COSCUP 2023

Incorporating Zero Trust with Legacy Environments (OmniAuth as your Supercharger)
2023-07-30, 11:30–12:00 (Asia/Taipei), TR 413-1
Language: English

Zero Trust is the standard for security these days. They're the ideals we strive for. But what about the mature systems & potentially legacy protocols still in play today.

Legacy environments are characterised by older hardware, software, and security protocols, making it difficult to enforce strict access controls and continuous monitoring.

Overcoming this challenge is maybe the highest hurdle companies have to overcome.

Ruby OmniAuth can be your superpower applying some of these protocols when operating with legacy systems. We share some lessons & architectural practices we've learnt working Zero Trust Principles into legacy environments to maximise authentication resilience.


As we progress, security threats are more sophisticated, and traditional measures alone are no longer sufficient to protect sensitive data & processes.

We have exposure to with mature systems that are have legacy environments that are many years old.

The primary feature of security environments are characterised by mature hardware, software, and security protocols with firewalls and packet filtering the key perimeter defenses relied on.

To meet today's threats, the Zero Trust approach calls for active security, minimum access rights possible, continuous evaluations etc. Ascenda Loyalty works with some of the biggest and mature banking systems out there. How do we bridge the gap between mature systems and incorporate such practices to ensure businesses continue to offer increased resilience for their customers?

We explore some of the lessons & practices in bringing Zero Trust Principles into working with legacy environments


Difficulty

Skilled

Target Audience

anyone in COSCUP. Cybersecurity. Ruby practitioners interested in our design approaches

Melvrick is Director of Engineering working with teams such as Travel, Points Transfers & Authorizations in Ascenda Loyalty.

During downtime he enjoys tinkering with tools, writing & some HIIT 🥊.

He’s passionate about all things engineering, data & auth! Hit him up anytime to shoot them ideas.