Harsha Kendyala is a seasoned Technical Lead with over 12 years of experience in Cyber Security specializing in Identity and Access Management (IAM) solutions and has built a robust skill set in Single Sign-On (SSO) and Multi-Factor Authentication (MFA) within the financial and IT sectors. Known for his expertise in PingFederate, Transmit Security, ForgeRock, and other IAM products, Harsha’s technical proficiency encompasses cloud-based migrations, clustered deployments, and comprehensive SSO integration. As a certified PingIdentity expert, he has developed and deployed numerous solutions across platforms like AWS, working with SAML, OAuth, and OpenID for adaptive authentication and federation.
Harsha’s technical leadership has been invaluable in complex projects, such as migrating entire SSO infrastructures to the cloud and orchestrating seamless federations across multiple environments. His hands-on experience with clustered deployments and innovative solutions for Pingfederate, PingID, Transmit Security, Forgerock and OAuth integrations has enabled Fortune 500 companies to securely scale and manage user access. In his roles at major financial institutions, he implemented highly available and secure identity management systems, overseeing automation and adaptive authentication for both internal and external users. Built an advanced authentication solution tailored to the financial industry’s unique demands, institutions can protect billions of dollars processed daily. Combining adaptive authentication, robust cybersecurity measures, and scalable infrastructure creates a resilient system that not only safeguards critical data but also enhances user trust and regulatory compliance. This approach ensures that financial platforms remain secure, scalable, and aligned with the ever-evolving landscape of cybersecurity.
Harsha’s interest in IAM sparked early in his career when he began working on SSO and access control systems. The dynamic challenges in securing user identities, especially with the growing shift towards cloud solutions and remote work, continue to drive his passion. He views IAM as a field that evolves continuously with emerging threats, making it both a technical and strategic endeavour. His enthusiasm stems from the impact of secure systems on organizational integrity and data privacy.
One of his most challenging projects involved implementing advanced security measures, including Login Gaurd proxy solutions and device fingerprinting to protect against phishing, DDoS attacks, and unauthorized access. Integrated real-time risk scoring based on user behaviour, device attributes, and geographic data to determine access levels, Use platforms like Transmit Security or ForgeRock to create authentication flows that adapt to risk scenarios, such as suspicious login attempts or high-value transactions. And also migrating applications from SiteMinder to PingFederate for a major financial institution. The comprehensive process required close collaboration with various business units, customizing inbound federation adapters, and ensuring high availability. His approach included deploying adaptive clustering for specific business areas and implementing a detailed test plan across all environments. Through robust communication channels with stakeholders and strict compliance adherence, the team achieved a seamless transition, reducing downtime while enhancing security.
In approaching cloud migrations for IAM infrastructure, Harsha emphasizes careful planning around data security, regulatory compliance, and application compatibility. His methodology begins with robust risk assessment, followed by prioritizing adaptive authentication mechanisms and secure token management. When migrating SSO infrastructure to AWS, he ensures meticulous testing of all configurations and deployment on highly available architectures, using automation to minimize disruptions to critical identity services.
Harsha’s expertise in adaptive authentication allows him to tailor authentication methods based on comprehensive risk assessment. Working with Transmit Security and ForgeRock, he has developed custom authentication journeys that adapt based on location, device, and risk scores. These journeys enable less intrusive authentication for low-risk logins while applying stricter protocols for higher-risk scenarios, enhancing both security and user experience.
In federation implementation, Harsha leverages protocols like SAML, OAuth, and OpenID for their flexibility and security. His integration work has included combining PingFederate with ForgeRock and Transmit Security for adaptive authentication, enabling seamless access between applications. He has also developed custom solutions, such as OAuth token translation for legacy IDP cookies, to bridge older systems with newer platforms.
Automation plays a crucial role in Harsha’s implementations, particularly in repetitive tasks prone to human error. He has automated PingFederate deployment across numerous servers, handling upgrades and configuration changes seamlessly. This automation not only accelerates deployments but also standardizes configurations, reducing potential vulnerabilities while ensuring consistency in clustered and high-availability environments. And also automated the onboarding of applications using SAML and OAuth/OIDC, significantly cutting setup time. Proactive monitoring dashboards track user activity and server health, enabling faster issue resolution and freeing up resources for strategic tasks.
In balancing security requirements with user experience, Harsha implements solutions that blend biometrics with device-based authentication. His adaptive authentication approach assigns different security levels based on user risk profiles, allowing seamless access while maintaining stringent security standards. For production environment troubleshooting, he employs a systematic approach using tools like FluentD and Datadog for real-time insights, coordinating with support teams to address issues swiftly.
Looking at current IAM challenges, Harsha identifies securing diverse user populations, scaling identity solutions, and adapting to evolving threats as primary concerns. He advocates for organizations to prioritize adaptive authentication, invest in automated identity lifecycle management, and maintain agile security policies. His leadership style emphasizes mentoring team members through regular knowledge-sharing sessions and encouraging ownership of projects, preparing them for future challenges in this critical field.
About Harsha Kendyala
Harsha Kendyala is a distinguished Technical Lead specializing in Cybersecurity & Identity and Access Management (IAM) solutions for high-security industries. With a Master’s in Computer Science from the University of Illinois, he has a solid foundation in IAM tools and technologies, including PingFederate, Transmit Security, and ForgeRock. His expertise spans both on-premises and cloud IAM implementations, with an extensive background in clustered environments, adaptive authentication, and seamless SSO integration. Certified by PingIdentity and well-versed in deploying complex SSO systems across AWS and other platforms, his leadership matches his technical acumen in guiding large-scale migrations and custom integrations for high-profile clients. In every project, he strives to enhance security while maintaining an intuitive user experience, embodying a proactive approach to addressing modern identity challenges. His work has consistently empowered organizations to secure and streamline access, positioning him as a trusted authority in IAM solutions.
Current Version
Dec 08, 2024 10:50
Written By
Bindiya