Heard you liked access, so we built Access to...
Peter Collins, Elisa Guerrant
BSidesSF 2024 · Day 1
This talk, "Heard you liked access, so we built Access to...", presented by Peter Collins and Elisa Guerrant from Discord, details their journey in building a new internal access control system for Discord employees. The presentation outlines the critical need for such a system, the guiding principles behind its design, the technical architecture, and its impact on Discord's security posture and operational efficiency. The system, aptly named **Access**, aims to provide an intuitive, transparent, centralized, and secure platform for managing employee access to various internal resources and applications.
AI review
This talk details Discord's journey in building "Access," an internal access control system. They identified real-world problems with existing solutions, particularly around user transparency, top-level RBAC, and delegated administration, leading them to develop a custom Python/React application. The system integrates with Okta, enforces time-bounded access, and provides auditability, significantly improving their internal security posture and operational efficiency.