Recent Activity

June — Issue #1

8,809 Institutions Rotated Their Canvas Tokens. Who Governs Them Now?

Precise assessment of what Microsoft's Entra Agent ID governs and where it stops, measured against the credential surfaces the Canvas breach actually exposed.

Breach Architecture and Competitive Gap

The Trust Boundary That Wasn't

Forensic analysis of how Canvas's freemium trust boundary and ungoverned credential architecture turned a breach into proof of the campus NHI governance gap.

The Scenario-to-Discovery Chain

After the Rotation — The Campus Identity Exposure Canvas Remediation Made Visible

Discovery chain turning post-Canvas credential rotation into buyer-led NHI governance conversations, with tier-qualified questions that let the CISO name the gap.

Regulatory Stack, Community Stack

The Research CIO's Community Stack

Mapping the federation, threat-sharing, and identity proofing conversations your R1 CIO carries from ACAMP, REN-ISAC, and InCommon into every vendor meeting.

Regulatory Stack, Community Stack

The Research CIO's Regulatory Stack

Briefing the overlapping NSPM-33, CMMC, and budget pressures compounding on R1 CIOs so reps understand the full compliance pile.

The Behavior Translation

Quoting "July 2026" Tells a Research CIO You Haven't Done the Work

Corrects the single-date NSPM-33 trap by arming reps with agency-specific deadline fluency that earns research CIO credibility.

Compliance Forcing Function

NSPM-33's Staggered Deadlines and the Identity Architecture Gaps They Force Open

Maps NSPM-33 agency deadlines to identity architecture gaps, arming AEs with tier-specific conversational entry points at covered institutions.

Competitor Scope Gaps

Federation Is Foundational. Lifecycle Governance Lives Somewhere Else.

Examines why Shibboleth federation, respected and necessary, structurally cannot close the lifecycle and NHI governance gaps campuses face now.

Competitor Scope Gaps

Entra Agent ID Covers Microsoft's Agents. Campus Runs More Than Microsoft.

Maps Entra Agent ID's automatic governance boundary against the campus stack and shows where non-Microsoft agents remain ungoverned.

The Scenario-Conditional Battlecard

Entra ID Battlecard — What "Identity Is Covered" Actually Covers

Scenario-conditional competitive guidance for Entra ID deals, organized by institutional maturity state and anchored on application-layer governance gaps.

June — Issue #0

The Community Is Talking; Thales Is Restructuring

Ping/ForgeRock Under Thales, 18 Months In: What Tier 1 Institutions Are Actually Experiencing

The Community Is Talking; Thales Is Restructuring

What the Higher Ed Identity Community Is Actually Saying About NHI Governance

The Gap at Two Tiers

Nobody Owns the Identity Your Retention Platform Runs As

The Gap at Two Tiers

The Credentials Your HPC Cluster Is Minting Without You

Colleen Birch Halvorsen

Colleen Birch Halvorsen spent her twenties managing a SimpleSAMLphp deployment and InCommon federation participation at a regional state university in Minnesota, then moved to a SLED-focused security advisory firm writing competitive assessments and vendor evaluations for university CIOs. She later covered identity management, cloud security, and federal compliance for Dark Reading and Campus Technology. Her reporting on CMMC implementation timelines and downstream effects on university research computing was cited in EDUCAUSE Review. She writes for people reading between meetings: declarative sentences, action before context, explicit tier qualifications, and confidence labels when speed outruns certainty. She holds a CISM and a part-time master's in public administration with a higher education concentration.