- CISO Series Newsletter
- Posts
- 03-31-20 - I Don't Need Anymore Advice On How To Work Remotely
03-31-20 - I Don't Need Anymore Advice On How To Work Remotely
I Don't Need Anymore Advice On How To Work Remotely
This week's episode of CISO/Security Vendor Relationship Podcast
I Don't Need Anymore Advice On How To Work Remotely
is hosted by me, David Spark, producer of CISO Series and Mike Johnson. Our sponsored guest is Brendan O'Connor, CEO, AppOmni. The three of us discussed:
Avoid the mixture of personal computing with work computing.
Our CISOs strongly advise keeping a church/state separation with respect to work and personal computing. Don't use personal computers to access work systems and vice versa, don't use business systems to access social networks.
Attack takeover (ATO) can be stopped.
Implementing multi-factor authentication (MFA) will put a severe cramp on an ATO attempt.
Increase camaraderie with persistent hangouts.
While everyone is doing video conferencing, consider a persistent hangout to allow people to have serendipitous moments.
The cloud is a shared responsibility model.
I know that's not the first time you've heard that, but take it seriously. That is the new model. It isn't a situation of the cloud being more or less secure, it's that the security has a shared model and part of that is out of your control.
Companies built on SaaS have an edge now.
Those companies who weren't already built on SaaS applications are having a harder time transferring to an all remote workforce.
Special thanks to this week's podcast sponsor, AppOmni
is the leading provider of SaaS security and management platform for the enterprise. AppOmni provides unprecedented data access visibility, management and security of SaaS, enabling organizations to secure mission-critical and sensitive data. With AppOmni, organizations can automatically and continuously enforce rules for data access, data sharing and third-party applications.
REMINDER: CISO Series Video Chats coming back
Since all live events have come to a screeching halt, we will be producing more live video chats. We had one a couple weeks ago and we have two now planned for April. If you register and follow us on Crowdcast, you'll always know when the next live video chat is going to happen, even at the very moment it's happening.If you haven't participated in one of your video chats, please do join. These are NOT webinars. They are open conversations where anyone who is watching can and is a part of the conversation in chat and on video.
Good Security Is Often Not Usable
Our ability to secure data has been around for decades. The problem is trying to use secured data, that’s where we get into trouble, said Richard Rushing, CISO, Motorola Mobility in our conversation at Cybertech 2020 in Tel Aviv.Once you start putting all these rights and permissions and slice and dice up data, it becomes a very cumbersome exercise that’s fraught with usability issues.
Thanks to our video sponsor, Morphisec.
Detection-based security technologies are by definition reactive, responding to threats after they’ve hit. Morphisec takes an offensive strategy to advanced attacks, dismantling the attack pathways to prevent an attack from ever landing. No detection, no hunting, no clean-up. Watch the on-demand webinar to see how it works. More at www.morphisec.com.
SUBSCRIBE TO BOTH PODCASTS
Go ahead and click on any of these links to subscribe to the podcast feed of your favorite podcast catcher.
If you're already a subscriber, THANK YOU! If you like either or both shows, please tell all your friends on social media and write a review on iTunes.