Zero trust means any user or device trying to access confidential data cannot and should not be trusted by default, even if they work for the company.With all of the changes developing over the last few years, a new mindset is being adopted by many organizations: “zero trust.” Zero trust means any user or device trying to access confidential data cannot and should not be trusted by default, even if they work for the company. When discussing zero trust with Bill Rodriguez, the leader of our Corporate IT team, I asked him how you go about implementing a zero trust Framework. Bill's insights are below: You probably wouldn’t let a random person into your home without questioning if they had a key and said, “My name is John and I have a key to come in." As a business that serves hundreds of financial institutions and handles sensitive data for millions of users, how do we know a person making an authentication request is truly one of our team members and not a bad actor unless they validate their identity using the three core factors of authentication: something they know (a password), something they have (a device for multi-factor authentication), and something you are (by leveraging biometrics on your devices)? The answer is a “zero-trust” security strategy. A zero-trust security strategy isn’t about a lack of trust in our team members; it’s about “verify before you trust.”
A zero-trust security strategy isn’t about a lack of trust in our team members; it’s about “verify before you trust.”
We implement a zero-trust security architecture by phasing deployment to focus on the three core factors of authentication, implementing risk-based access policies that enable our users to validate their identities based on context, and enabling an adaptive authentication model that provides a frictionless experience to Q2 employees.
Okta is at the core of our zero-trust strategy. We are currently embarking on the journey of implementing the final stage of our zero-trust architecture to securely enable an adaptive global workforce to authenticate securely and seamlessly from anywhere and at any time.
There is a balance between security and convenience, but by implementing a zero-trust framework, you can significantly reduce the threats of data loss and insider threat risks while still providing easy and convenient access to your employees. Join me next week as I discuss how Q2 goes about protecting a financial institution’s brand with our multi-layered security approach by detecting anomalous transactions.
Thank you and Happy Cyber Security Month.