The COVID-19 pandemic forced many companies to adapt to a new work-from-home reality.
We’re now past the initial shock of the COVID-19 pandemic, which forced many companies to quickly adapt to a new work-from-home reality. In the early days, business continuity, often at the expense of security, was the priority in decision making around remote access. Today, business leaders are realizing that employees will continue to work from home—perhaps permanently—so remote access needs to be both scalable and secure to protect business data.
To that end, some organizations are transitioning to zero-trust network architectures where access and trust is granted based on device and user identity, security posture and user roles rather than location. One such company is Atlassian, a provider of development and collaborations tools such as Jira and Trello.
CSO spoke with Atlassian’s CISO, Adrian Ludwig, about its zero-trust initiative.
How has Atlassian tackled remote work challenges?
Ludwig: I’ve been with Atlassian about two and a half years, and I spent most of my career in what I think of as platform security or product security, so most of our focus is on making sure that our products are secure. That also means recognizing that a key part of the security of our products is the security of the environment within which we created those products.
So, zero-trust networking, more robust enablement of multi-factor authentication—two of the things that Google spearheaded several years ago—are definitely things that we tackled. We had been thinking about it already at Atlassian, but we really put it in the front of our efforts over the last two years and made sure that we got it done.