IAM-HER Profile: Heather Flanagan, Principal, Spherical Cow Consulting

Subscribe for more like this


By Heather Berry, Writer, InCommon

Editor’s Note: For National Women’s History Month, we are recognizing the women of IAM-HER, a community of women working in identity and access management (IAM) in research and education. Many of the women interviewed were pioneers in the field and carved out new roles for themselves during the dot-com explosion in the 1990s and early 2000s.

Photo of Heather Flanagan
Heather Flanagan

Since beginning her career in the 1990s, Heather Flanagan has worked with organizations like the IETF, DIACC, Duke University, Stanford, and Internet2. Flanigan’s specialties include working group coordination, technical writing/editing, internet standards development processes, collaborative organization coordination, and digital identity. After graduating from college, IT wasn’t her original career field, and with it came a significant learning curve. 

Flanagan was up for the challenge and believes other women should be too. “I hear a lot of women say, ‘I’m not technical. I couldn’t do what you do,’” she observed. “Well, I’m sorry, but I wasn’t technical either when I started. I have great logic skills and great communication skills. That’s all you needed in a new industry [just] starting up.” 

In a recent interview, Flanagan, who is a principal at InCommon Catalyst Spherical Cow, offered additional insight into who she is, what she does, and why.

Q: Could you share a little bit about what you do?

A: I am an independent contractor, consultant, freelancer, etc. All those terms apply because it kind of depends on what a particular client wants me to do. For me, the theme that draws it all together is asking myself, What can I personally do to make the internet better? The question becomes really interesting because I can’t code myself out of a wet paper bag. Really. I am not an architect. I don’t see visions of how technology can be. I don’t have any of those skills. I was supposed to be a librarian when I grew up. My undergraduate degree is in medieval English history. So, what can someone like me do to make the internet better? Turns out, someone like me can do a whole stinkin’ lot to improve the internet.

Q: Like what?

A: Well, while the engineers and the architects and those folks, they’re brilliant, they’re wonderfully brilliant, but they’re not the most organized people I ever met. Nor are they the most adept at relating with other people. They explain the direction to me, generally, and I’m very good at understanding patterns. I can, then, act as a sort of buffer between them and the rest of the world. I help translate what these folks are doing into something others can read. Plus, I add a sort of executive oversight to keep the entire process organized. Or, I might be just the copy editor. It depends on what the client needs. 

Q: How did you end up in this field?

A: Well, it started back in the mid-1990s. It was the dot-com era. I graduated from UNC Chapel Hill and ended up finding a job at a privately-owned newspaper, The Raleigh News and Observer. The paper was joining the web because it was the cool thing to do. And, even though I was hired as a researcher, I quickly ended up in tech. At the time, nobody was trained in tech. There were theoretical computer scientists, but no one you could hire off the street trained to handle a bulletin board system or someone who knew how to handle an email system. Training in operating systems wasn’t a thing yet. The paper was looking around and asking, ‘Who do we have that’s reasonably intelligent?’

They said, ‘Hey, could you take over managing our bulletin board system?’ and I said, ‘Does it come with a book, a manual, or something I could study?’

I started doing this work in October and by January they had an opening for a UM System Administrator. I was moved from public research into an actual tech role. Next, I was asked if I could manage the paper’s domain name system, and I said, ‘Does it come with a book?’ In February, the newspaper asked if I could manage the mail system. I said, ‘Just give me the book.’ I got the book, and I’ve never gotten out of tech since.

Q: How did this experience evolve into what you do now?

A: I was a system administrator and operator for a solid five or six years. Then, I was hired at Duke University as a system administrator and worked in this role for about six months before hopping onto the management track. I was the senior manager of systems at Duke University for several years before moving over to Stanford University, where I was director of systems.

I was laid off around 2010 and looked around, but nobody had a job, even though I was pretty well-known in the university internet community. There turned out, however, to be plenty of bits and pieces of work. For example, there was someone with an NSF grant who needed some project management help. Someone else who had an Internet Society project and lots of little bits of work. 

I looked at all these pieces of work and said, ‘Well, this is kind of fun. This is really cool.’ And, that’s how I built what I do today. I looked where I could actually make an impact. In some cases, I’ve been fortunate. When I could see I’d be able to make an impact at a particular place, I just walked up to them and said, ‘Hire me. I can help you with this.’ The answer has usually been, ‘Oh my God, we really need you.’

Q: What is the most rewarding aspect of your position? Can you think of an example?

A: Yes, earlier this month! At the 2022 Internet2 Technology Exchange last December, we were discussing what can browsers do to help prevent tracking on the web without breaking federated login. How can we work with browser vendors to work on this problem? This is a really, really hard technical problem to solve. I inspired enough people, in part at the exchange, to continue the discussion, and we met physically in Mountain View, CA, to work on proposals.

Now, I don’t know if the proposals will ultimately fly, but we had two proposals after two days. Both of these proposals are technically reasonable and something [that made] the browser vendor folks say, ‘We can continue this conversation. I see how this could work.’ That was huge. If and when that actually moves forward, I mean that’s making the entire web experience safer for users. Yeah, I facilitated that. 

To learn more about IAM-HER, visit the website


IAM-HER: Supporting Women in the R&E Identity and Access Management Field