After more than a decade as a consultant, and then CTO of a mobile payment company, Erika Boije discusses what drew her to Axiomatics and how she sees dynamic authorization shaping the future of access control.
She specializes in agile working, architecture, system integrations, especially security platforms such as access management, identity management and SIEM/Log management.
Erika joined Axiomatics in March of this year, as Vice President of Engineering. Her most recent role was Development Manager at Bambora, a payment processing company.
Before that, she spent over a decade – as a developer – in the consulting capacity. For developers with weak stomachs or looking for job security, the consulting path can be an ominous one, but Erika liked the challenge and the exposure to different industries and variable use cases.
“I always identified with the mindset of a developer. It’s exciting. There’s always a new system, a new language, or a new tool to dig into. Developers have to stay on top of it all in order to stay relevant. And it’s not enough to just be on top of current updates – you really have to be able to predict what’s coming next.”
In 2013 she joined Heimore Group (now North ID), a former Axiomatics partner, as a Project Manager.
“This was the first time I was an official employee in the IAM space. I delivered IAM projects for large government agencies. We had a continuous delivery concept as an infrastructure for companies.”
There she was exposed to the Axiomatics Policy Server software.
“I got the opportunity to see the (Axiomatics) policy server in action. The ability to control authorization at an attribute level is very powerful, and I knew I was seeing something special.”
At the same time, she quickly learned the challenges of the IAM space.
“It was harder for companies back then to understand the importance of having security software that was developed by experts,” she said. “People wanted to write the security code themselves within all the different applications. It’s not scalable, and most of all – it’s not secure.”
[Read our Build vs Buy report to learn more about the challenges Erika describes in this interview.]
“The importance of scalable and properly developed information security software – for a company of any size – can not be overstated,” she said. “Trying to build it yourself is a big risk, and I saw so many companies waste time, resources, and a lot of money thinking this way.”
I asked her why she thought so many companies were still resistant to seek outside help with their authorization goals.
“The passion of product development, I always understood. To build a product from start to finish is very gratifying. But at the same time, you have to be sure the passion aligns with your company’s primary objectives and not let your ego get in the way of progress.”
During her time at Bambora, she helped build the architecture for a company that started at one employee and jumped to 9,000 after a very successful acquisition. It was a really fun journey, and she learned a lot, but she was ready for her next challenge.
So what led her to take the role at Axiomatics?
“Axiomatics has a lot of smart people. I knew that from my previous encounters with the head of customer relations and others. The team and the culture are what drew me in. I had already accepted another offer, but when Axiomatics reached out, I changed course.”
I asked her how she thought Axiomatics was viewed within the IAM community,
“From my experience, working as an external party, and delivering the Axiomatics software, I was a big part of the pre-studies, and Axiomatics won. We were impartial; we didn’t have anything except the customer’s best interest in mind, and Axiomatics won, because they had a better solution. The huge companies didn’t have a flexible product, and I still think that is a strength we have. ”
We went on to discuss the importance of externalizing authorization.
“I truly believe that externalizing authorization makes development better for your core services. If you have externalized dynamic authorization and don’t need to worry about building it in-house, it truly makes your development move faster. I see it now. Our customers gain speed in delivering their products and their core values.”
She went on to discuss how authorization should be as flexible as possible, because no one can predict what compliance rules are coming next and how your authorization needs will change in the future. There is no magical way of knowing.
“Your authorization needs won’t be the same. They will change. In order to change with unpredictable, outside forces, you must have external policies, but the knowledge to do it all yourself is not something you want to invest a lot of money in. You want to invest in your core products,” she said. “I definitely think any company that wants to succeed needs to focus on their core.”
Looking forward as the VP of Engineering, Erika sees her own goal as building a strong and self-driven team that is ready to scale. “In order to keep taking on new and diverse clients, we need a strong core. That is my goal for the engineering team: ready to expand!”
“We also need to continue to have flexible and reliable architecture. That’s really important to me. Our customers have been large and have specific requirements, but we also need to be flexible for smaller clients and unique verticals who will continue to put pressure on us to help them adapt.”