Presented at
AppSec USA 2017,
Sept. 22, 2017, 10:30 a.m.
(45 minutes)
This session will cover a real-word approach to an enterprise wide, multi-factor authentication deployment at a fortune 500 financial services company with 30,000+ workforce. We'll discuss the technical challenges we faced in adapting modern passwordless authentication protocols such as SAML and Kerberos to a wide range of client computing devices and legacy technologies. We'll also discuss the critical user experience decisions and lessons learned during the implementation to enable workforce authentication any time, any place, and any device.
Presenters:
-
Michael Stewart
- Executive Director, IAM - USAA
Michael Stewart is the Executive Director, Information Security Access Operations for USAA. In this role, Michael has responsibility for workforce identity and access management and mainframe and database security.
Prior to USAA, Michael spent fifteen years at the Federal Reserve Bank of Boston holding executive roles in Information Security and payments, including serving as Assistant Vice President & Information Security Officer with responsibility for all security functions. While at the Boston Fed, he served on the Federal Bureau of Investigation's Boston Field Office's Private Sector CYBER Taskforce. He was also a member of the Security Advisory Board of the Massachusetts Technology Leadership Council.
-
Matt Hajda
- Security Architect - USAA
Matthew Hajda is a Security Architect at USAA, focusing on oversight and roadmap of Identity and Access Management technologies. His background includes roles as an Active Directory Security Analyst, Penetration Tester, SOC Analyst, IT Systems Engineer, and Security Architect.
In addition to providing technical direction for multiple enterprise wide efforts, he works with business partners to align multi-year technology roadmaps to enterprise strategy. Matt focuses on the providing an exceptional user experience while improving security, and provides briefings at all levels to garner support and awareness of the Identity and Access Management vision.
Links:
Similar Presentations: