Hi there, I'm Tom Field. I'm senior vice president of editorial for information security media group. Five Act Today is user protection as my privilege to be speaking with Eric Eddy, his principal technical marketing engineer, cloud security with Cisco. Eric, thanks for taking time to speak with me today.
Awesome, thanks for having me Tom, glad to be here. Let's start here. How do we remove the security burden from users? Well, we need to stop, you know, certainly stop burning the end users with security.
You want to make it as invisible as possible to them. You want to enable them to do their job, to do it in a performant way and not make security a hurdle for them to get over. Users want to get their work done, you want to get it done as fast as possible, get it done wherever they want it done. But ultimately they want to get their work done more than security, right?
So if security's in their way, a lot of times they're going to try and find some way around it. So if we can marry those two together, giving them the best connectivity possible with a nice performant connection and make it secure all at the same time, then we have a really world-class solution. Let's talk about zero trust. What role can it play in granting access to applications and resources that the users truly need?
zero trust is a really big exciting topic to talk about with any customer. But I think firstly, we need to make sure we realize how big zero trust it is. Zero trust isn't just a new firewall, zero trust is a new way of thinking about applications and resources and accessing them through a network. So you want to first look at what, as an organization, you need to do to implement zero trust and implement zero trust controls in your network.
So it plays a really big role because ultimately that's the foundation that you're going to use to build all your new rules around implementing zero trust and making sure this user is accessing this application and they're doing it in a really granular way because previously it was all just about getting on that network, making sure you're a trusted resource is making sure that endpoint is patched. But once you're on, it was kind of just full access. With zero trust, we add the, you're not just on the network, you're accessing specific applications and authorized just for those applications. So it's a lot more granular control and allows, prevents that lateral movement that we're all scared about.
Eric, you get to see lots of organizations across sectors. Your opinion, what's the key to ensuring a continuous agile and efficient security posture? I think there's a lot of good things in that question there. Like continuous agile, efficient, right?
All those things scream sass to me, software is a service, right? And offering that security from a platform that's delivered everywhere, it's a globally, right? Because you don't want to have to spend your time patching and deploying hardware. You want to make sure you're spending your precious hours, right?
Because our network resources are security administrators. Their time is very precious. We want them focusing on what's most important in the organization. And that is ensuring that you have the best policy, that all those people are authorized to only what they need to have access to, by not spending time, patching that hardware, looking for the next equipment to deploy, and really focusing on what's key to your organization, that policy and implementing it and ensuring that's the best connectivity for all your users.
Eric talked a little bit about Cisco. How are you helping customers be able to optimize their operations with consolidated tools and services that can secure identities, devices, applications, and data? Another great question, right? So I think about SAS again when you talk about all that consolidation, right?
So we want to bring together capabilities and products. And we see a lot of that with SSC or Security Services Edge. But at Cisco, we're bringing that even higher, right? We're bundling together and bringing together a suite of capabilities around the type of level of protection, like the user suite protection.
So we're looking at offering capability of suite of capabilities in our user suite to protect those users wherever they are, whether that's in office, whether that's the hybrid worker that was working from home or an office somewhere else, bringing those all together and ensuring that you have everything you need to be able to protect that user or wherever they are. How would you describe the security outcomes you produce for your customers? Security outcomes, right? So of course, security is top of mind, right?
When you're talking about security outcomes, we want to make sure we're providing the best security possible. But we also need to make sure we're looking at the type of connection and how fast that connection is and how going back to your first question, how we're not in the way of that end user, right? Because yes, we can create the most secure thing ever with seven factor authentication I've seen with customers and how realistic is that for your end users. So you want to make it easy, right?
You want to make it such that they don't try and bypass that security because people are getting more tech savvy, right? As the younger generation joins the workforce, they're going to try and find ways around it if you're preventing them from doing their job. And that just brings in shadow IT in many organizations when you start putting all these roadblocks in their way. And then you end up data in places you don't want and have no control over it.
So it's better to meet them where their app provides the best connectivity possible and the best experience possible. So that drives ultimately better security and health for your entire organization. Eric, I'm not sure we shouldn't call that over shadow IT these days. I think it over shadows the traditional IT organization.
Indeed, indeed it does. Hey, ask you this. We talked to lots of customers. What are the results they report back to you?
Report back to us. It's great. They always want new features, which is exciting to talk about. But when it comes to transitioning to something like we offer with the user suite, we're looking at being able to, again, focus on that end policy, that experience, that tuning that performance for your end users, making it more available in other regions, especially for smaller customers, it's always a struggle to make sure, hey, we have a couple of users that are remote across the pond in Europe.
How are we going to give them a performant connection to either the internet or private apps, and secure them at the same time? So being able to offer great connectivity globally is something that a lot of customers struggle with, even the big ones that I have struggled with, especially with COVID, the pandemic, everyone going home. The scale just increased how many remote workers you need to have. And moving to something like the user suite, you really push that burden off to the vendor, Cisco.
So we have to deal with that problem instead of you. And it allows them to, again, focus on what's important to them, their business, and driving the outcomes to their customers, rather than, hey, where's our network? Do we have enough performance? Can we buy this other company?
Like, all those things just become less of their own problems and more of the vendor's problems. Well said, Eric, I'm grateful for your time and insights. Thanks for taking time to speak with me. Yes, thanks for having us, Tom.
Again, the topic has been user protection. You deserve from Eric Eddy, his principal technical marketing engineer, cloud security with Cisco, information security media group. I'm Tom Field. Thank you for giving us your time and attention today.