Ref: Video: The Insider Threat – Josh Linder and YouAttest
Wonderful webinar, 08-11-2020 and great content by the esteemed Josh Linder. Here were some questions we took from the live audience.
Q: Why should I use YouAttest instead of manually auditing accounts?
YouAttest customers have testified that access reviews have gone from messy, ongoing week-long endeavors to quantified projects that can be completed in hours.(See: Customer Testimonial Webinar – Genomic Health)
Q: How is it better than Saviynt?
YouAttest, especially for Okta deployments, is a much quicker deployment and has a substantially lower cost of ownership. Because of the API connectivity to your Okta tenant, you can begin running reports in under 10 minutes. Non-Okta resources are a simple upload of .CSV files.
Q: Who are your major partners?
YouAttest’s primary partner is Okta, YouAttest is an OIN (Okta Integration Network) certified partner. For resellers, YouAttest is signing up small and large reseller and integration partners.
Q: What is your goal for expansion into Asia?
YouAttest’s primary investor is out of Asia. The group have lined YouAttest up w/ an agent in Japan and we are exploring J-SOX and other Asian regulations and the market for YouAttest
Q: Is the value driver for YouAttest exponential? Basically – is the more data (users) analyzed, the greater the value?
The value of YouAttest does, in fact, grow with an increasing number of accounts. A small set of user accounts can reasonably – if not easily – be managed by human beings (often auditing firms billing at market rates). On the other hand, YouAttest automates this process, scales over time, and maintains a very linear cost structure (per attested account). So the value is exponentially positive, and the benefit is also exponential positive – preventing runaway audit (consulting service) fees.
Second, YouAttest subscribes to the classic benefit of “network effect”, also known as Metcalfe’s Law (referring to the value of a network, leading to the invention of Ethernet). YouAttest, in the spirit of Bob Metcalfe, shows tremendous value as the number of users and applications grow – both internal (corporate/institutional) and external (contractors/partners). These are often threat vectors which are overlooked by traditional tools.
Q: What is the application in larger organizations, where role rotation is common practice? For example, “new role, new credentials”?
YouAttest has both a manual and auto-delegation field that allows enterprises to delegate to the manager who would know the current status and organization of their group.
To see who has been assigned to review the user click “in porgress”
Q: How do you integrate with non-Okta tools?
YouAttest has a fully operable .CSV input system that allows YouAttest to take data from ANY resource, as long as the data is formatted in .CSV with headers. (Video: Importing .CSV data into YouAttest)
Q: Is YouAttest at a “point in time” (snapshot), or continuous?
YouAttest works as both a static, snapshot audit tool – and by the end of 08/2020, YouAttest will have a “watching” mechanism where enterprises can monitor key accounts and groups (PAM) for modifications and then initiate an automatic attestation.
Q: How does YouAttest work if a customer net-new Okta deployment?
Half of YouAttest customers are Okta net-new. This time in the deployment is very advantageous to the design and implementation of both the IAM (Okta) and IGA (YouAttest) for the enterprise.
YouAttest automates the creation and review of these access reviews. To learn more about YouAttest, please write us @ firstname.lastname@example.org. To hear more about Okta API ecosystem and lean about YouAttest’s integration join us for our next webinar: Okta APIs and YouAttest – featuring Jennifer Galvin