Larry Chinski on Unified Identity Security

I'm Larry Chinski, Vice President of Global Strategy at One Identity. Yeah, so the cybersecurity protection model has shifted very recently from an infrastructure-centric protect everything model, to an identity-centric verify and validate model. And why that has happened recently is really because of the shift in the remote workforce. And in times, past everybody came into an office. So we had the capability of using infrastructure components, such as dual layer firewalls, content filters, network segmentation, port blocking, and things like that, to really protect our end users from either accidentally or maliciously making mistakes. Now, with everybody working remotely, we don't have that option anymore. So what we have to do is use identity as the new perimeter. That's why when we hear vendors talk about identity as the new perimeter, that's because they are now forced to build their security posture on top of the identity. So what that gives us the capability of doing is doing a true verify and validate model for the identities. That means we're going to validate who you are, and then, we're going to verify that the things you are trying to access is something that's allowed based on who your role is in the organization. And that's something that's become very critical and important today because there are so many identities now. When we look at building the security posture on top of the identity, that's the first challenge. The second challenge is the sheer number of identities and the types of identities. They could be machines, they could be digital identities, they could be remote, they could be partners, they could be regular people that are employees. So the different types and the sheer numbers are why we've seen this shift and why we have to build a new security model for that. Yeah, the fragmented approach to an identity-based ecosystem really is no longer sufficient based on the types of breaches that we've seen today. Let's use the ransomware as an example. When you look at the types of breaches that ransomware are occurring, or the types of breaches that are happening because of ransomware, they are latching on to credentials and really taking advantage of credential mismanagement. What we know right now, based on the most recent transactional data, is about 74% of ransomware breaches are caused by mismanaged credentials. And so when we look at those types of credentials and where those breaches have come from, we know that not one single Identity type of toolset, like PAM or IGA, could have prevented those breaches. We know that a combination or a convergence of these individual fragmented approaches is what's required to actually make that sufficient. So a unified identity platform is the best approach and is really the best mechanism moving forward to deliver true end-to-end protection, and what I like to call an identity-based ecosystem. Because what it does is it takes segments from each of the four market segments, like PAM, IGA, access management, and active directory management services, and blends those together to form a true protection model. So it's not like we've got an individual PAM solution that does one thing, we've got IGA over here doing its own thing. Because when you look at those individual segments, they don't really know that those identities are the same identities that are being protected from those segments. However, when we look at a unified identity platform, where we're drawing upon all four of those and merging those together, that's where we can provide true end-to-end protection for our new security posture around the identity. So One Identity really is the only vendor in the market today that's able to build upon and provide a unified identity platform. And we've been working on this concept for a few years now for several different reasons. One of those is we really saw the shift in the market coming more than two years ago. So we started working on what we felt was going to be a true strategic differentiator in the market, and it's really a case where One Identity is sort of leading the charge for how we see this industry shifting. And so we have got the technology solutions, we've got the integration protocols already made. We've got a group of individuals that have done all the regression testing around how that would actually work, because we have to take into consideration how are we going to support it, how we get to deploy it. We don't want to create extremely complex solutions to solve these problems out there. We want to make sure that they're easy to deploy, they're supportable, they can be delivered in a quick fashion so the time to market value is there. And we're really the only ones in the market doing that what. We've actually seen-- this has been validated-- we've seen a lot of our competitors in each of these market segments making key acquisitions in other market segments to try and build upon what we've been doing for the last several years.