A great read but what isn’t being said enough is that you can use Akamai MFA today with any site that supports FIDO2. No need to carry hardware tokens for Twitter, GitHub, etc - use your phone and upgrade your authentication game.

Segment, authenticate, authorize. Akamai, IoT and Zero Trust

Announcing Procella Technologies

In 2019 after 19 years at Akamai, mostly in IT, I decided it was time for a change.

There is of course, a longer version of this, but in late 2016 we had realized that the journey we had been taking Akamai IT on was actually a Zero Trust journey. Working closely with the Enterprise product team to make this journey a reality for Akamai customers over the last couple of years has been a joy and privilege.

I approached my manager and friend Joe DeFelice (Akamai’s IT CISO) with the idea to double down on the Zero Trust focus - sharing our experience and knowledge in this space with many more enterprises ranging from those who have heard of Zero Trust through those who may have started on their journey but are running into roadblocks.

We spoke about this idea with leaders in Akamai, the overwhelming response was positive and very supportive. Joe and I agreed to stay through March 2020 in order to continue supporting the Zero Trust transformation in IT, product development, and ecosystem expansion.

March 2020. The March that never ended. Fortunately, there was still enough work for Joe and I at Akamai to stay fully engaged. While our dream of doing our part to drive Zero Trust adoption broadly remained alive, it didn’t feel like the right time to be trying to start a new company when everyone was focused on learning how to be productive remotely. We were lucky enough to be able to stay on at Akamai during the pandemic, talking to customers, working with product managers and engineers and staying connected to IT. One thing above all else that I took away from 2020 - the more Akamai customers we spoke to, the more energized about helping companies with Zero Trust I became.

So it is with great pleasure I am writing this long post to introduce the company I am starting with Joe: Procella Technologies. Procella’s focus is Zero Trust and SASE. Our goal is to increase adoption of Zero Trust principals, and ensure enterprises are able to complete their Zero Trust or SASE journeys. If you’re considering Zero Trust or SASE, contact us to see how we can help.

The best path to password elimination is through federated authentication. The SSO tax is currently too high. Not just in penny pinching upgrades but in the obstacles to successfully enabling it.

I just tested a security integration with Microsoft 365 that was seriously just a couple of clicks. Then I tried to enable SAML which was a lot of copy and paste and changing fields. High potential for human error. We MUST do better here.

Thanks Dr Zerotrust. We don’t say it often enough - Akamai’s #zerotrust solutions were evolved working closely with customers implementing them including Akamai’s IT team. Proven in the real world.

So many things wrong here. An “emergency communications channel” protected by a widely shared username and password? Unauthorized use perhaps, but not hacking. And if you do have shared credentials, not rotating them after a high profile firing is insane. #zerotrust #authenticateallthethings

A reminder that cloud service providers hold a lot of control over your systems and data. Contracts and SLAs can’t protect you. If they pull the plug you’re the one picking up the pieces. Choose carefully.

IT teams: if you’re struggling to support a flood of WFH - don’t compromise on security or performance. Akamai’s EAA adds CDN performance and protection to your enterprise applications and scales well. This is how we are eliminating our own VPN usage at Akamai. #zerotrust #novpn #killthepassword

sharing my insights on how to move an enterprise to a zerotrust access model. #mbfeb

This mirrors my thoughts exactly. Why would you trust a VPN provider (and their providers) more than your own provider? Outsourcing privacy seems like a pretty big failure point. Make sure all your traffic is encrypted, push for eSNI and ditch the 3rd parties?

This is a pretty good read on “why zerotrust?” securityintelligence.com/posts/why… #zerotrust

Without any interaction with the “victim” is it easier to find their home address and phone number or their mother’s maiden name, starting only from their own name, and a rough geographic location (typical New England town)? My gut says the latter.

I’d love to nerd out talking about #zerotrust at Akamai Edge World this year. There’s even a video

They don’t normally let me out in public. This might be a one in a lifetime opportunity to hear this. twitter.com/Akamai/st…

Forecasting the top 4 RSA Conference themes for 2019 - GeekWire

They missed ZeroTrust. Not just my employer (stop by Akamai’s booth on Wednesday), but across the expo floor. SDP, identity aware proxies and micro segmentation will be common phrases across many of the vendors.

Check out the Akamai Security Operations Center in this clip: https://twitter.com/jj_under/status/1093207857040932864