Written by Dave Stelzl CISSP

Theresa Payton Speaks at CRN Solution Provider 500

I had the honor of sharing the stage with some great speakers this week at the VAR 500 – now CRN Solution Provider 500, including Theresa Payton, Former White House CIO (who delivered some important updates on cyber security), Ken Thoreson – speaking on effective sales management, and our lively host Robert DeMarzo

I posted some critical points yesterday from the CIO panel – a must read for any sales person hoping to reach up to the C-Level on their sales call.  Theresa’s talk today included some important security trends for those of us who work in the security space.

1. First, if you have not updated your LinkedIn password, do it now!  There was a major breech today which may result in your password landing on a public webpage.  Also notify your clients and let them know. Many people foolishly use the same password across many accounts – I highly recommend using a password vault so you can maintain different, hard to guess passwords for your cloud application access.

2. Theresa gave us this formula: Byod w/o cya = byob to your next sale meeting.  Translation: Bring your own device to work without covering your assets is like bringing your own beer to your next sales meeting.  (I was happy to hear the phrase  “Digital Assets”, something I speak on at customer facing events each month.)

3. Tablets are the new computer for many companies – expect executives to be transporting sensitive data on these handy devices, assume they are unencrypted, and assume they will be lost or stolen on the next business trip…include this in your next security assessment; its a high likelihood issue.

4. SMIT – a new acronym pronounced as a word – smit (rhymes with mitt).  Social Media Information Technology.  Theresa explained how a security company can sift through a client’s LinkedIn accounts – especially those technical people on staff,  then check support boards online, and finally access facebook accounts, and between the three, just about map out the entire network infrastructure.  This is sure the impress the executives you are calling on – don’t tell them how you did it, just do it as part of your assessment. They will “Have a cow” according to Theresa…this is sure to land you some business.

5. Key cloud questions – “Who owns the data?”  Theresa told us of a company undergoing some legal action – there data was in the cloud – hosted by their provider.  The FBI wanted data, so the hosting company handed it over.  Chances are the court order did not require all data, but the cloud hosting company didn’t bother to check…they just gave it all. An interesting scenario for company execs to consider.

© 2012, David Stelzl

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s