SURF Security is trying to solve a fundamental problem in corporate security: securing access to a company's sensitive resources and protecting them from unauthorized access or leakage. We created the SURF Zero-Trust secure enterprise browser to allow the CISO to better control access for any employee, regardless of their location, while providing comprehensive security without interfering with productivity and agility.
What were you doing prior to SURF Security that led you to this moment?
I’m a security practitioner with more than 24 years of experience. As a senior cyber security expert, CISO, and innovator, I have held senior positions in well-recognized companies across multiple sectors. In addition to my professional work, I volunteer and contribute to information security knowledge exchange and discussion forums in the security community.
At our previous company, Ziv and I were the Chief Technology Officer (CTO) and CISO, respectively. We have witnessed the negative impact on productivity and user experience caused by security technologies such as virtual desktop infrastructure (VDI), remote browser isolation (RBI), and virtual private networks (VPN). These technologies are often bypassed, leaving security gaps that need to be patched.
We decided to take a different approach by creating a Chromium-based platform that could close these security gaps without interfering with daily business operations. As we worked on this project, we kept asking ourselves, "How can we consolidate our security tools into a single, powerful control point?"
This question led us to the idea of a corporate browser, and ultimately to the creation of SURF - a Zero-Trust, secure enterprise browser that helps companies centralize their security tools into a single security service edge, improving security, productivity, and agility simultaneously. Our team has worked hard to develop this innovative solution, and we are excited to see how it can benefit businesses.
What is SURF Security’s solution? What challenge does it solve?
SURF Security solves the challenge of securing a distributed workforce and providing them with access to on-premises and cloud-based data and applications without compromising security, increasing the risk of data leakage, or affecting business operations.
With remote and hybrid work becoming the norm, it is essential to provide workers with a secure endpoint environment that allows them to work however, wherever, whenever, and on any device, without increasing risks or compromising the company's data or applications.
SURF Security addresses this issue by providing maximum security without compromising agility. Our corporate browser is a secure and user-friendly solution for the current cybersecurity landscape, eliminating administration challenges and licensing fees by delivering a secure service edge quickly and efficiently. This allows businesses to protect their sensitive data and assets without hindering productivity or agility.
Who have you created SURF for?
We created SURF for businesses to allow employees to work from anywhere in the world, from any device, while creating a security air gap, reducing the attack surface, and isolating the business from internal and external exploits.
SURF is unique among security tools on the market because it is designed with both the business and the end-user in mind. Our front-end interface is user-friendly and operates just like any other commercially available browser, while our easy-to-use administration dashboard makes it simple to implement security policies across different user groups or the entire organization.
In fact, when we demonstrate SURF to potential customers, they are often impressed by the comprehensive level of security we provide in a single package. Our focus on both usability and security sets us apart from other solutions on the market and allows us to deliver a truly seamless and secure experience for businesses and their employees.
What innovations are you bringing to the market?
We are bringing several innovations to the market with our SURF zero-trust secure enterprise browser. First and foremost, we are providing organizations with a secure service edge that can be quickly and easily implemented without interfering with productivity or agility. By consolidating all security controls into a single tool, we are simplifying and strengthening security while reducing costs.
In addition, our platform provides comprehensive visibility into all activities, regardless of geography, device, software as a service (SaaS), or on-premises deployment. This allows businesses to better monitor and manage their security posture and quickly identify and respond to any potential threats. Overall, our innovations are aimed at improving the effectiveness and efficiency of corporate security.
Why did SURF Security want to work with Okta?
We are an identity-focused browser. Both SURF Security and Okta recognize the crucial role identity plays in cybersecurity. We both adhere to the philosophy of Zero-Trust, which involves treating everyone as untrusted and requiring authentication and authorization for all access to sensitive resources. This approach is more effective at defending against internal and external threats than traditional security models.
Effective management of permissions and authorizations requires robust authentication capabilities at the center of the security stack. By providing efficient and reliable authentication, businesses can ensure agility, flexibility, and uninterrupted business operations. Both SURF Security and Okta are committed to supporting this critical aspect of corporate security.
How is SURF Security working with Okta? What support do you look for in a corporate partner?
SURF Security is working with Okta to integrate our platform directly via a simple API. This integration allows customers to easily manage, secure, and build user authentication and identity controls within our zero-trust enterprise browser, which is focused on identity and privacy.
In a corporate partner, we look for synergy — we want to ensure that customers from both organizations can gain maximum value from the combination of our technologies. By working together, we can provide a comprehensive and effective solution for managing and securing corporate identities and data.
What trends do you expect to see in the cybersecurity industry?
In the coming years, we expect to see a consolidation of security tools into a single solution and an increased focus on authorization, agility, and employee privacy. As companies have been focusing on compliance with regulations such as SOC2 type 2, ISO27001, GDPR, and CCPA, it will become increasingly important to focus on securing employee privacy internally as well.
The shift towards remote and hybrid work will drive the adoption of zero-trust security models and technologies that can protect against threats across a wide range of devices and networks. Companies will look for simpler solutions for security and agility, such as the Zero-Trust secure enterprise browser, which will become the focal point of their secure service edge. This will be particularly important as hybrid operations become the standard, and technologies such as VDI are not as effective in serving both cloud and on-premises environments.
The use of AI and ML in cybersecurity will continue to grow, enabling organizations to automate and improve their security processes and detect and respond to threats more quickly and accurately. The cybersecurity skills gap will remain a challenge, leading to increased collaboration and partnerships between companies and academia to develop the next generation of cybersecurity experts. Overall, these trends will shape the development of the cybersecurity industry in the coming years.
Jessica MartinezSr. Portfolio Development Manager, Okta Ventures
Jessica recently joined Okta Ventures as Sr. Portfolio Development Manager. She is responsible for platform support for over 25 portfolio companies, focused on value-add services, specifically: community, expert network, event planning, content creation, marketing and PR, social media marketing, workshop execution, and leveraging Okta resources to expand pipelines with sales intros and account mapping. Outside of work, Jessica enjoys listening to Brene Brown podcasts, learning Spanish, and discovering new vegetarian dishes.