Mario Duarte, VP of Security at Snowflake, on going beyond passwordless with Beyond Identity
The Security Challenges for Snowflake
There's a couple of challenges for Snowflake in security. One, our customer data is the holiest of holiest, and you got to protect that. Additionally, we have to concern ourselves also with the SaaS applications that we use, even though they are not there to support the Snowflake service, they could become conduits for potentially gaining access to Snowflake or potentially our customer's data.
So, I create all the security, I deploy all the security technology and tools in my managed systems, the things that I manage, the computers that are owned by the company. But with SaaS, you can actually use any other computer, you can use your own computer at home to access your email for work like, Gmail or Slack or whatever tool, whatever SaaS application.
And what ends up happening is, well, how do you know your person's system is configured or secure enough to protect the data? So this is the big problem. How do I allow my employees to be productive and to keep up with today's challenges?
Solving the Password Problem
Passwords are not effective. They were never effective. Now, you're probably going to get back and you ask me, "Well, can you do VPN? Can you do things like CASB?" Well, the answer's yes, but try it, and try and be effective without upsetting your employees, without reducing productivity, without making it seamless. It doesn't work. CASBs are a failure. VPNs are not keeping up.
Beyond Identity was introduced to me by a colleague at Snowflake. And we first started talking about passwordless solutions, but what immediately became clear to me was how this could become a solution for a lot of the challenges in SaaS applications or accessing SaaS applications or accessing the cloud.
And so, what now Beyond Identity has, in addition to passwordless, is the ability to say only allow the systems that are managed by my company to access the SaaS applications, these critical SaaS applications.
I speak to CISOs or senior security leaders weekly. Just last week I was having a conversation with a former CISO for a very large company and I said, "Well, I got to tell you about this whole Beyond Identity and how it's helping us solve this whole CASB, passwordless, VPN issues, and also enforcement of security hygiene on your endpoints all in one tool." And he's like, "Really?" And I'm like, "Yeah, it's terrific. You got to see this tool."
And people get it. Once they hear the concept and how it's used and how effective and how useful it can be, they get excited.
Why Employees Love Beyond Identity
Typically, security tools are not the most sexy, exciting things that people are raving about, "Hey, this is a great tool. Thank you, Mario, for doing this." You never hear that from a security tool.
There isn't a day that we don't receive an email from our employees raving about what Beyond Identity is doing for them. They say, "I can't believe how Beyond Identity has made my life so much easier without having to manage passwords." Every day I get emails. Not one email, multiple emails. It's crazy.
But it wasn't necessarily a passwordless thing, it was for more security for us, but people really dig it because they don't have to worry about passwords anymore.