CNME Deputy Editor Giorgia Guantario sat down with Justin Doo, Territory Manager for the Middle East, Turkey and Africa at Okta to discuss the future of passwords, the importance of a Zero Trust approach and most importantly, what the company does best – identity.
A recent study by IDC shows that between 2018 and 2022, IT-related spending on digital transformation will touch $7.5 trillion. How do you think organisations will adapt to these changes and what challenges will they face?
Digital transformation is a process, not a product. Nowadays every organisation either is, or should be, a technology company. Many of the world’s top companies no longer even have any physical infrastructure. They’re mostly cloud-based. Take as an example Uber or Airbnb – they are organisations utilising best of breed cloud technology to deliver their services. In this region we see a similar breakthrough in the hospitality and entertainment industry, but many other are starting to move in this direction. Those who aren’t, will have to constantly look over their shoulder at who may be moving into their space with this new transformed model – a model that is all about user experience.
We are all consumers and we now vote with our thumb. If an application is not intuitive or good enough, nine times out of ten we’ll just delete it and move onto the next one.Many organisations are trying to move forward from an advisory perspective, but they’re not necessarily delivering the experience consumers expect.
Identity is one of the key challenges organisations face and that is our main focus at Okta. Companies become the custodians of people’s identity, and as such they have huge responsibilities. This is why so many organisations rely on us to provide a secure and resilient identity platform. Moreover, we have tens of millions of authentications coming in from around the world, providing a vast pool of information. We’re cutting off threats before our customers even know they exist.
For many businesses a username and password are the only barriers between a security breach and their data. How can Okta help organisations improve their security beyond this?
Passwordless authentication is no longer just a thing of the future, it is quickly becoming reality. Passwords as we know them will eventually become redundant mainly because the credentials entered in a public domain are the main target of breaches. We have to start removing that threat. Consumers have a much bigger online presence now than they used to. Ten years ago we might have had three or four online accounts; now we have three times that number, each needing a different authentication. As an industry we have to make it easier for the customer to stay safe without compromising their experience. If we fail on this front, we risk a slow-down in cloud adoption.
Unfortunately, the more organisations try to make quick, cost effective fixes, the more risk there is for a breach. Brands can lose the trust that they have spent years to build in a matter of seconds. We have all seen organisations that have tried to move too quickly and got it wrong. It is imperative to choose the right partner to help you achieve the right safety standards for your organisation and to appreciate the very real benefits offered with a buy vs build approach.
Can you explain what a Zero Trust approach is and why it’s important for organisations to implement it?
Zero Trust, just like digital transformation, is a process. It’s an extension of what we all recognise as the security building block. Ten years ago, organisations were still implementing firewalls to protect and define where their networks stopped. However today it’s very difficult for an organisation to define where their reach ends, as we connect to its network from a myriad of devices. The Zero Trust principle just means that unless an organisation can identify who someone is very quickly, independently of who they say they are, they’re not to be trusted. This means analysing and questioning aspects like user’s behaviour, location, device usage, time of day, last login and so on. Organisations need to put an extra layer of challenge into their authentication model in order to be safe.
One of the main goals of digital transformation is to leverage technologies to create a better experience for external customers. Do you think CIOs should also focus on reshaping internal processes and technology landscapes for their internal customers, these being their employees?
“Clever” companies are looking very closely at their relationships with their employees. Working for an organisation that has better benefits, for example, encourages employees to be more productive. Companies like this are looking at their onboarding process and how to create a productive environment from day one. As an example, when you join a company that’s using Okta, you can start being productive within half an hour of starting.
The Okta portal gives you access to organisational structures, online storage, email account, CRM tools and so on – all while only using one authentication system. Every time an employee logs on after that, the applications are what we call “federated” – you can only access them within the Okta portal. Organisations can make the onboarding process easier and more secure, while also making the employee feel more valuable. By partnering with us, companies benefit from increased security as well as ease of use for their employees.
In the past couple of years, we’ve seen more and more organisations investing in data centres in the region – Microsoft being the latest one with the launch of two new data centres in the UAE. How do you think this will help organisations move forward in their digital transformation strategy?
I think the change will be significant. The public sector in the region demands to have their data within a geographic boundary they can control. This includes healthcare and education records for example. In terms of moving from hybrid and private cloud into local cloud services, I believe companies such as AWS or Microsoft will enable economies and businesses to grow. This will in return put higher requirements on Okta – we’re completely vendor agnostic and we act as an integration layer. We connect everything to everyone.
Okta has six and a half thousand pre-integrations on our platform, from Microsoft O365 to Oracle Cloud. We’re not dedicated to a particular vendor or a particular stack of tech. As more organisations start their journey to cloud, we’re going to be able to offer them the necessary speed of implementation. We understand many organisations are looking at time to value and want to be up and running as soon as possible. In today’s world, nothing stops and even seconds make a big difference.