Thought Leaders in Cyber Security: Idaptive CEO Danny Kibel (Part 3)

Sramana Mitra: Who are the key players in this space?

Danny Kibel: You see companies like Okta that started from single sign-on and are now pushing into the MFA space as well. They’re also promoting the Zero Trust concept. We’re also seeing companies like Microsoft and Ping Identity.

There are a few players in this particular space for Identity as a Service (IDaaS). But, again, our solution is a unique combination that also includes the enterprise mobility management to verify the devices as well as user behavior analytics which we were the pioneers of.

Sramana Mitra: Are players like Okta and Ping Identity also in the space? 

Danny Kibel: Yes, they are.

Sramana Mitra: What is the approach of the larger security players like Palo Alto Networks, Qualys, and Proofpoint? Do they have solutions in the space? 

Danny Kibel: They don’t have specific IDaaS type solutions. In fact, we’ve partnered with Palo Alto Networks in a very unique use case. Their firewall systems identify potential risks or certain IP addresses that may possess potential risk when interacting into an organization system. We are notified through those potential risks. Through our integration with Palo Alto, we actually added a layer of security on top of our identity and access management solution. In such cases, we can lock or require additional authentication from the user who is trying to access the system.

We partner with some of those players that you mentioned. But they’re not directly competing in the identity and access management space. 

Sramana Mitra: Direct competitors are the identity players like Okta and Ping Identity.

Danny Kibel: Correct.

Sramana Mitra: Now switching gears a little bit, what do you see as open opportunities in your space that you would recommend new entrepreneurs to start new companies in?

Danny Kibel: As I mentioned earlier, one of the big challenges around identity and access management is understanding the ecosystem of connectivity. The world of employees versus business partners versus consumers is actually blurring.

I could be an employee of one company, then a business partner of another company, and consulting for a third company. I can also be a consumer or customer for various other companies. So my identity is not always tied to my work identity.

Today’s solutions are very focused on my work identity and my specific digital identity which is my email address or some login name. The way forward for identity and access management going is each individual physical persona having multiple digital identities.

It’s understanding, for example, that my Gmail identity or Google identity is actually the same person as my Idaptive business identity or the same as my Facebook identity. Being able to connect all of those together and understand what it is that I have access to and what activities I do is something where the world is trending into.

For example, let’s say I just made a valid purchase from Amazon on my home laptop, and then I’m trying to access Salesforce from my office. Knowing this computer just had a valid transaction from Amazon from a user who is associated with the same employee user thus probably makes the Salesforce access probably legitimate. That makes a lot of sense.

But if you think about a different case where someone from Ukraine or Russia is trying to access a system that is in our corporate network, that computer is not recognized nor is there any identity associated on that computer that is related to the person trying to access our systems. In that case, it is very suspicious behavior and we would block that. 

This segment is part 3 in the series : Thought Leaders in Cyber Security: Idaptive CEO Danny Kibel
1 2 3 4