Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Cisco’s Ash Devata on the Future of Secure Access

Authentication used to be binary: I give you access or I don’t give you access. But with the rise of remote/hybrid work and the growing number of cloud applications in use, organizations need an even more precise approach to authentication, says Ash Devata, vice-president and general manager of Cisco Zero Trust and Duo Security.

“Every time you’re giving access, you have to inspect the user [and] inspect the device,” Devata says. “End users just want to get their work done. They don’t want to go through all the security checks.“

The security landscape has increased in complexity, with the rise of remote and hybrid work and the accelerated pace of cloud adoption. “The key thing is around, how do we make sure only the right people have access to the applications?” Devata says in his Fast Chat with Dark Reading’s Terry Sweeney.

Devata also expands on the concept of post-login security. “You log into []. You just have the login cookie for six months,” Devata says, in reference to session cookies. So long as the cookies don’t expire, the session is valid and users don’t have to log back in again. However, the session cookie presupposes that nothing has changed to affect the security of the session. It could be the device needing new security updates, or the geographic location.

This is more than risk-based authentication, though. The idea behind continuous password access is to continuously measure all the signals – such as whether device encryption is turned on, if there are pending patches, if the firewall is enabled, and the network location — completely in the backend, without adding friction to the user experience. Once a signal changes, details about what has changed is then communicated back to the application. Depending on the change, the user may be prompted to re-authenticate, even if the session hasn’t expired.

“Once we give trust, how long can the trust last?” Devata asks.

Related News

CyberSecure Announces Strategic Alliance

CyberSecure Announces Strategic Alliance

BETHESDA, Md., March 24, 2023 /PRNewswire/ — Cybersecure IPS and LockDown Inc. jointly announce that they have entered a strategic alliance to…
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Researchers from France-based pen-testing firm Synacktiv demonstrated two separate exploits against the Tesla Model 3 this week at the Pwn2Own…
GitHub's Private RSA SSH Key Mistakenly Exposed in Public Repository

GitHub's Private RSA SSH Key Mistakenly Exposed in Public Repository

GitHub, a Microsoft subsidiary has replaced its SSH keys after someone inadvertently published its private RSA SSH host key part of…