Least Privilege or Zero-Trust
“Same but Different”

Somerford Discovery Forum: Ft. HashiCorp, Varonis, Okta & AWS Marketplace.

Forum Sponsors

Setting the Scene

A phrase often heard to describe the relationship between Least Privilege and Zero-Trust, “same but different”, an intentionally vague description and down to individual interpretation.

Organisations are constantly challenged with security being shared across resources within infrastructure, operations and business functions as it may lead to users and attackers having unwarranted privileged access to critical information and systems.

Two key principles for protecting “the environment” from malicious actors and insider threats are the adoption of Least Privilege Access and Zero-Trust across the network, devices, identity and data. However, Where do I start? How far is far enough and will it be enough? What does good look like?

These are all questions the organisational teams are asking themselves. This forum will look to delve into both of these areas and try to unravel the differences, how far you should deploy and where technology can assist your organisation.

Customer Speaker Panel

Forum Agenda

Arrivals and Lunch
12:00 PM - 1:00 PM
Welcome and Introduction: Ft. Overview of Somerford's Partnership With Leading Technology & How to Procure With AWS Marketplace

+

'Least Privilege or Zero-Trust' & Somerford Value
- Presented by Tom Longley, Somerford Associates
1:00 PM - 1:30 PM
Fireside Chat with Okta: The Glue Between Least Privilege and Zero-Trust

Hosted by John Dee, Head of Strategy at Somerford
Ft. James Richmond, Alliances Solutions Engineer at Okta
1:30 PM - 2:00 PM
Fireside Chat with Varonis: Maintaining a Least Privilege Model

Hosted by John Dee, Head of Strategy at Somerford
Ft. Matt Lock, Director of Sales Engineering at Varonis
2:00 PM - 2:30 PM
AWS: Advancing Your Security Model With a Zero-Trust Approach

- Presented by Jon Hammant, Head of Compute for UK & Ireland at AWS
2:30 PM - 3:00 PM
Afternoon Break
3:00 PM - 3:30 PM
HashiCorp: Understanding the Four Pillars of Zero-Trust Security

- Presented by Andre Pimentel, Senior Solutions Engineer at HashiCorp
3:30 PM - 4:00 PM
Customer Speaker Panel

Ft. Richard Parkinson, Head of Security Operations at Office for National Statistics (ONS)
+
Richard Frost, Senior Cyber Security Manager for Esure Group
4:00 PM - 5:00PM
Forum Wrap-Up, Networking and Refreshments
5:00 PM - 5:30 PM

Tom Longley, Commercial Team Sales Leader at Somerford

Least Privilege or Zero-Trust?

— With Tom Longley, Somerford

Join Tom in exploring Somerford's extended value from its partnerships with leading technologies, and how the combination of our product suite assists organisations with Zero-Trust.

We'll also outline Somerford's value including:

> Dedicated support desk and post-sales support.

> Proof of concept, value proposition and Business Value Consulting.

> Overview of Somerford's Security Services, and how we assist with experienced, certified consultants and technical architects.

> Value offerings covering Terraform/Vault Adoption Packs (VAP/TAP), our Business Value Consulting Service and Rapid Adoption Packages.

Maintaining a Least Privilege Model

— With Matt Lock, Varonis

On average a new employee will have access to 17 million files on day 1 of joining an organisation. Whilst 54% of companies find over 1000 sensitive records that are exposed to all employees.

Reducing exposure of an organisation's critical asset (their sensitive data) is fundamental when working to decrease the risk from internal and external threats.

A leading UK Law firm recently published that when wanting to be proactive when it comes to ransomware activity, you must stop its ability to spread and access other parts of an environment. Without Varonis they estimated it would have taken an estimated 10 years to lock down users' permissions manually – Varonis did it in 6 months.

During this session, we will explore how Varonis can work with you to quickly identify where sensitive data resides across the organisation, who can access it, how they are accessing it and ultimately, is that all appropriate?

Matt Lock, Director of Sales Engineering at Varonis

Andre Pimentel, Senior Solutions Engineer at HashiCorp

Understanding the Four Pillars of Zero-Trust Security

— With Andre Pimentel, HashiCorp

Zero-Trust security is predicated on securing everything based on trusted identities.

Machine authentication and authorisation, machine-to-machine access, human authentication and authorisation, and human-to-machine access are the four foundational categories for identity-driven controls and zero trust security.

During this session, we will explore how HashiCorp's identity-based security and access provide a solid foundation for companies to safely migrate and secure their infrastructure, applications, and data as they move to a multi-cloud world.

Advancing Your Security Model With a Zero-Trust Approach

— With Jon Hammant, AWS

Join Jon Hammant in discussing how to secure Earth’s most customer-centric company when deploying multiple times a second.

Jon leads the Compute business for UK & Ireland at Amazon Web Services, owning a number of key areas of the AWS business for the region including:

> EC2
>
Containers
>
Serverless
>
Networking
>
HPC
>
Outpost
>
Graviton
>
Visual Computing

Prior to joining AWS, he was a Managing Director at Accenture leading the DevOps and Full-Stack Engineering businesses for UK/IR.

Jon Hammant, Head of Compute for UK & Ireland at Amazon Web Services

James Richmond, Alliances Solutions Engineer at Okta

The Glue Between Least Privilege and Zero-Trust

— With James Richmond, Okta

On average every person in the world has 150 different identities that they know, it is estimated that there are 1.2 trillion accounts globally which are ever increasing. Last year 89% of all organisations globally faced an Identity-based attack.

With over 7 years of experience in Identity covering Identity Governance, Privilege Management, and Access Management, I have witnessed the lessons learnt and the most effective approaches to reducing these attacks and preventing impact on enterprise organisations.

We will be speaking about the capabilities of Okta and how these Identity-based attacks can be avoided, looking at why Least Privilege and Zero-Trust are so important and how Identity is the heart that keeps these strategies beating.

Register Below

Scroll to Top