Identity and Access Management

Identity and Access Management
Is SASE/SD-WAN a foolproof solution for ensuring remote workers access your system securely?

Top Answer : We used Okta with Device Trust and that works pretty well for ensuring that people are accessing at least some of the applications from devices that we manage. That works well for the most part. Of course, there are super smart people that can figure their way around it. It's not bad, but the new chip added to the latest Mac OS has thrown some kinks in that. They're going to be re-releasing all of Device Trust.

Does your organization use any virtual desktop interface (VDI) solutions for securing remote workers?

Top Answer : We have 15 employees but about 25 developer contractors all over the world. And since we don't have money right now we're using Amazon Workspaces. Then, we limit the IP addresses to only work from that to Okta. So, the only way they can access our resources is if they log into their Amazon Workspace—they can do their stuff and we have control of the whole thing. It's a cheap and dirty way to do it.

What do you trust more and are implementing today - Multi-factor authentication or single-sign on ?

Top Answer : I do both not only from security perspective, but also for the ease of access for users (SSO). 

608 views
4 comments
4 upvotes
Related Tags
What are your thoughts on SaaS management platforms (SMP)?

Top Answer :

11 views
0 comments
2 upvotes
Related Tags
Business Application Development
Architecture & Strategy
Maintenance
Requirements & Design
Testing, Deployment & QA
Mobile Development
Development
Selection & Implementation
Business Analysis
Applications Vendor Landscapes
Optimization
Backup
Data Center
Public and Hybrid Cloud
Telephony
Network
Compute
Storage
Business Applications
Cloud
Crisis Management
Data & Business Intelligence
Artificial Intelligence
Business Intelligence Strategy
Data Management
Enterprise Integration
Integrations
Machine Learning
Governance
Data Lake
Big Data
Data Warehouse
Disruptive & Emerging Technologies
5G
Blockchain
Cryptocurrencies
Virtual Reality
IoT
Reality
Digital Innovation
Bots
Augmented Reality
End-User Services & Collaboration
Collaboration solutions
End User Equipment
End-User Computing Devices
Endpoint management
Productivity tools
Document Management
End-User Computing Applications
End-User Computing Strategy
Mobile
Voice & Video Management
Continuous Integration
Technical Product Management
DevOps
Continuous Deployment
Development
Quality Assurance
Customer Relationship Management
Enterprise Content Management
Customer Success
Enterprise Information Management
Finance
Enterprise Resource Planning
HR
Legal
Marketing Solutions
Retail
Human Resource Systems
Marketing
Product Recommendation
Sales
Risk Management
GDPR
SOX Compliance
Governance, Risk & Compliance
Infrastructure & Operations
Cloud Strategy
I&O Finance & Budgeting
Operations Management
Network Management
DR and Business Continuity
Server Optimization
Leadership
Attract & Select
Cost & Budget Management
Engage
Culture
Manage Business Relationships
Innovation
Organizational Design
Program & Project Management
Train & Develop
Values
Talent management
Performance Measurement
Organization Structure
Manage & Coach
Availability Management
Financial and Vendor Management
Reporting
Service Desk
Management Tools
Enterprise Service Management
People & Process
Process Management
Asset Management
Project & Portfolio Management
Portfolio Management
Project Management Office
Pulse
Security
Confidentiality, Integrity, Availability
Secure Cloud & Network Architecture
Endpoint Security
Data Privacy
Identity and Access Management
Security Operations Center
Security Strategy & Budgeting
Security Vendor Landscapes
Threat Intelligence & Incident Response
Threat & Vulnerability Management
Vendor Management
Infrastructure Vendor Landscapes
Budgeting
Roadmap
Outsourcing
Strategy & Operating Model
Business Continuity
Architecture Domains
Strategy
Tool Recommendation
Is phishing still a major focus at your organization?

Top Answer : We conduct phishing exercises throughout the year. There is a simulation running every day, hitting different people of course. I use these to draw metrics and see who is the least resilient to phishing, which tells me who the high-risk staff members in the organization are. If I want to go the route of taking backups then that is my driver because if I start taking backups for everyone, it is very difficult to manage.

Where have you faced the most resistance when it comes to implementing zero trust policies?

Top Answer : Zero trust has been around as a concept now for 5+ years. And every single time I've tried to implement it, it’s never worked. Because every time we've reduced the footprint down to zero trust, the people who tend to be the most vulnerable always complain. The CEO’s calling you on their trip to Hong Kong saying, "I don't understand, why can't I access my email? Why can't I get access to this SharePoint site?" You’re like, "I had zero trust and you're in a new place so you have to re-authenticate yourself." But then they don’t have their dual factor and so on. Pretty quickly we get an edict not to put these measures in place for the executive team. But of course, the executive team is the most vulnerable. So how do you work around human psychology in that regard?

How can technology leaders stifle the potential for insider threats?

Top Answer : Most of the breaches happening have been process-related for the most part. If somebody was actually doing the right thing by monitoring code access and data access, most of them wouldn't have occurred.  I think every one of us knows that while the cloud is fantastic for many things, it really has become far more complex over the last couple of years with all the different products and services being run. And at least for some of my past roles, the cloud is now the primary delivery mechanism for customer or consumer-facing information and applications, making it that much more important that it's secured appropriately versus something that’s more internally-focused.