Okta’s Guide to Risk-Based Authentication: Q&A With Hector Aguilar

A lifelong technology enthusiast, Hector Aguilar, President of Technology, Okta, shares the reasons why “risk-based authentication solutionsOpens a new window ” are the need of the hour. Aguilar has spearheaded technology development and strategic planning roles across such giants as Grupo Televisa, Ericsson, and others.

In this exclusive with Toolbox, Aguilar offers critical insights for cloud technology leaders, and business leaders to have practices in place that enable early detection of data breachesOpens a new window in the cloud, and more.

Key takeaways from this Tech Talk Interview on risk-based authentication:

· Top tips for how to focus on omnichannel business processes

· Best practices for business leaders to employ highly flexible cloud infrastructureOpens a new window

· Trends to follow in risk-based authentication for 2020 and beyond

Here’s the edited transcript of the interview with Aguilar and his views on risk-based authentication solutions:

Hector, to set the stage, tell us about your career path so far and what your role at Okta entails.

My relationship with technology began when I was eight years old. I had an uncle who used to fix TVs and radios (before transistor radios) and occasionally gave me spare parts, and I would spend all my time playing with them and connecting things. At age 10, I heard about computers and since I didn’t have one, I learned how to code by copying code from books onto our typewriter. From this time, I knew I loved it and had to pursue a career in technology.

I received a scholarship to Instituto Tecnológico y de Estudios Superiores de Monterrey, and from there made my way to Silicon Valley. I’ve held a variety of technology roles since then including working at ArcSight since its inception, driving the technology development as CTO and Vice President of Software Development for the company during its successful IPO in 2008 and after its acquisition by Hewlett Packard. Throughout my career, I have also worked in software engineering and management at Impresse, ICA, Grupo Televisa, and Ericsson.

My plan was to stay in Silicon Valley for just one year, but that was 20 years ago. I am now the President of Technology at Okta and have been here for almost eight years. In my current role, I’m responsible for developing strategic planning for the direction of product development activities and managing the engineering team, as well as business technology and corporate IT.

As an innovation leader, what does the term ‘risk-based authentication’ mean to you?

The number of data breaches has risen 5Opens a new window 4% in the last yearOpens a new window . Passwords and usernames are no longer enough to protect us, and that’s where risk-based authentication solutions come in: we can identify risky login attempts and better secure our information.

I like to explain it with this analogy: someone unexpectedly knocks on your door late at night. While a surprise knock might make you hesitant to open it, you hear your friend call you from outside. Once you recognize a familiar voice, you’re much more inclined to open the door and let them in. Risk-based authentication solution works in a similar way: if a user attempts to log in with a device that is unknown to the system, it will not allow access until the user has further verified their identity with an additional factor.

Unlike passwords, risk-based authentication tells you the details you need to know about any user and makes it more seamless for the right people to gain the right levels of access at the right time. It gives our customers and workforce frictionless access to more resources from more locations and devices than ever before.

Learn More: How Can Cloud Improve the Process of Business Communication? Q&A With Vonage’s, CTO, Sagi DudaiOpens a new window

What are the key priorities for cloud technology leaders today, given the focus on omnichannel across companies and industries?

Regardless of vertical, industry and size, every organization today must come to terms with elevated customer expectations for both seamless and secure omnichannel experiences with brands. For businesses to effectively target customers in today’s digital world, they must know who these customers are, what they like, and how they want to interact with your product.

Enter identity management. While we have primarily focused attention on identity management to address security concerns in past years, heightened demands of modern customers have turned identity into an opportunity for brand differentiation. Identity management is now the answer to many rising customer expectations: the need to bridge the gap between different digital channels, enable secure and frictionless experiences, and personalize interactions to drive strong brand engagement.

Identity management can be the thread that pulls siloed systems together to unify customer identities, ultimately ensuring the right customer receives the right information at the right time. The interoperability it unlocks not only solves many personalization issues in the immediate term, but it creates a foundation for a business to add to its marketing and technology stack without forcing significant re-development.

Tell us more about your vision for robust and highly flexible cloud infrastructure that streamlines continuous integration and continuous delivery (CI/CD) processes. Why is it crucial for business leaders to have practices in place that enable early detection of mistakes?

On every engineering team, detecting issues early is critical and can make or break a relationship with a customer. Many leaders think continuous integration (CI) loops are the silver bullet to detecting issues early and that if tests are well written, they won’t run into any problems. However, CI loops do not catch all issues, and because of their limitations, leaders must prioritize constant monitoring and acting quickly in the case of an emergency. It’s also critical to spread this responsibility across your team: early detection should be everyone’s job and not just fall on a small subset of team members. I like to say, “we win as a team, so we don’t lose alone.”

On my team, I also enforce a culture of “no mysteries”, meaning everyone should share a top priority of uncovering issues thoroughly, no matter the complexity. Engineers spend much of their time heads-down and strapped for time, so monitoring for issues can be brushed aside in favor of more urgent projects. However, explanations like “we had to upgrade, I’m sure the latest version will fix whatever just happened” or “we should just reboot to solve the issue” are just a cover. To solve the root of any problem, it’s critical to be fully transparent, dig deep to find the source of every issue and prevent a small issue from ballooning into a larger one.

Tell us about the upcoming projects or team initiatives at Okta that you are excited about.

One initiative I really believe in is setting one day a week as a “no meeting day” for my team. The benefits have been very noticeable and impressive. Removing meetings from my teams’ schedule just one day a week has provided everyone with a window of completely uninterrupted time to focus on complex work. I’ve noticed that my team now reserves the no-meeting day to execute on critical, time-consuming tasks that require deep thought, and this headspace has led to a higher level of innovation and creativity across the board. I’d highly recommend every technology leader consider implementing a no meeting day.

What should every leader be looking for in engineers they hire?

I’ve found that the best hires have the following four key characteristics that position them for success.

1. They show what they know and learn what they don’t: I believe a hire for any role and level should have strong technical and coding skills as well as a willingness and desire to constantly learn new things.
2. Ability to adapt and innovate: When hiring for any role, seek out candidates who can solve existing problems creatively. Future-proofing your team begins with hiring candidates who have an open mindset to embrace change.
3. Passionate about the work: It’s rare to find new hires with a real passion for their work, but it’s also critical to ensuring a positive team culture and retaining employees.
4. Communicates well: Technical roles might involve heads-down tasks, solo projects and complex endeavors that require high levels of focus, but that doesn’t mean hires for these roles can sacrifice communication skills in favor of working independently. No matter the position, solid communication skills build a foundation for effective teamwork.

Learn More: What Is the Future of Cloud: Expert Insights on What’s Next for the CloudOpens a new window

Which trends are you tracking in this space for 2020 and beyond?

With 2020 right around the corner, here are a few of my predictions on technology trends:

Mobile-optimized and collaboration apps will reign. As the mobile workforce becomes more prevalent and employees conduct much of their work from devices, like while walking from meeting to meeting or during a commute, mobile-optimized applications will be key to meeting employees where they work. The workplace of the future is made up of remote and flexible employees working on a variety of devices, so it’s critical to bring on new tools that reduce friction and enhance teamwork. For engineers, working in silos is common and it becomes even more critical to implement mobile tools that enable seamless teamwork. A few key collaboration tools my team couldn’t live without include Slack, Splunk, Workday and Greenhouse.

Automation is here to stay. While I believe automation is generally overhyped and that it will never fully replace the work humans can do on a team, I do think it provides some benefits. The key to implementing automation so that it’s useful lies in developing a strategy that fits your team’s unique needs. When considering what to automate, first identify tasks that are redundant. On my team, we use a combination of Workflows and Slack to streamline and speed up the process for detecting customer issues; we cut out the need for manual testing with automation so we can make decisions about how to react to problems faster, and ultimately drive a superior customer experience. By automating routine tasks, leaders can open doors for employees to further breed personal growth and focus on the more challenging, impactful projects machines can’t handle.

Neha: Thank you, Hector, for sharing your invaluable insights on employing the best in class risk-based authentication solutions. We hope to talk to you again soon.

About Hector AguilarOpens a new window :

Hector Aguilar is the President of Technology at Okta and is responsible for running engineering and technology. His focus is developing strategic planning for the direction of product development activities and managing the engineering team, as well as business technology and corporate IT.

About OktaOpens a new window :

Okta is the leading independent provider of identity for the enterprise. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With over 6,000 pre-built integrations to applications and infrastructure providers, Okta customers can easily and securely use the best technologies for their business.

About Tech TalkOpens a new window :

Tech Talk is a Toolbox Interview SeriesOpens a new window with notable CTOs from around the world. Join us to share your insights and research on where technology and data are heading in the future. This interview series focuses on integrated solutions, research and best practices in the day-to-day work of the tech world.

Would you like to share your thoughts about the future of risk-based authentication solutions? Find us on TwitterOpens a new window , FacebookOpens a new window , and LinkedInOpens a new window . We’d love to hear from you!