"If you envision a world where what would be the most ideal way to make access management IAM decisions, to enable people to access internal things, you'd want to do a few things,” reflects Bobby DeSimone, Founder and CEO at Pomerium.

In this episode of The Security Strategies Podcast, host Alejandro Leal, cybersecurity expert and senior analyst at KuppingerCole Analysts AG speaks with DeSimone about the shifting focus in security to internal access solutions, particularly in identity and access management [IAM].

DeSimone emphasises the importance of simplifying typically complex internal access management IAM solutions. He suggests directing focus on the foundational need for secure and user-friendly access among other recommendations.

Additionally, he shares insights from his journey in the privileged access management space, discussing the limitations of traditional perimeter-based security and the need for a more comprehensive approach to identity and access.

The conversation also explores the challenges posed by client-based access solutions, the importance of context-driven access, and how Pomerium's clientless approach to device health is reforming internal access management IAM.

As threats become more sophisticated and workforces more distributed, the once impenetrable "castle and moat" approach leaves organisations vulnerable in terms of identity and access. As such, this podcast addresses the limitations of conventional access management IAM solutions and explores a modern, context-driven approach to securing internal assets.

DeSimone argues that the numerous acronyms like SASE, CASB, and PAM, while representing different facets of privileged access, ultimately fall under the umbrella of "just actually one big market under it, which is the internal identity and access market". The core challenge lies in moving beyond login-based authorization to a more granular, context-driven access model.

Watch the podcast to learn more about how to overcome traditional complexities and approach a more modern and relevant internal access management IAM solution.

Takeaways

  • Bobby's journey in security began with privileged access management.
  • Traditional perimeter-based security has significant limitations.
  • Organisations struggle with internal access despite strong outer defenses.
  • Client-based access solutions introduce administrative burdens and vulnerabilities.
  • Context-driven access is essential for modern security solutions.
  • Pomerium supports clientless device identity for easier access management.
  • The security landscape is evolving towards a more integrated internal access market.
  • Real-world applications of Pomerium show its effectiveness across industries.
  • CISOs should prioritize securing internal assets without traditional complexities.
  • Pomerium offers a flexible approach to access control on organisational terms.

Chapters

00:00 Introduction to Security Strategies Podcast

01:02 Bobby's Journey in Security and PAM

03:01 Challenges of Traditional Client-Based Access Solutions

05:53 Market Segmentation and Context-Driven Access

09:02 Pomerium's Approach to Device Health and Clientless Access

12:03 Beyond the Perimeter: Real-World Applications of Pomerium

16:51 Key Takeaways for CISOs

About Pomerium

Pomerium is a zero-trust reverse proxy that helps enterprises manage secure application access. Authenticate, authorise, monitor, and secure user access to any application without a VPN. Access is driven by identity and context.

Pomerium allows you to use your existing identity provider, such as Okta, Active Directory, Google, Gsuite, or OneLogin to add single-sign-on authentication to any application. It enables you to add access control to any app, providing a standardised interface to do so whether an application itself has authorisation or authentication baked-in. This allows developers to focus on their apps, rather than reinventing access control mechanisms.