Over a million developers have joined DZone.

Security Evolves Into Identity

DZone's Guide to

Security Evolves Into Identity

We are facing an identity challenge today and someone needs to step up and take responsibility for fixing it for the good of everyone.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

Informative keynote by Todd McKinnon, Co-founder and CEO of Okta at their user conference, Oktane18

Identity was a big enough problem to focus on when Todd and his co-founders started Okta in 2009. In 2018, identity is still underappreciated and Todd and Okta believe it is the challenge of our time.

When we move and get a new credit card or a new computer, why do we need to go to 60 different websites and change our information? Why are they not connected? Why are they not integrated? It’s an identity challenge.

Our confidence in technology and organizations is being eroded every time we're asked to update software or re-enter information. Organizations are missing out on innovation and how tech can be used for good. Identity is the responsibility of every organization.

Theresa Castel, V.P., Technology – Identity and Access Management at American Express. Theresa and her team are responsible for mainframe and distributed access. This is identity on a macro and micro level preceding access and transactions. Money movement on demand must be secure. American Express has to get identity right for its business and its customers. They treat identity as a separate concern from access. They make insider threat assessments for access to their systems on an as-needed basis. Access is also determined by relationships between identities. Identity must be immutable.

Todd's advice for IT professionals:

  • Have a voracious appetite for all things identity.
  • Be aware of a world of constant changes and threats.
  • Know that you are an enabler of the business and defender of the brand.
  • With competing demands, identify high-value activities.
  • Explain the value of identity to your business leaders.
  • Partner with the best and hire the best in the industry.
  • Have a demonstrable track record of building and releasing secure apps and APIs.
  • Reduce risk.
  • Improve customer experience (CX).
  • Enable everyone to use any technology - think open.
  • Remove barriers and friction.
  • Connect everything at a deep integration level.
  • Build to be future-proof.
  • Have a center of gravity with which to manage – identity like the Okta Identity Cloud which provides:
    • An independent platform.
    • Supports multiple products.
    • Flexible configurable.
    • Connects everything, and simplifies and reduces friction.
    • Provides secure, seamless technology experiences.

The Okta Integration Network provides cloud access security brokers, network security via PaloAlto and Cisco, more than 130 applications, and API gateways like MuleSoft and Apigee.

All of this is "best of breed" by necessity: core identity services, authentication, directory, authorization, synchronization, access policy, user management, single sign-on, universal directory, lifecycle management, adaptive multi-factor authentication (MFA), and API access management.

Okta is striving to provide network effects the same way cloud platforms have by providing more value for more users. The more customers Okta makes successful the more integrations are built to the platform. There's a network effect around security – the more secure Okta can make the network, the more data they can handle and the more they can package and provide tools to improve CX.

Identity is the challenge of our time. It’s threatening democracy. It's eroding confidence in technology. Innovation is at risk. We need a new universal identity standard. There is no standard written down. Okta wants to build a de facto standard the way Apple did with the iPhone for all other mobile phones.

There will be a common set of design standards that are personal, trusted, independent, and flexible. It’s how the Okta identity cloud was built. Okta is taking responsibility for identity to help technology reach its potential.

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

security ,identity ,angular 4 authentication ,authorization

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}