Multi-layered Zero Trust with Yash Kosaraju
For this 18th episode of Access Control Podcast, a podcast providing practical security advice for startups, Developer Relations Manager at Teleport Ben Arent chats with Yash Kosaraju. Yash is Chief Security Officer at @Sendbird Sendbird's mission is to build connections in a digital world, providing APIs and services for chat products with API and tools to integrate into apps. This episode dives into how teams can build multi-layered security systems to go beyond zero-trust to let teams do their work but also provide checks.
Key topics on Access Control Podcast: Episode 18 - Multi-Layered Trust
- Sendbird provides APIs and services for chat and products to integrate into applications.
- As Sendbird is B2B, B2B2B, and B2B2C, its customers use Sendbird to build chat applications which their own customers use, resulting in a lot of data that enters Sendbird's system and that needs to be secured.
- Compliance and security go hand in hand. You determine how compliance requirements fit your business, and use them as a baseline to improve your company's security posture.
- Two guidelines for access control are a multi-layered design (where more than one thing should go wrong for something bad to happen within the company) and keeping things as simple as possible.
- A sound access control philosophy ensures that people in the company have access to what they need to do their jobs.
- Security is always should be a balance between usability and providing security.