Page 62 - Cyber Warnings
P. 62
How We Delivered a Security-First Approach with Twilio s Authy
Two-Factor Authentication Service
Step-by-Step Seamless Integration of 2FA and OneTouch Authentication into
an Enterprise CMS Platform
By Andy Fleming, CTO, Zesty.io
As digital content managers, developers and designers, my colleagues and I at Zesty.io
desperately needed a cloud-based platform that could take the pain points out of content
management and website development.
When we couldn’t find a solution that delivered agility, flexibility and speed, we built our own
solution. And in 2010, Zesty.io was launched to deliver a SaaS solution for enterprise content
management and development.
As the company grew to include co-marketing partners and large brand marketers like Sony,
Zesty.io’s platform evolved with expanded capabilities focused on delivering a true content-first
approach.
Our cloud solution ensured the reliability, rapid deployment, scalability and flexibility needed to
deliver exceptional digital experiences for our clients and end users. When Zesty.io needed
extra layers of security built into our cloud platform, we turned to Twilio’s Authy 2FA service.
Mitigating Security Issues in a Complex Digital Landscape
In a highly security-conscious industry, the Zesty.io platform was built to help mitigate security
issues and challenges. Website and interface management security are complicated. For
example, WordPress serves the admin area in the same place as the actual site. We think that’s
a security risk for our clients, so we separate and decouple those types of features.
The Zesty.io platform is also primarily closed source so that people can’t crawl through their
source code seeking out vulnerabilities. The security of our client sites, and how end users
consume them, is critically important to us. We need to guarantee that sites won’t go down or be
defaced or otherwise compromised.
Keeping security top of mind, we also looked to integrate seamless authentication technology
into the platform and interface. With large brand and agency clients, a security-focused
approach is an imperative.
In fact, Zesty.io went through a stringent review process with Sony in which authentication was
a requirement before we could land the business.
62 Cyber Warnings E-Magazine January 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
