Story image

Interview: Okta on identity management & single source cloud control

02 Nov 2017

Graham Pearson is rejuvenating the identity management market in Australia. He is the regional Vice President of APAC for Okta — an enterprise-level identity management service headquartered in America.

“We started Australian operations at my kitchen table. We now lease 750 square-metres overlooking the Sydney Harbour Bridge. That was done through organic growth — a solid work ethic and a great product. From my perspective, the main hurdle was re-education. Identity and access management had essentially developed a ‘dirty name’ in Australia.

Over the last decade, people had spent millions of dollars on the implementation of faulty products. But, that was also the reason that our arrival — and ability to actually provide a master tool capable of securing user access, provisioning and de-provisioning employees and serving as that secure identity layer in other organisations’ applications — allowed us to grow at such a rapid pace.”

Graham began the Okta-Australian spearhead in 2014 — joining the company with nearly two decades of IT experience, most recently with Oracle. Robin Block from MitchelLake sat down with Graham to talk about how Okta has changed the Australian identity management market, how he is handling explosive growth and the future of the company.  

What does Okta do, and why is it so important?

Graham: The iPhone is only 10 years old — now you can’t live without one. That change has led to the adoption of working practices that have transformed the threat landscape. The fact that you now have the ability to do your job sitting in a café means your access of applications in the cloud has to be secure. The right person needs to access the right information at the right time according to the policies set up by the organisation.

What you don’t want is to have an individual username and password for every app and every employee. But, using the same password for every application — even when possible — is stupidly dangerous. Also, what happens when someone leaves the company? They still have their login credentials. That is where Okta comes in — we give you one username and password to multiple apps in a secure format that can be controlled by a master dashboard.

When someone logs on using Okta, they are presented with their own dashboard that facilitates logging into all of the apps they have permission to access. The HR department then simply has to control that employee’s access to Okta — everything else is built into our program. Critically, we then provide second-factor identification in the form of push notifications to your mobile if you login outside of the office. A lot of recent breaches could have been avoided if companies had introduced a small thing like second-factor authentication.

What do you see in the future for Okta?

Graham: The great thing about what we are doing is that there is no one vertical. We have customers that are not-for-profit, government and companies ranging in size from 25 employees all the way up to a health insurance provider with 22,000 daily users on Okta. Any company moving into the cloud can benefit from our product.

We have been successful in A/NZ, but by no means are we finished. The thousands of companies that are not yet in the cloud, but moving towards implementation, are all potential customers. Australia is still at least 2 years behind the US, and the rest of APAC is 2 years behind us — that is all room for us to grow.  

Hyperscaling is a great word for what we are doing. We have had exponential growth, year on year. One’s ability to execute on that all comes back to customer success. The most important thing is ensuring customer success — customers talk to customers. The key to managing that kind of growth is picking the right people. People with the same work ethic, heading in the same direction are easy to manage. Making the wrong hiring choices is what often makes growth difficult.

Ideally, what legacy would you like to leave on the industry?

Graham: My ego wants to be remembered as the guy who built the next legacy software vendor in Australia. But, what I think is important is to coach, mentor and train the next generation of security professionals who can support the expansion of the industry. The broader problem in the industry is talent acquisition — there are not enough security specialists. I believe that I have put together a team of the best players in the industry — but there aren’t that many of us.

To this end, we built a ten-stage programme to train graduates and others looking to enter the industry. We give them the skills needed to sell identity management. This programme is completely tailored to what we do, and a crucial component of what the industry needs to grow.

It sounds corny, but I will be happy with my legacy if, when I am retired, the people I helped build careers in identity management and cybersecurity invite me over for coffee to discuss the trajectory of the industry. I think the positive nature of ‘the Okta story’ is good for the market on the whole. It is also how we have attracted the talent needed to build the team that has delivered the success we have achieved to this point.

Article by Robin Block, MitchelLake.

Why SD-WAN is key for expanding businesses - SonicWall
One cost every organisation cannot compromise on is reliable and quick internet connection.
New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.