Cloud Exchange 2022: Okta’s Sean Frazier on adopting modern, secure capabilities

The combination of cloud adoption and the COVID-19 pandemic, which accelerated the move of employees and services online, is now opening the door for an IT modernization effort possibly not seen since the introduction of PCs in the 1980s.

“I think the fact that the technology has caught up. I think the fact that the U.S. has a lifestyle that has caught up with access to the technologies that we need to do as a business. It’s that perfect storm. It’s that nexus of all of those things clashing at the same time to provide this capability,” Sean Frazier, federal chief security officer at Okta, said during the Federal News Network Cloud Exchange 2022. “We’re in a really good position where people are starting to understand how cloud can really help accelerate some of those things. You can accelerate the adoption of modern technology to deliver capabilities to citizens, to employees.”

As a self-proclaimed “security guy,” Frazier said that understanding of putting security tools on the front end of cloud services without impacting user experience is what he and others have been waiting for.

Don’t add friction to the user

The impact of moving toward a zero trust architecture, although still in the early stages, is helping agencies understand how to avoid adding friction to the user experience, Frazier said.

“Nothing really happens until someone tries to log in to access data. So we really are at the beginning and there’s a reason why, from a zero trust perspective, identity is the first pillar because it’s where everything starts. It doesn’t matter whether you’re a Department of Defense or whether you’re a civilian agency, you have to do the same thing,” he said. “Part of it is consolidating identity systems because one of the things we’ve done over the last 20 years is we’ve inherited a lot of identity systems. Some agencies have like 30 or 40 or 50 different things.”

For that reason, the first thing agencies need to do from a security and a usability perspective is consolidate their identity systems into a single stack, Frazier said. A single stack “makes it easier for users and it gives your business better visibility into what you’re protecting,” he said.

To do that consolidation, Frazier suggests looking at how to take advantage of identity as a service tools. Using that approach can remove both the friction of implementation and any concerns about continued innovation as security threats and technology change, he said.

“We’re seeing more and more folks thinking about identity as a service and thinking about providing this capability to enable and accelerate some of the modernization and cloud adoption that they’re doing,” Frazier said. “There’s some folks who still like to hug their servers. And they’re anti-cloud and thinking, ‘Well, my server’s in the data center. I can see it, therefore, I’m more secure.’ That’s not exactly the case.”

Center of excellence model

Frazier added that each use case for modernization and identity as a service is different so agencies should decide based on the application and the data. But, he said, the end goal is the same: a frictionless and secure user experience.

He recommended that agencies consider creating a center of excellence for IT modernization to lead these efforts.

“A center of excellence provides all the building blocks to build modernization or modern application technology. Some of the building blocks might be identity. Some of the building blocks might be access. Some of the building blocks might be data protection. But you can take that center of excellence approach or that service provider approach,” Frazier said. “A lot of agencies are starting to do this. Then, you get that economy of scale. So not everyone’s reinventing the wheel. You don’t have subagencies that have an entire IT stack managing multiple identity systems, managing multiple access systems. You’re really able to streamline your environment.”

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.