If there’s one thing that we can rely on the Mission: Impossible movies to deliver, besides awesome shots of Tom Cruise running like only Tom Cruise can, it’s the use of technology as a core part of the Impossible Mission Force’s plan. These plans often involve bypassing security systems or fooling opsec in a way that plays with identity. Your mission, should you choose to accept it, is to join me as I show how the M:I series has some pretty interesting lessons on how to do identity-based security right (or wrong). There are misconceptions about identity technologies that many security and even identity professionals have today, that the (non IDPro) writers of the series have figured out, and have used to great effect in creating the thrills of the M:I movies. Looking past the action, there are same great lessons we can all take away that can make our security programs better, help our organizations avoid some common (and costly) mistakes, and keep any potential Ethan Hunt’s out of your business. And unlike those coded messages, these lessons won’t self-destruct in 5 seconds. (Vision & Strategy, Standards, Architecture & Deployment, Security, Nishant Kaushik)