August 29, 2019
Zero Trust

Next-Gen Access and Zero Trust are the PB&J of Security

Corey Williams – Idaptive
Corey Williams Vice President, Marketing

Next-Gen Access is the perfect technological partner to a Zero Trust approach because its sole purpose is to reduce friction, add efficiency and increase capabilities.

Zero Trust and Next-Gen Access

I recently wrote about how to deal with old technologies when a company is switching to a new security philosophy (tl;dr: Don’t just rip and replace!). Today, we’re going to look at the other side of the same coin. What happens when an organization is ready to achieve Zero Trust nirvana – that sought-after state of freedom from suffering and rebirth every CISO and IT pro spends their lives trying to achieve?

There are two planes that lead to this bit of transcendence. The first is philosophical, which we’ve discussed: A reckoning that the current security strategy isn’t good enough, and having the entire security team fully bought in to Zero Trust. The second is technological and it’s called Next-Gen Access

Next-Gen Access is a technological approach to identity and access management (IAM) that marries modern single sign-on (SSO), adaptive multi-factor authentication (MFA), provisioning and lifecycle management, endpoint and mobile security, and user behavior analytics into one platform. It’s the perfect technological partner to a Zero Trust approach because its sole purpose is to reduce friction, add efficiency, and increase capabilities. 

Next-Gen Access solutions are better equipped to enable a Zero Trust approach to access with advanced capabilities that intelligently determine the authenticity of a digital user and their device, govern access across an organization’s resources, and react when risky behavior is detected. This bolsters an organization’s security posture while also improving end user experiences, making everyone more productive.

It’s a platform approach to security, combining all the tools necessary to create a true Zero Trust environment, with the added benefit of integrated out-of-the-box, day-to-day management features and a synergy between all the tools on the platform that enable things like broad contextual awareness, increased automation, and real-time decision making. 

Next-Gen Access provides three main benefits when paired with Zero Trust:

 

  1. It vastly improves user experience. Traditionally, adding more authentication factors increases security, but also increases friction, making the people using the apps and services less happy, less productive, and more prone to poor security hygiene. Next-Gen Access is able to marry three separate technologies (single sign-on, adaptive multi-factor authentication and user analytics) to discover the context around areas where additional friction should — and most importantly, should not— be added. Is this person using an app or service in a different way than they usually do? Are they in a location they’ve never been before, or on a device that’s never been used to log in? If the answer is yes to any of these, the risk is increased and the system can throw up an additional level of verification. If not, then the risk level is decreased as they most likely are who they say they are and can smoothly use the app without having to log in, creating a frictionless experience.

  2. It’s easier on IT. Reducing the burden on IT is an almost universal goal in every company. After all, what’s the goal of an IT business unit? They are not in the business of making things harder for people. They help facilitate new approaches to business, digital experiences and so on. Next-Gen Access gives them time for that, rather than writing and managing access to myriad static access rules. There’s also the opportunity cost from not having to invest time and money in a Frankenstein identity solution when Next-Gen Access is integrated under one umbrella. One set of tools to implement, configure and roll out. And an added bonus: buying from one vendor is almost always cheaper.

  3. Next-Gen is where the best and most recent thinking is happening. Innovation is not happening for on-premise software and appliances – those will always provide the same, static experiences for IT and users. Developers and IT are focused on Next-Gen Access solutions where they have the ability to use things like artificial intelligence, massive data pools, and seamless interoperability between thousands of cloud apps to build things like automation, deep context, and more into apps and services.

 

Think of Zero Trust and Next-Gen Access like you would a road trip. Zero Trust is the map that tells you how to get to where you want to go, while Next-Gen Access is the car. It’s easier and more comfortable to get into a brand new Audi, get up to speed, set the cruise control and go than it is to drive an old Volkswagen Bug with a stick shift. (Or worse, buy a separate engine, body, wheels, and seats from different vendors and “integrate” your own car.)

Most importantly though, a Next-Gen Access approach frees up IT to be an enabler. We in the security business sometimes get stuck on stopping breaches as the end all to be all. That’s obviously important, but what happens after the breaches are stopped? The focus then needs to turn back to helping the business — the original purpose of IT. Next-Gen Access helps make the security aspect of security solutions fade into the background so the enabling aspect can come into focus and become a foundational piece for new customer experiences or new ways to think about identity and how it can enable productivity.

That’s what I call nirvana.

*****************************

More in the series:

What Is Zero Trust And Why Is It So Important

Like the Night King, Perimeter Defense Is Dead

Imposter Syndrome: Why You Can't Separate The 'Good Guys' From The 'Bad Guys'

Passwords Are Just One Piece of The Cybersecurity Puzzle

 

Corey Williams

Corey Williams – Idaptive
Corey
Williams
Vice President, Marketing

Corey Williams is the Vice President of Marketing & Strategy and lead evangelist for Idaptive, leading all marketing functions, as well as market development and strategy. Corey served as the Senior Director of Products and Marketing for more than a decade at Centrify where he was the visionary behind, and the first product manager of, the set of products that were ultimately spun out of Centrify to become Idaptive, including leading SaaS services for Single Sign-on (SSO)Adaptive Multi-factor Authentication (MFA)endpoint and mobile context, and User Behavior and Risk Analytics (UBA).

 While at Centrify, Corey defined and brought to market seven net-new product offerings directly contributing to the growth of the existing customer base from less than 400 customers to over 5000 customers. He also led efforts with major industry analysts that directly resulted in Centrify being named as a leader in all of the major analyst reports including the Gartner Magic Quadrant and Critical Capabilities reports for Access Management, Worldwide; Forrester IDaaS Wave; KuppingerCole Cloud MFA Leadership Compass; and Network World Clear Choice Winner for Single Sign-on Solutions.

Corey is a frequent speaker and commentator on IT Security and IT Management. He has authored several publications, including “Zero Trust Security for Dummies”, a leading guide for enterprise managers.

Prior to Centrify, Corey led products and marketing for SpikeSource (acquired by Black Duck Software), Syndera (acquired by Tibco), and Journee Software (acquired by Initiate Systems). Earlier in his career, he managed pre- and post-sales consulting for Active Software (acquired by webMethods). 

Corey holds degrees in Mathematics (BS) and Computer Science (BS) from New Mexico State University, as well as an MS in Engineering and an MBA from San Jose State University. 

CHAMELEON-LIKE SUPERPOWER

If Corey could have any chameleon-like superpower, it would be the chameleon's tongue, which is ridiculously fast. Some of the world's smallest chameleons have the world's fastest tongues. In automotive terms, the tongue could go from 0 to 60 miles per hour in a hundredth of a second! “I would be able to complete webinars in 4.5 seconds instead of 45 minutes!”