|

Isidro's picture

Isidro Rodríguez

I've spent 19 years as a systems engineer and the last decade focused on Identity and Access Management — most recently administering Okta and building no-code automations at Remitly's scale.

Identity is where systems either hold together or quietly fall apart. The same automation that saves your team 20 hours a week is one forgotten API key or one over-permissioned service account away from being a headline.

Most small businesses are getting into AI and automation without anyone in the room asking the hard security questions. Enterprises pay people like me to ask those questions. Small businesses can't — and shouldn't have to.

I write about what enterprise IAM gets right, what small businesses can borrow from it, and how to build automations that survive both an audit and a breach.

Strong opinions. Working code. No vendor cheerleading.

Expertise.

Enterprise-grade thinking, sized for growing businesses. I help small and mid-sized teams figure out who has access to what, lock it down, and automate the boring work without opening the door to a breach. The frameworks come from the enterprise IAM world — PCI-DSS, HIPAA, GDPR, FISMA, Zero Trust, joiner-mover-leaver — but the recommendations are calibrated to what a 10-to-200-person company can actually execute.

The flagship offer — the Secure Identity Posture Assessment — is in development and launches Q4 2026. Until then, follow the writing and the open-source work below.

Perspectives.

New writing on Identity & Access Management and secure automation is on the way. Below are earlier essays on cybersecurity fundamentals — NIST frameworks, threat landscapes, and the basics every growing business should understand before the IAM conversation starts.

AI coding agents are unmanaged identities
The AI cybersecurity arms race
The NIST Risk Management Framework
Implementing the NIST Cybersecurity Framework
The eight domains of cybersecurity
Cybersecurity is more than just a buzzword

See all writing →

Get in Touch.

Reach out about IAM, secure automation, speaking, or collaboration. I read every message — replies on a best-effort basis.