Recap: “Move fast, don’t break things!” Securing Multi-Cloud Remote Work

SINC_webinar

Frederico Hakamine – Group Technical Marketing Manager, Okta

Ben Sabrin – VP Advanced Server Access, Okta

Host: Daniel Zierk, SINC USA

Now available on-demand, last week’s webinar offered a detailed look at efficiently securing multi-cloud remote work, with an in-the-field look at the specific use cases of clients Zoom and jetBlue. Putting identity to work for you—partnering Okta with AWS, for example—generates the ability to ‘move fast’ in adopting new IT systems/tech without creating new problems. Toward the end of the session, Frederico and Ben presented attendees with a detailed action plan outlining key maturity curve milestones and designed to be functionally useful regardless of chosen vendor.
If you missed the session and want to maximize your on-demand viewing, here’s an event recap with key takeaways and timestamps for conversation highlights. 

Digitization and remote work accelerated IT 

Acceleration and digital transformation are not news, but the scope of impact is exceptional: last year’s events resulted in a sixfold acceleration of digital offerings. Projects were executed up 20 times faster (when comparing expectation with delivery). The growing permanence of remote work is just one example of how trends that began as “COVID fixes” are transforming into normal business operations. 

Acceleration drastically expanded the threat surface

We saw an increase in third-party relationships, different vendors with different levels of access and security. Compounding issues also made things more breakable: technical debt, SaaS self-service, on-prem, and the war for talent. Within this context, stolen credentials are an integral part of the vast majority of threat chains. 

81% of breaches are caused by stolen or weak credentials.

Key drive at Okta seeks to minimize the attack surface by eliminating unnecessary credentials—reducing by amount and by location. To accomplish this, access must be consistent, simple, and with minimal hurdles for user.

Discussion Highlights

  • Strategy behind excellent user experience  [ 11:45 ]
  • Good security should be invisible  [ 13:32 ]
  • Keep builders happy—both to maintain security and retain talent  [ 13:58 ] 

    “In the age of the cloud most of your users are builders. And when you put the wrong controls in front of builders, you create opportunities for builders to find a way to circumvent the illustrious controls you’ve put in place.” – Ben Sabrin

  • Extending identity across the AWS stack  [ 19:33 ] 

    Securing using access gateway allows you to secure more traditional apps without having to change code on those systems.” – FH

  • Solving compelling events  [ 21:00 ] 

    Such as DevOps automation, privileged access, retiring legacy on-prem services, new or in-process compliance initiatives

  • Specific business value outcomes  [ 22:04 ] 
  • Client use cases: Zoom, jetBlue  [ 23:45 ] 

    “Most people don’t understand Zoom used to run mostly in their own data centers…When Covid happened, they literally couldn’t buy racks of servers fast enough—more importantly, they couldn’t fly anywhere to meet the equipment to install and kickstart the machines…” – Ben Sabrin

  • Baseline step-by-step action plan with key milestones  [ 27:20 ]