THE PLATFORM: THE GREAT BALANCING ACT
It is becoming increasingly important to use specialized security solutions. In this masterclass we will update you with Jasmit Sagoo from Auth0. He is a specialist in the field of identity and access solutions.
How do you secure an online platform and keep it easily accessible? How do you apply the available security standards to your environment? How can you quickly implement an I&A solution and create a scalable solution at the same time? In the Platform podcast series The Great Balancing Act, Jas Sagoo, Head of Solutions Engineering, international @ Auth0 and Mike Veldhuis, Partner @Nalta, will dig into these topics. Listen to learn and for a bit of fun too!
Want to know even more and ask your own questions? Then register for the (English) online Masterclass, with by Mike & Jas
Episode Notes
The Platform Website: https://www.nalta.com/theplatform
The Platform on Youtube: https://www.youtube.com/naltatube
All Nalta Blogs: https://www.nalta.com/blog
Host, Mike Veldhuis
https://www.nalta.com/mikeveldhuis
Guest, Jasmit Sagoo
https://www.linkedin.com/in/jasmit-sagoo/
THE PLATFORM: THE GREAT BALANCING ACT
It is becoming increasingly important to use specialized security solutions. In this masterclass we will update you with Jasmit Sagoo from Auth0. He is a specialist in the field of identity and access solutions.
How do you secure an online platform and keep it easily accessible? How do you apply the available security standards to your environment? How can you quickly implement an I&A solution and create a scalable solution at the same time? In the Platform podcast series The Great Balancing Act, Jas Sagoo, Head of Solutions Engineering, international @ Auth0 and Mike Veldhuis, Partner @Nalta, will dig into these topics. Listen to learn and for a bit of fun too!
Want to know even more and ask your own questions? Then register for the (English) online Masterclass, with by Mike & Jas
Episode Notes
The Platform Website: https://www.nalta.com/theplatform
The Platform on Youtube: https://www.youtube.com/naltatube
All Nalta Blogs: https://www.nalta.com/blog
Host, Mike Veldhuis
https://www.nalta.com/mikeveldhuis
Guest, Jasmit Sagoo
https://www.linkedin.com/in/jasmit-sagoo/
You are listening to the Platform a podcast to learn about our digital worlds. I am Mike Veldhuis partner at Nalta.com
Jas Sagoo:Hello, I'm Jas Sagoo and I'm head of solution engineering and professional services at Auth0 International.
Mike Veldhuis:This Jingle sounds so professional Jas.
Jas Sagoo:Thank you, Mike, I learned from you.
Mike Veldhuis:Welcome listeners to episode number 12. Talking with Jas for the fourth time, and this is the final episode before the master class that we're going to organize the seventh of October. And today we're going to talk about the balancing act. And listeners, I have to be perfectly honest with you. I didn't come up with this title. This is all because of you Jas and I love it the great balancing act.
Jas Sagoo:Mike, you know what, this is not rocket science. I do that every day in my life. I try to balance my life in anything and everything I do.
Mike Veldhuis:And are you succesful?
Jas Sagoo:Sometimes.
Unknown:Cool. Cool.
Mike Veldhuis:Well, to kick off, to put it in perspective, what is the great balancing act?
Jas Sagoo:Good question, Mike. Look, I think, and this is something that I have come up with this is something that I have looked into our customers and partners and this is what they're asking for, you know, we have we have an industry that is looking for, when their customers are accessing their services, customers are looking for an easy way and a convenient way to access those services very quickly, right? You don't spend four minutes logging in, you're gonna spend one second logging in. But there was a myth, you know, perception that if you if you make logging in very easy, it means you've compromised on security, and you've compromised on regulation. And you can see regulation and privacy is going to be increasing these days. So the question is, how do you get it right? You know, do you do? Do you reduce security and get privacy up and then reduce convenience? So Mike, this topic really is about how do we address those three topics? And how do we balance it out here?
Mike Veldhuis:So how to get it right. But before we go on to answer that question, which basically is probably the most important question of all four episodes. And we talked about the identity management space, where it sits in the total security stack. And we, we found out this is the front door, and it's pretty important to get the safe lock on it. We talked about in Episode Number 10, about Buy versus Build. So should you build a solution yourself or buy it from a vendor, which is specialized? And the previous episode, which I really enjoyed, we talked about how to implement a solution and what is happening in the future. So we got all fired up. And then this most important question, how to get it right, how to get the triangle of security, privacy and convenience. Right? How Jas?
Jas Sagoo:Might before I answer that question, what are you hearing in the marketplace? What are you hearing from your customers?
Mike Veldhuis:I am, first of all, we're in the software space for a very long time, actually in IT for 21 years. And we getting more and more questions that customers actually want their own software being built, which is like there is so much available. But it's like special business needs special solutions. And not that we build everything from scratch. But it's like creating this environment, this platform for a use case that makes them special. And they want it fast. They want it scalable, because they have no clue how it will explode in time. They all hope it will. But they start with a MVP with a minimal viable product. They want to start slow as small and maybe slow on a tight budget. And it has to be secure. And that's another great balancing act. But what we're hearing is that there is a lot of need. And we have to comply in this transformation in digitization, to connecting these systems to the outside world, which is a risk in itself. And sometimes this is conundrum This is really a problem. That's what we're hearing.
Jas Sagoo:Okay, so all we're seeing is, security is at the top of people's minds, right? It is right at the top of a customer's mind. And this ties very well into into the question on balancing act, because historically, there's been a perception, you know, if you, you know, tighten security, or how you access, your front door, it means it's not very convenient to go inside. Because you've got 10 locks on it. Oh, gosh, thank you making so difficult to get into into the into this whole thing, if I'm using all my identity, you know, using my personal information, like, who you are your email address, your phone number, your address, you're giving away his personal information. And we know what's happening regulation, right? It is getting tighter and tighter and tighter, tighter rules are bigger. So how do you get it right? How do you provide, you know, one single key to access the front door, protect the user and provide convenience, but at the same time you making sure that security is not what you call it flawed, and you're helping everyone comply with regulation. So how do you balance that so I'll go back to something that you said earlier, you said everyone is building their own applications, right. But what they're doing is they're not building an identity access management system. They're building applications. So we're using best of breed tooling.
Mike Veldhuis:They are,
Jas Sagoo:right, yes. And these and when they build application, all these tooling, what they're doing is they're giving themselves a competitive advantage. Because it's they are differentiating themselves from their from their compact competition. So my advice is, don't build your own identity and access management system. Right? Go and use these ready tools out there, like Auth0, for example, they've got all the tooling and all their help you do as they help you get the balance, right, providing the right convenience. So access to service within two, three clicks, right. And they take care of all the security behind it, because they are experts. Lastly, they understand regulation, so that you don't have to worry about regulation yourself. So this myth about, to improve convenience, you have to sacrifice, security or privacy, that's a myth, that is only true if you're trying to do it yourself.
Mike Veldhuis:But to be honest, this almost sounds too good to be true.
Jas Sagoo:So it is true, I will kind of explain that to you. Because if you look at the heart of any platform, there are experts building it, they've done all the work, all the commitment and the dedication to go and try and build on it that's very secure, very secure. Security is the heart of anything that we do, especially identity access management. So they take that very seriously. Now, what's really clever here Mike is, is how you can make the the access very easily, right? You can use things like social login, for example,
Mike Veldhuis:Facebook for instance?
Jas Sagoo:Exactly. Or you can use Google or LinkedIn or all these other social profiles, right. And so that's one easy way of providing Quick Access without sacrificing security. And privacy, again, is built into these solutions. So my advice to everyone out there listening, don't waste your time in going try and build something yourself. Right? Rely on the experts, what you should be focusing on is your business application.
Mike Veldhuis:I have to be honest, and people that know me, I am and most of the time very direct. When we were preparing the new podcast series, I had a little bit of doubt whether talking about an identity and access management solution was really necessary in four episodes. It felt like we're talking about a niche in this whole scheme of everything that's happening around us digital transformation, it transformation, digital twins, in blockchain, all kinds of topics that are around us. And then Mike and Nalta are gonna talk about an identity management solution. I really had to think this one over. But when I started looking into it, I realized that it's a touchpoint that we're using every single day. And the solution itself is so directly linked to the security of your data and the security of your platform, the security of your things. That's it's probably one of the most important things to talk about. That is a real realization I had and I found it a little bit difficult to, to interest the audience in this topic. And that's why we have those four episodes and the build up to the great balancing act. And what I really hope, and we're going to talk a little bit more about machine to machine security and, and identity management, that they understand that at least for user identity management, this is just mandatory. And it's just like, so mandatory that basically all developers should at least have a look at it. You know?
Jas Sagoo:Mike, you're completely right. And you know, what? It's a must have, I must tell you that it's a must have isn't right. It's a boring subject, boring topic, but you know, what it's a must have. And what I've challenged, the audience is out here, if you can find 10 websites, that are important websites that give you good information, good access to good services, that don't ask you to log in, then then you've got me. Yeah. Yeah. So go and try and find those 10 websites.
Mike Veldhuis:I mentioned the developers, but in your role, you're responsible for the professional services in EMEA, right.
Unknown:Correct. Professional services and solution engineering.
Mike Veldhuis:Oh, I'm sorry. It's even more, it's even more, I can't imagine that you only talking to the technical people? And I imagine that you're talking to business owners as well, C level? And if it's a boring topic, what kind of you're not a boring guy. What kind of discussion do you have with that specific audience?
Jas Sagoo:So look, what I, tell them is, and then the humans as well remember, before, before they work for those organizations, they are they have their own personal life. And they understand the importance of, you know, wanting to access any service from any where they are any device at any time, you know, across across the ecosystem. So they themselves understand the importance of convenience and security. And what I tell them is, how are you going to do that for your employees and how you do that for your customers. And what you should also have is, you should have a strategy. So, that's what I talked to them, what's your strategy around identity and access management? But also, how can I help you gain maturity in this topic and subject? Because they there is an element of, continuous improvement and become a mature organization? Mike, look, we've seen lots of organizations that don't take this advice seriously. And what do we see, we see the names of big companies on the tabloids, they've been breached. Right. And every C level individual is trying to keep their names out of the headlines. Sometimes these are the conversations we have them.
Mike Veldhuis:Yeah, makes sense. Makes sense. So we, and this is a very clear and direct answer. And very useful for the listeners. So we're not only talking about this is something that is just for developers, this is something that really belongs to the boardroom as well, when we're talking about security strategy. We talked a lot about the user identity management space. We touched a little bit at the things and the machines. And, because I think it's so important, I just want to hear a little bit more of your advice. And I was, as I was thinking about some examples where it went wrong, but I don't think that's important. We know. And security is lacking in those spaces as well. What is your advice to companies that are building solutions in the IoT space and in the machine to machine space where machines to machines are communicating?
Jas Sagoo:So very quickly, I would say, use your time carefully and focus it on your applications and what you're building. Don't think about building an identity solution. You're reinventing the wheel because that's been done by experts. Okay, that's the first thing. If you're choosing an identity and access management system, make sure it's based on standards. Okay, so think about open ID connect to think about OAuth. Okay, these are standards. Third thing make sure that whoever is whoever you're working with are identity experts. They understand identity. Fourth thing, I know this is very difficult for you to for some some people to do. But let's share the mistakes were making. Let's try understand where these mistakes we were making so that a that others don't do them but also identity experts are able to build or take care of some of your, from your learnings and your experiences into their solutions. So this, this will be my advice Mike to anyone listening to the podcast,
Mike Veldhuis:And I love checklists. And it's a great summary and ending of this podcast series. The four talks we had, and I know for sure Laura loves this, she makes and draws the graphical recordings. And she always loves to make checklists. Thank you so much Jas, this was really insightful. It was great fun. I learned a lot from you. And I'm very grateful for that. And I know for sure that the audience can learn even more in the masterclass that we're gonna present, the seventh of October at the end of the day, we'll put the exact time in the link below. And to end this from my part, and I will give the final word to you Jas. Is that my colleague, Koen said, Let authentication work for you, not against you. And he's not a marketing. He's a developer and I just love that sentence. Thank you Jas.
Jas Sagoo:Thank you, Mike. It's been a pleasure.