Cookie Settings
Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Other cookies are those that are being identified and have not been classified into any category as yet.

No cookies to display.

336001f5 merger acquisition zero trust

Merger, Acquisition: Federated Identity And Zero Trust


A Merger or Acqusition is an exciting, disruptive event. Formerly competitive companies might be merged, causing a long battle of who has the best system. Formerly orthogonal companies might suddenly be called to cooperate. The quicker we can merge, the quicker we can start aligning interests, the quicker we can be successful. Amongst the barriers is our IT systems. Identity, Access. What is the best approach to quickly align these teams? Mergers and Acquisitions: Zero Trust.

20 years ago now my company was acquired by Cisco Systems. Cisco parachuted in a large team who executed a well thought out plan. Work stopped on friday as company A, and work started monday as Company B. To make that happen, a lot of people re-imaged a lot of machines, and a lot of changes happened. At the team we were acquired we were hundreds of staff. If we had been thousands, I’m not sure this would have succeeded as a strategy. Instead, I think a much messier mesh of VPN’s and partially cross-linked identity systems would have been lingering for days, weeks, months, maybe even years.

Fast forward to 2020. We have new technology and practices. We can achieve our merger, acquisition with Zero Trust.

First, we need a Federated Identity system. Don’t create new accounts and logins. Instead, create a new Federated Identity system which allows for a user to be working for one of the companies, or the other of the companies. Make no differentiation in ease of use nor security nor access.

Second, we need a means of authorising access to the resource. Zero Trust Network Architecture allows us to treat resources in isolation. Make no differentiation in ease of use nor security nor access for any resource, regardless of which of the 3 entities “owns” it. A Merger or Acquisition with Zero Trust allows authorisation regardless resource or user location or ownership.

Don’t hire a firewall or a VPN to do the job, they are not fit for purpose. They have a time and a place. But not here.

Once achieved, we can a la carte build the team and tools that will make the merged entity successful. And, in the unlikely event the merger fails and needs to be divested, its trivial to disconnect. Fast to start and try, fast to fail if needed. This is what continuous is all about. M&A, Zero Trust.