For cybercriminals, crime does pay. According to cybercrime statistics, 43% of businesses experienced a cybersecurity breach in 2018, and the state of California alone lost more than $214 million due to cybercriminals. With this in mind, it might be hard to understand why businesses continue to default to a trust-first approach when it comes to protecting their data and IT infrastructure.
In this episode of the Workday Podcast, I talk with Archana Ramamoorthy, Workday's North America chief technology officer, to learn more about “zero trust,” a security concept that an organization should not automatically trust anything inside or outside its perimeters, and instead verify any attempt to connect to its systems before granting access.
Listen on SoundCloud: Workday's CTO on Zero Trust Security and the Changing Nature of Work
Listen on Apple Podcasts: Workday's CTO on Zero Trust Security and the Changing Nature of Work
Below you’ll find some highlights from our conversation, edited for clarity. You can find our other Workday Podcasts here.
“It's really critical to verify users' identity by understanding their device ecosystem, understanding the signals and behavior from past logins, and then to carefully authenticate their validity through their session duration in business applications. This is not just from a Workday perspective; this is for every business application that a customer is using. And from our side at Workday, our path towards zero trust will help us design and develop a framework that considers both people and their devices while determining access.”
“Cloud security in general is a rapidly evolving space, and this is especially true for organizations that are migrating a lot of their business from on-premise solutions to cloud solutions. Managing hundreds, if not thousands, of applications is a really huge and daunting task, and maintaining proper security controls separately is almost impossible at this point.”