Richard chats with David Jones about identity security. The conversation starts out talking about the wonders of Single Sign On, followed by the horrors - the security exploits that can and do occur. David sites the Mandiant Security Report for more info on the exploits taking place. From there, David talks about using multi-factor authentication and the potential risks, as per the xckd on security. As we get more serious about managing identity, the idea of outsourcing to companies like PingIdentity is discussed. What's the best way to get identity right?