too much sense. Now do those customers get a great IAM experience with that? Meh…kinda. Entra SSO is solid product, Active Directory/EntraID is solid, MIM…well….we don’t talk about MIM.
Microsoft Identity Manager
Well, I will talk about MIM, or Microsoft Identity Manager.
Microsoft Identity Manager (MIM) 2016 builds on the identity and access management capabilities of Forefront Identity Manager (FIM) 2010 and predecessor technologies. MIM provides integration with heterogeneous platforms across the datacenter, including on-premises HR systems, directories, and databases.
MIM augments Microsoft Entra cloud-hosted services by enabling the organization to have the right users in Active Directory for on-premises apps. Microsoft Entra Connect can then make available in Microsoft Entra ID for Microsoft 365 and cloud-hosted apps
But what of the argument that it’s better to get everything from one vendor? Other companies will tout their best-in-class products. While you’ll end up with a possibly disjointed solution, the work will get done more accurately.
In the end, it’s up to you. Do you want a single solution that is “good enough” and is already pre-made, or do you want to take the best solution from the best-in-class vendors and roll your own?
Who are the competitors in the market for my product?
Which features do competitive products offer? How do they compare to the features my product offers?
Which industries do competitors target? How do they compare with the industries my company targets?
Which contracts have the competitors won? How do they compare with the contracts my company has won?
How effective is my company’s product marketing? My website? My social media? My key employees’ social media?
Bredemarket can help you answer these questions.
Types of analyses Bredemarket performs
For those who don’t know, or who missed my previous discussion on the topic, Bredemarket performs analyses that contain one or more of the following:
Analysis of one or more markets/industries for a particular product or product line.
Analysis of one or more (perhaps tens or hundreds) of competitors and/or competitive products for a particular product or product line.
Analysis of a firm’s own product or product line, including how it is marketed.
How Bredemarket conducts its analyses
Bredemarket analyses only use publicly available data.
I’m not hacking websites to get competitor prices or plans.
I’m not asking past employees to violate their non-disclosure agreements.
How Bredemarket packages its analyses
These analyses can range in size from very small to very large. On the very small side, I briefly analyzed the markets of three prospect firms in advance of calls with them. On the large side, I’ve performed analyses that take between one and six weeks to complete.
For the small self-analyses (excluding the very small quick freebies before a prospect call), I deliver these under my Bredemarket 404 Web/Social Media Checkup banner. When I first offered this service in 2020, I had a complex price calculation mechanism that depended upon the number of pages I had to analyze. Now I’ve simplified it and charge one of two flat rates.
Because the larger analyses are of undetermined length, I offer these at an hourly rate under my Bredemarket 4000 Long Writing Service banner. These reports can number 40 pages or more in length, sometimes accompanied by a workbook describing 700 or more competitor products or contracts.
Obviously I can’t provide specifics upon the analyses I’ve already performed since those are confidential to my customers, but I always discuss the customers’ needs before launching the analysis to ensure that the final product is what you want. I also provide drafts along the way in case we need to perform a course correction.
Do you need a market, competitor, or self analysis? Contact me. Or book a meeting with me at calendly.com/bredemarket to talk about your needs (and check the “Market/competitor analysis” check box).
If you book a free 30 minute meeting with Bredemarket, you’ll now find an additional option in the “What Type of Content Do You Need?” section: Market/competitor analysis. I’ve done these for years, but never added the option to the form.
My analyses ONLY use publicly available information that is NOT subject to NDA. So you won’t get access to the analyses I’ve performed for other clients, and they won’t get access to the analysis I prepare for you.
While I primarily provide these analyses in the identity/biometrics industry, I’m open to discussing analysis needs in other industries.
Something You Are. This is the factor that identifies people. It includes biometrics modalities (finger, face, iris, DNA, voice, vein, etc.). It also includes behavioral biometrics, provided that they are truly behavioral and relatively static.
Something You Have. While this is used to identify people, in truth this is the factor that identifies things. It includes driver’s licenses and hardware or software tokens.
Actually more than a decade, since my car’s picture was taken in Montclair, California a couple of decades ago doing something it shouldn’t have been doing. I ended up in traffic school for that one.
Now license plate recognition isn’t that reliable of an identifier, since within a minute I can remove a license plate from a vehicle and substitute another one in its place. However, it’s deemed to be reliable enough that it is used to identify who a car is.
Note my intentional use of the word “who” in the sentence above.
Because when my car made a left turn against a red light all those years ago, the police didn’t haul MY CAR into court.
Using then-current technology, it identified the car, looked up the registered owner, and hauled ME into court.
These days, it’s theoretically possible (where legally allowed) to identify the license plate of the car AND identify the face of the person driving the car.
But you still have this strange merger of who and what in which the non-human characteristics of an entity are used to identify the entity.
What you are.
But that’s nothing compared to what’s emerged over the past few years.
We Are The Robots
When the predecessors to today’s Internet were conceived in the 1960s, they were intended as a way for people to communicate with each other electronically.
And for decades the Internet continued to operate this way.
Until the Internet of Things (IoT) became more and more prominent.
Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in 2024 Report from Imperva, a Thales company, found that the majority of internet traffic (71%) in 2023 was API calls.
Couple this with the increasing use of chatbots and other artificial intelligence bots to generate content, and the result is that when you are communicating with someone on the Internet, there is often no “who.” There’s a “what.”
What you are.
Between the cars and the bots, there’s a lot going on.
What does this mean?
There are numerous legal and technical ramifications, but I want to concentrate on the higher meaning of all this. I’ve spent 29 years professionally devoted to the identification of who people are, but this focus on people is undergoing a seismic change.
The science fiction stories of the past, including TV shows such as Knight Rider and its car KITT, are becoming the present as we interact with automobiles, refrigerators, and other things. None of them have true sentience, but it doesn’t matter because they have the power to do things.
When I write about space aliens, there’s a reason. And that reason may be to warn identity vendors that silence is NOT golden.
Fake LinkedIn stories
As a frequent reader and writer on LinkedIn, I’ve seen all the tips and tricks to drive engagement. One popular trick is to make up a story that will resonate with the LinkedIn audience.
For example, the writer (usually a self-proclaimed career expert who is ex-FAANG) will tell the entirely fictional story of a clueless hiring manager and an infinitely wise recruiter. The clueless hiring manager is shocked that a candidate accepted a competing job offer. “Didn’t she like us?” asks the hiring manager. The wise recruiter reminds the clueless hiring manager that the candidate had endured countless delays in numerous interviews with the company, allowing another company to express interest in and snatch her.
Job seekers have endured countless delays in their own employment searches. When they read the post, they hoot and holler for the candidate and boo the clueless hiring manager. Most importantly, readers like and love the writer’s post until it goes viral, making the author an ex-FAANG top recruiting voice.
Even though no sources are cited and the story is fictional, it is very powerful.
Well…until you’ve read the same story a dozen times from a dozen recruiters. Then it gets tiresome.
My improvement on fake stories
But those fake stories powerfully drive clicks on LinkedIn, so I wanted to get in on the action. But I was going to add two wrinkles to my fake story.
First, I would explicitly admit that my story is fake. Because authenticity. Sort of.
Second, my story would include space aliens to make it riveting. And to hammer the point that the story is fake.
Now I just had to write a fake story with space aliens.
Or did I?
A repurposed and adapted fake story with space aliens
I just needed to make one of the characters a space alien, and since Jones was based on the striking Grace Jones, I went ahead and did it. If you can imagine Grace Jones with tentacles, two noses, and eight legs.
As the space alien’s tentacles quivered, I snuck something else into the LinkedIn story—some facts.
Kids who watched Fat Albert on TV not only enjoyed the antics, but also learned an Important Life Lessons. Now I don’t have multiple advanced degrees like Cosby, but then again I never had multiple degrees rescinded either.
But my life lesson wasn’t to stay in school or pull your pants up. My life lesson was to blog. The lesson was in the form of a statement by Jones’ humanoid colleague Smith, taken verbatim from the Pizza Stories post.
“Take blogging,” replied Smith. “The average company that blogs generates 55% more website visitors. B2B marketers that use blogs get 67% more leads than those who do not. Marketers who have prioritized blogging are 13x more likely to enjoy positive ROI. And 92% of companies who blog multiple times per day have acquired a customer from their blog.”
The FBI and others are letting us know that June 3 through June 9 is Medicare Fraud Prevention Week. Pro Seniors:
Fraud costs Medicare an estimated $60 billion per year. It costs Medicare beneficiaries in time, stress, their medical identities, and potentially their health. It costs families, friends, and caregivers in worry and lost work when helping their loved ones recover from falling victim to Medicare fraud.
Of course my primary interest in the topic is ensuring that only the proper people can access Medicare data, preferably through a robust method of identity verification that uses multiple factors.
Not multiple modalities, especially ones that are well-known such as your Social Security Number and your mother’s maiden name.
Multiple factors, such as your government-issued driver’s license, your biometrics, and your geolocation.
For more information, see what these vendors are saying about using biometrics to counter healthcare fraud attempts.
Bredemarket 