Modern Access Security: Ditch Passwords, Implement 0-Trust & Secure APIs – Travis Spencer – ESW #296
Don’t leave the door open. Modern systems are complex and require you to consider many aspects. Here are some aspects we consider critical:
- APIs are the dominant software development direction/trend. Traditional/legacy ways to grant access is not fit for purpose of protecting this new way of delivering products and services.
- Customers are demanding better digital experiences. To maintain a competitive edge and drive brand loyalty businesses need to provide great online experiences.
- Standards (such as OAuth and OpenID Connect) are important to ensure high-security levels. Also enables scalability and helps future-proof your infrastructure. For example in the financial sector, these standards play a key role in the drive toward open banking.
- A modern architecture is a zero trust architecture. In a zero trust architecture, the new perimeter hinges on identity.
Segment Resources: https://thenewstack.io/zero-trust-time-to-get-rid-of-your-vpn/ This segment is sponsored by Curity. Visit https://securityweekly.com/curity to learn more about them!
Announcements
Dive deeper into the world of cybersecurity with Security Weekly on Instagram! Follow us @SecWeekly to find exclusive clips, hilarious memes, behind-the-scenes sneak peeks, and more! Stay connected, stay informed, and join our growing community!
Guest
![](https://image-optimizer.cyberriskalliance.com/unsafe/1920x0/https://files.scmagazine.com/wp-content/uploads/2022/09/Travis_profile-picture_1x1-0.jpg)
Travis has worked extensively with organizations in various industries in both the US, Europe, and elsewhere who are adopting cloud and mobile computing. His broad market exposure coupled with a background in application development allows him to help organizations with low-level technical issues as well high-level questions. His deep knowledge of legacy standards like SAML, WS-* and XACML coupled with current best practices like REST, SCIM, OpenID Connect and OAuth provides him with a unique and cutting edge perspective on digital identity and access management.