Security Awareness Training
Security Strong Podcast
In this in-depth Security Awareness Training, host Jeremy Cherny explores how a security incident can occur, as well as how people can best protect their data to remain secure.
info_outline
Get To Know Microsoft Teams
Security Strong Podcast
Host Jeremy Cherny discusses how to use Microsoft Teams as well as best practices. What is Microsoft Teams? If you haven't used it before, Microsoft Teams is a bit like texting or messenger on your phone in that it allows you to send messages to individuals, create group chats, and share files such as PDFs or photos. It’s much more than just that though. You can also create video chats for things such as one on ones, group chats, meetings, or video conferencing and because Teams can access apps such as SharePoint, Planner, and OneNote just to name a few, your team can work...
info_outline
Get to know Microsoft Planner
Security Strong Podcast
Host Jeremy Cherny discusses best practices and how to use Microsoft Planner. What is Microsoft Planner? Microsoft Planner does not have a desktop component, it is strictly from the web. It's also from your apps on your phone and tablets. So right now, there is no desktop component. So you go to Office and sign in with your credentials. It's kind of like task management for teams. Some might call it light project management. There are a lot of different ways to look at it depending on how you're going to use it. We've started to use it here at Tobin Solutions for a few small projects. So we...
info_outline
What to expect from the future of Internet security with Steve Moscarelli
Security Strong Podcast
Host Jeremy Cherny interviews Steve Moscarelli, Regional Sales Manager at Thales Cloud Security “I knew that the internet was going to be the future when I was in college. I had roommates working at the New Media Lab at MIT and they were involved in building a precursor to the internet for DARPA. I also saw very clearly that the internet was built with no security at all - which really propelled me into my career.” What are some of the things you read to stay on top of what's happening in the world of security? So I'd recommend that everybody pay close attention to Dark Reading. In many...
info_outline
Using common sense to stay secure with Joe Dietrich
Security Strong Podcast
Host Jeremy Cherny interviews Joe Dietrich, Manager of Hosting and Storage for Dover Corporation “Dover Corporation is a diversified global manufacturer. We've got about 325 global locations with about 23,000 employees worldwide. What I do for Dover is lead teams that provide server and storage support, as well as Active Directory support and what we call data protection, which for us means backup and disaster recovery.” Why is security important? The systems and applications that run on the servers and storage that my team supports are things like Oracle, our payroll, our accounting...
info_outline
Best practices for keeping your business’ information secure
Security Strong Podcast
This week, we're doing something a little different on the Security Strong Podcast. It's just me, we're doing kind of a fireside chat mode here. I'm sitting in a rocking chair near the fire and I am thinking about the various awesome guests we've had since we started the podcast, I'm thinking about what we do as a security company, and I thought why don't we share some of the best practices and go through a top list of things that you can do to stay secure. Security as a Process, Not a Product A lot of times when people think about security, they're thinking about buying the basics,...
info_outline
Security in the world of HR with Amy Fallucca
Security Strong Podcast
Host: Jeremy Cherny interviews Amy Fallucca, CEO of Bravent “Bravent has been around for about four years. We are an HR consulting and recruiting company. On the HR side, we help with anything from handbooks, to advising on terminations, or employee performance. Then on the recruiting side, we work on a range of positions; professional, technical, and executive. We leverage technology to be really efficient in our process, and by doing that, we're able to save our clients money. We're typically about half the cost of contingent placement firms.” Can you speak a little about security...
info_outline
Improve security through Mobile Device Management with Max Palzewicz
Security Strong Podcast
Host Jeremy Cherny interviews Max Palzewicz, Director of Operations at Rocketman Tech “I started out my career in public accounting, primarily working and advising small business owners. I got my CPA and I was able to join my dad and uncle's business coaching firm, Action Coach of Southeastern Wisconsin, where I worked for a few years. I carved out a niche for myself focusing on the financials for business owners, teaching business owners, how to be financially literate, how to read and analyze their financial statements, also how to process good numbers so they could make sound decisions...
info_outline
Know your data with Jason Claycomb
Security Strong Podcast
Host: Jeremy Cherny interviews Jason Claycomb, Founder of INARMA “INARMA is a professional services firm. The short tagline is ‘We assess controls.’ So I really like how you think of security as a process and not a product - that’s exactly what we do. We help people with the process around security. Yes, there are products involved, but those are types of solutions and we help people pick the right solutions.” Why is security so important to you and your clients? We've all got sensitive data. There isn’t any business that does not have sensitive data in it or where the data isn't...
info_outline
E-commerce website security with Lori McDonald
Security Strong Podcast
Host: Jeremy Cherny interviews Lori McDonald, President and CEO of Brilliance Business Solutions “I started my career at NASA Johnson Space Center as a flight controller for the space shuttle program where I met my husband. He went on to work for Rockwell Automation and got a promotion that brought us to Milwaukee. I was trying to figure out what was as cool as space and decided the internet looked like a cool place to be. So I started Brilliance Business Solutions, a web development company with a niche in helping manufacturers and distributors implement digital commerce solutions, in 1998....
info_outlineHost: Jeremy Cherny interviews Brian Lamantia, MacOS Administrator
“I've been doing this for a few years now just completely involved in that. And I use that to ride security down to our macOS users in our environment. We're fully Integrated with an MDM. We use Jam, which is one of the premier MDM providers out there. So I've been using them for the whole duration for about three years now since we set up the infrastructure and started enrolling our first Mac's.”
What was it like enrolling your first Mac’s?
It was very interesting to start out with because MacOS is coming into its own for security with all of the different security features that they've been adding. For example, the system integrity protection and the T2 chip which is a chip they’re putting on top of the system boards and is a secure enclave for the boot process. So lots of new security features, lots of challenges for an admin like me to integrate those security features into the deployment. In the beginning, we weren't fully into automated enrollment yet so it was - get a Mac, get the endpoints on it, get the user set up and then mail it out to them. We didn't have to image but we had to do a lot of setups. Then gradually, as things were starting to come around, and when we got enrolled into Apple business manager and we became an Apple DEP customer, we were able to then automate enrollment, which was really just an eye-opener - functionally and security-wise, for our C-level folks at our company.
What about that was the eye-opener?
The fact that we could do direct shipping from vendor to employee, and then have them just enroll. Then, all the security endpoints come down - zero imaging and zero-touch. That was huge.
Why is security important in this process, and why is it important to your job as a sysadmin?
It's important for us because we have auditors that come in to audit our systems. They find that we have to have a certain security stack in place. So those requirements are handed over to our security teams, and they have to work with me closely in order to get those security features in place, which is the primary reason why we have an MDM - to be able to enroll but also to provide all those things and to provide all the security features to ensure that they’re locked down and safe.
So if you work closely with the security team, what is that relationship like in terms of staying on top of threats? Are they doing research and then handing down policies?
We started out doing our own homegrown policies to try to match the Windows world a little bit to get everybody familiar. We just now recently are going to be updating that to basically go off the CIS benchmark. I've now been handed that whole guide. So now we’re picking through that one by one to firm up our security and our policy and then once that policy is set in place, it's my job to make sure that every box is checked off on my side and enforced and that we can prove that.
What do you see as the future of security?
Related to Mac OS, there are lots of changes. A lot of the security features that we use on the Mac OS side at our company have come because we already have a relationship with that security vendor on the Windows side. But we're learning that Mac OS is not the same as Windows, it's a completely different OS. So some of the conversations I am now having with the security folks are maybe changing over to some of these newer products that are on the market that are now agentless and also serverless. They actually have a product out there that is agentless and serverless that we could be using that would greatly improve our performance on Mac OS. It seems like security is ever-evolving, right? I mean, the old days of binary agents, I think there's going to start going away for more MDM and scripted based solutions even on the Windows side.