2U
Andreu expresses that he never loses sight of the idea of software elements as having identities , “ because ,” he says , “ if you think about machine-to-machine communications at an API level , there ' s no human involvement at all in that process , and so it really needs to be thought of in that way .” really not just a user . Yes , a user does have an identity , but from an IAM perspective , a machine also has an identity – and even certain elements of software have identities .” This is an interesting approach .
“ This ,” he says , “ is all very important if you start thinking in terms of implementing future zero-trust environments , because identities are obviously at the heart of zerotrust , and so we ' re pushing into that space rigorously . From a user-identity perspective , I can tell you that we ' re already on the journey to go passwordless and that ' s an important part of the access aspect of the IAM framework .”
Layers of Security and the Locus of Defence I begin to wonder whether a completely secure network is even possible , especially in the face of greater interconnectivity and the data explosion that ’ s taking place on such an unprecedented scale . So I asked him , and his answer was rather stringent , but honest .
“ I think network security is just nonexistent at this point , and anybody that thinks their networks are secure is , in my opinion , delusional . Think about it . Our perimeters have disappeared , just as the traditional network has in fact , also disappeared . Our networks now are extended into cloud environments and deep into people ' s homes . So you put in controls to try to limit the attack surface within your network , but honestly , you really have to just come to terms with the fact that the network is no longer the locus where you can protect things . At 2U , we are successful at our network security , but I also understand that the network is not really a good choke-point to try to implement security effectively .
cybermagazine . com 125