Flashpoint Editorial Director Mike Mimoso talks to Akamai Chief Security Officer Andy Ellis about the company’s implementation of a zero-trust security model.
As such, Akamai has evolved beyond traditional approaches to network security, authentication and authorization, to a model where users, devices and applications are treated as the perimeter. As a result, security controls are moved away from firewalls and virtual private networks to an architecture where an x509 certificate and push-based authentication are the preferred method. Andy says that Akamai can see a day in the not-too-distant future when passwords are no longer a thing at the company.
Throughout the discussion, Andy talks about how the 2009 Aurora attack inched Akamai toward zero-trust, how he got executive buy-in for this model, what the user experience is like, and how this compares to Google’s BeyondCorp implementation.