This story contains promotional content. Learn more.

A Their Story interview with Sean Martin and Marco Ciappelli
Guest: Dana Tamir

The organization telling us their story today is Silverfort.

Access control should be about ensuring easy access to those with authorization to enter as it is keeping unauthorized people out

During RSA Conference, we had a chance to connect with Dana Tamir from Silverfort to get the updated Silverfort story. During our chat, Dana points out that enabling secure authentication and zero trust policies without requiring an agent or proxies or software changes should be the primary goal for organizations looking to keep bad actors out while ensuring secure access to those that have been granted authorized access to the business resources.

This rule of thumb shouldn’t necessarily change just because of the criticality and sensitivity of the resources being accessed—and it shouldn’t be thrown out the window just because systems, services, and applications are being used via APIs.

Ultimately, it boils down to the behavior of the users and the actions they are taking to access everything they need to do their job. If the behavior looks suspicious if the activities present a situation where the user may be compromised, or if the behavior suggests that the user is operating as a bot, then the authentication request(s) can be challenged with additional methods of proof.

During our chat, Dana provides some use cases and workflows to help demonstrate the scenarios above. How many of these scenarios does your organization deal with? Have a listen to learn more.