3 takeaways from our conversation with Eve Maler
In episode 9 of Savvy Talk, Eve Maler (founder of Venn Factory, co-author of SAML, and longtime identity standards leader) joins the show to discuss her new book, Mastering Digital Identity: From Risk to Revenue. Eve has spent three decades building the protocols and frameworks that hold digital identity together, and her argument in this episode runs counter to how most enterprises still structure their programs. She believes identity is a product, and the teams that treat it that way will outperform the ones still operating out of a ticket queue. In this episode, we cover Eve’s “Four Ps” framework, why the Chief Identity Officer role stalled, and how “death and the digital estate” is the identity problem nobody wants to talk about.
Identity teams should run like product owners, not ticket queues
Eve frames the most successful identity programs around a simple shift in perspective. The practitioner is a product owner, and every employee, partner, and customer is a user of that product. That shift changes the metrics you pick, how you talk to stakeholders, and how you measure success. It also forces humility. You start asking what people actually need instead of pushing tickets through a backlog. The idea comes from jobs-to-be-done theory, a product management framework Eve applies to an internal service most teams treat as an afterthought.
The Four Ps reframe what identity is actually for
Eve's book introduces a framework she calls the Four Ps: protection, personalization, payment, and people. Protection covers security, privacy, and reputation risk. Personalization is the user experience and the commercial side, upsell, and cross-sell. Payment is self-explanatory. People are everything individuals want from identity, which the industry has historically struggled to deliver.. There is a fifth P, productivity, but Eve treats it as table stakes. The point of the framework is that identity leaders have to serve all of these at once without compromise, which is a very different mandate than "keep the bad guys out."
The identity problem nobody is planning for
Eve co-chairs the DADE group (Death and the Digital Estate). When someone passes away, their family often cannot unlock their phone, access their accounts, or carry out their wishes across dozens of services. Add deepfakes to the picture, and the problem compounds. Name, image, and voice are now stolen and weaponized, with spear phishing as the immediate enterprise risk and likeness appropriation after death as a longer-term concern. The DADE group is moving from diagnosis to solution design, and Eve argues this is where identity standards and interoperability prove their worth. Without them, executing someone's digital wishes becomes a mess.
Hear the full conversation
In addition to these highlights, the full episode covers everything from Eve's origin story in identity standards and how the Sun-Microsoft interoperability demo that helped establish SAML, to why she wrote her entire book without using AI (and a lot more).
If you work in identity, watch the episode to hear Eve’s advice for the next generation of practitioners and how she thinks about the product owner mindset in practice.
Back to Blog
-1.png)
