With a client list reading like a ‘who’s who’ of the world’s biggest companies they needed keynote speakers to match and at Oktane19, as always, they didn’t disappoint.
Top of the bill was the demi-god that is Sir Tim Berners-Lee, inventor of the World Wide Web. A close second was the ridiculously talented actress, producer and humanitarian Viola Davis and last but most certainly not least was security expert Frank Abagnale who was, in a previous life a con man, cheque forger and imposter, portrayed by Leonardo Di Caprio in the 2002 movie Catch Me If You Can.
It was held at the George R Moscone Convention Center in San Francisco over four days at the start of April and the overarching themes of the conference were identity, security, digital transformation and zero trust.
As always, there were some big announcements and we won’t keep you in suspense any longer…
Come On, Tell Us…
First off, a teaser. ThreatInsight, where companies will be able to use Okta’s contextual access management to eliminate the login password as a primary factor of authentication, introduced at Oktane18, is nearing a production roll-out.
Next is Advanced Server Access which manages access to cloud servers and infrastructure as well as on-site Windows and Linux servers.
‘We knew we could do more to protect our customers’ most precious assets — their servers — so we created Advanced Server Access to bring continuous, contextual access management to secure cloud infrastructure.’
Todd McKinnon, CEO & Co-Founder, Okta
This comes off the back of Okta’s July 2018 acquisition of zero trust pioneer ScaleFT. Not technically a privileged access management tool which focuses on server and infrastructure overloads but there are certainly some functionality overlaps and it uses zero trust and contextual access.
Talking Of Zero Trust…
…what actually is it?
In a nutshell according to cloudflare, ‘Zero trust security is an IT security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter. No single specific technology is associated with zero trust; it is a holistic approach to network security that incorporates several different principles and technologies.’
Okta’s philosophy is ‘When people are the perimeter, identity becomes the foundation of a zero trust strategy.’
It’s a term that everyone seems to have latched on to, even though in a round table with co-founders Todd McKinnon and Frederic Kerrest, the former was surprised that many people had even heard of it, or at least claimed to!
In Okta’s Digital Enterprise Report, 34% of respondents (all of whom come from organisations generating at least $1 bn of revenue) were actively implementing a zero trust strategy with a further 26% investigating how to develop a zero trust strategy.
In a session led by Palo Alto Networks, they looked at the four areas businesses need to focus on –
- Business Outcomes – do you have sensitive data and what are the costs if it gets leaked
- Design – what are the surfaces that need most protection
- Access – who needs it and consider the principle of least privilege
- Traffic – inspect and log from devices and a network posture standpoint
We’re happy to discuss your own zero trust strategy with you so contact us for more information.
Another biggie at Oktane19 and even though it’s not available until later in the year, their Risk-Based Authentication feature uses machine learning and evaluates a company’s authentication data to help them develop risk profiles (high, medium, and low) and authentication strategies. For example, if a user wants access to more regulated data, perhaps they must use U2F, while a medium risk profile only uses a push notification, while low could potentially be a password-less login.
Sadly we didn’t get out to San Francisco this year but we may do next year. In the meantime, for all things cloud-related, email us today on firstname.lastname@example.org or call 020 7078 0789.
Photo Credit: cybrain