CIO Influence Interview with Jeremy Morrill, Chief Product Officer of Portnox

Jeremy Morrill CIO Influence Article

This article was originally posted on CIO Influence.

Jeremy has been instrumental in shaping the IT and product management landscape, bringing his expertise to the forefront of technological innovation. With an impressive background spanning leadership roles and a wealth of experience in product management, he now serves as the chief product officer at Portnox.

Hello, Jeremy Morrill! Welcome to the CIO Influence Interview Series. Please share how your IT and product management journey shapes your approach at Portnox.

More than 15 years of my career were spent in the very same trenches as my customers. This allows me to understand the challenges each of them faces on a daily basis.

In IT, I emphasized the importance of staying updated with the latest technologies and trends, understanding the needs of users, and prioritizing security and reliability. I would advocate for a systematic approach to problem-solving, focusing on efficiency, scalability, and flexibility in design and implementation.

In product management, I stress the significance of understanding customer needs and market dynamics, conducting thorough research and analysis, and collaborating closely with my customers. I emphasize the iterative nature of product development, encouraging experimentation and feedback-driven improvements.

Overall, my approach to IT and product management revolves around a combination of technical expertise, strategic thinking, and empathy for end-users. I strive to provide practical and insightful guidance while remaining adaptable to the ever-evolving landscape of technology and business.

Portnox is a leader in zero-trust access control and cybersecurity. Could you elaborate on how the product strategy addresses the current cybersecurity landscape?

At Portnox, our product strategy addresses today’s most pressing security challenges and focuses on applying the principles of zero-trust access control wherever possible. We’re always seeking to implement a zero-trust security model that assumes no internal or external entity is trustworthy without verification.

This approach is crucial in a landscape where threats can originate from anywhere and perimeter-based defenses are no longer sufficient. Our solutions require continuous verification of all users and devices trying to access network resources, regardless of location.

Additionally, recognizing the shift towards cloud computing, Portnox offers cloud-native solutions that provide scalability, flexibility, and seamless integration with existing cloud infrastructures. This ensures that organizations can protect their assets, whether they operate on-premises, in the cloud, or in hybrid environments, without the complexity and overhead of traditional security solutions.

We’re also leveraging automation to streamline security processes, from policy enforcement to threat detection and response. This reduces the burden on IT teams, allowing them to focus on strategic initiatives while ensuring that security measures are consistently applied across all touchpoints.

Visibility is also core to our cause. We’re continuously committed to providing visibility into all devices connected to the network, including IoT devices, which are often overlooked in traditional security setups. This visibility is paired with robust control mechanisms that allow IT teams to manage access rights, enforce security policies, and respond to anomalies in real-time.

By integrating these elements into our product strategy, we’re addressing the multifaceted challenges of modern cybersecurity, providing robust, flexible, and user-friendly solutions that empower organizations to maintain a strong security posture in a dynamic threat environment.

Given the fast growth of enterprise networks, how does Portnox ensure its solutions remain practical for resource-strapped IT teams?

At Portnox, we’re hyper-focused on tackling the challenges faced by resource-strapped IT teams amidst the rapid expansion of enterprise networks by offering cloud-native, scalable solutions that simplify access control and security. Our flagship platform, the Portnox Cloud, is designed for ease of deployment and management, eliminating the need for extensive training or additional staffing. By leveraging automation and real-time monitoring, Portnox enables IT teams to efficiently manage access permissions, enforce security policies, and respond to threats across any device and location for all critical IT assets – including networks, applications and infrastructure.

This approach reduces the customer’s manual workload and allows for the centralization and unification of control, even in highly distributed network environments. Our platform has been built with flexibility in mind, ensuring that it can adapt to the evolving needs of growing businesses without requiring significant infrastructure investments. This makes Portnox an ideal partner for organizations seeking to strengthen their security posture with limited IT resources.

Please discuss the role of Portnox’s cloud-native approach in simplifying the deployment and scalability of zero-trust security policies.

Our cloud-native approach plays a pivotal role in simplifying the deployment and scalability of zero-trust security policies within organizations. By leveraging the cloud, we offer a flexible and scalable platform that can easily adapt to the changing needs and growth of an enterprise. This approach eliminates the need for traditional hardware-based solutions, reducing the complexity and overhead associated with deploying and maintaining network security infrastructure.

Our cloud-native architecture enables rapid deployment across distributed networks, allowing organizations to implement zero-trust access control policies without significant downtime or disruption. It facilitates seamless integration with existing IT ecosystems, including identity providers and endpoint security solutions, to enforce consistent access controls and security policies across all users, devices, and applications.

Could you shed some light on the steps Portnox takes to ensure its solutions effectively address the key security challenges encountered by IT teams?

We ensure our solutions effectively address key security challenges encountered by IT teams through a multi-faceted approach. As I previously mentioned, the Portnox Cloud platform is designed to be scalable, accommodating the growth of an organization’s network without breaking the bank.

To tackle the complexity of modern cyber threats, our platform incorporates real-time monitoring, micro-segmentation, and risk assessment capabilities, enabling IT teams to identify and respond to threats swiftly. Our solutions support continuous verification of devices and prevent threats from being able to move laterally across networks, which aligns with today’s zero-trust security principles. Additionally, by automating routine tasks and enforcing security policies consistently, Portnox helps prevent human error, which is a common vulnerability in security systems.

We’re staying ahead of evolving security challenges by continuously improving our platform with the latest security best practices and compliance standards. This proactive approach ensures that IT teams have the tools they need to protect their networks against current and emerging threats.

According to you, what steps does Portnox take to ensure its solutions address the key security challenges that IT teams encounter?

Emphasizing the principle of zero-trust security, our solutions require verification for every access request, minimizing the risk of unauthorized access and data breaches. This is complemented by granular access controls and policies that enforce least privilege access based on user roles and device compliance, further enhancing security.

We also focus on simplifying the user experience for IT teams, offering intuitive interfaces, no hardware overhead, and routine automation which helps to reduce the burden on personnel and decrease the likelihood of human error.

What innovative practices or approaches do you believe have contributed to Portnox’s recognition and success in the security product industry?

As an organization, our recognition and success in the cybersecurity industry can be attributed to our innovative practices and approaches focused on superior usability. As I’ve previously mentioned, one key factor is our cloud-native approach, which simplifies access control deployment and management. This cloud-centric approach ensures that businesses of all sizes can easily scale their security measures without the need for extensive hardware investments, making advanced security accessible to a broader range of organizations.

Another innovative practice is the emphasis on user experience (UX) design in our products. Portnox has prioritized intuitive interfaces that demystify complex security configurations and policies for IT teams. This focus on usability reduces the learning curve and operational overhead, enabling teams to implement and manage security protocols more efficiently.

How does Portnox assist companies in transitioning from traditional security systems to a zero-trust approach?

We’re facilitating our customers’ transition from traditional security systems to a zero-trust approach by offering a comprehensive, cloud-native platform that simplifies the implementation of zero-trust principles. This transition involves a shift from perimeter-based security models to a framework where trust is never assumed and verification is required from everyone trying to access resources in the network, regardless of their location.

We aid in this process by providing tools for continuous monitoring and validation of all devices and users accessing the network, ensuring they meet the organization’s security policies before granting access. Our solutions enable granular access control, allowing companies to enforce least privilege access based on user roles, device compliance status, and other contextual factors.

In your view, what cybersecurity trends or technologies do you consider crucial for future threats, and how is Portnox gearing up to incorporate them into its products?

Today, modern cyber threats transcend the traditional boundaries of the network. As organizations migrate to cloud-native SaaS services, it’s becoming more and more critical to extend access control in all directions, encompassing not just the network access layer but the applications in use across the organization.

We’re tackling this challenge head-on with the recent release of Conditional Access for Applications, which enables security teams to institute passwordless authentication and granular access control across their entire suite of SaaS and on-premises enterprise applications.

Portnox is also focused on enhancing its cloud-native platform with further AI and ML capabilities that improve threat detection and response. Recognizing the explosion of IoT devices, we’re committed to expanding our customers’ visibility and control over these devices, ensuring they comply with security policies.

By continuously evolving our zero-trust framework, we remain at the forefront of network access control, providing granular, context-based access decisions. As we integrate access control best practices into DevOps processes, we’re also facilitating the rapid, secure development of applications, ensuring that security is a cornerstone of product development from the outset.

Can you explain how your previous experiences in network and IT management influence the development of products at Portnox?

Much of my IT career was spent in IT leadership roles at elite boarding schools, where the greatest potential security threats came from within. In that capacity I found myself implementing many of the principles we now refer to as ‘zero-trust’ decades before the term had even been coined.

Dealing firsthand with a large, highly educated, and well-financed group of individuals on your network who have an overabundance of free time on their hands and are hellbent on circumventing any security measures put in place, forces you to rethink conventional security strategies.

It is through that lens of, ‘never trust, always verify’, that we approach product-related decision-making here at Portnox.

What principles do you follow to encourage innovation and resilience within your team?

I’m fortunate enough to work with many of the brightest, most hardworking individuals ever in my career. The single most important principle I try to follow is leading by example through my willingness to try new approaches, adapt to change, and overcome obstacles.

I also ensure that team members have access to the resources, tools, and training they need to succeed, and offer support and guidance when necessary.  I also trust my team to find their own solutions and recognize that I have at least as much to learn from them as they do from me.

At Portnox we foster collaboration by creating opportunities for team members to work together, share knowledge, and leverage each other’s strengths. We embrace diversity in backgrounds, perspectives, and experiences to drive innovation through varied viewpoints.

Lastly, for C-suite leaders aiming to improve security, what guidance do you offer for adopting zero-trust access control solutions?

C-suite leaders aiming to improve security and adopt zero-trust access control solutions should begin by conducting a comprehensive audit of current security measures and identifying sensitive data, systems, and access points. This audit will inform the scope and requirements of the zero-trust model, which operates on the principle of “never trust, always verify.”

Implementing zero-trust involves segmenting networks to minimize lateral movement, enforcing strict access controls, and continuously authenticating and authorizing users and devices. This approach necessitates robust identity and access management (IAM) solutions and least privilege access policies.

Try Portnox Cloud for Free Today

Gain access to all of Portnox's powerful zero trust access control free capabilities for 30 days!