Best Practices I
- TYPE: Combined Session DATE: Wednesday, May 13, 2020 TIME: 15:30-16:30 LOCATION: AMMERSEE II
Cyber Security traditionally has been seen as the domain of Technology, with an expectation that the solution has also to be provided by IT – and we happily accepted this challenge and delivered with numerous Software and Hardware solutions, design and development principles, policies and process controls.
However, as most successful cyber-attacks in recent time have started by targeting users (with phishing emails or social engineering), raising awareness of their role in mitigating cyber risks is even more important than just a technical solution.
This short presentation will highlight ideas and strategies but also potential pitfalls in delivery of awareness programs and trainings to turn your users into the most important line of defence in cyber security.
Picture this: you work at an enterprise, with a traditional IT organisation, mostly comprised to people that have been with the company for many years and manages lots of Personal and Non Personal Accounts on multiple platforms. There is this new thing called DevOps and it seems to match the Scrum methodology your developers like. So you decide to reorganize to DevOps. Some of your older employees don't want to make the transition with the attached challenges to the way they work and decide to take an early retirement This forces you to source some of the technical support functions to your offshore ventures in Eastern Europe. At the same time you want to make the new DevOps teams responsible for the entire stack, spreading the responsibility for account management to multiple teams. And after blinking twice you suddenly find you have several thousand of Non-Personal Accounts around that nobody seems to own or know what they are for. And nobody dares to delete them, because maybe you need them for some process that runs only once a year. Obviously this would never happen to you, right? But it happened to us and it could happen to you too!
In this talk, we explain how we drained the swamp and got back in control over our NPA's. It involves good old fashioned detective work, password vaults, smart repositories connecting different data sources, some automation and some bold decisions.
Understand the steps you need to take to get back in control
Understand where responsibility should be and why
Understand some of the tooling and automation you can use
- Registration fee:
€1600.00 till 15.04.2020
$2000.00 till 15.04.2020
S$2560.00 till 15.04.2020
17600.00 kr till 15.04.2020
- Contact person:
Mr. Levent Kara
+49 211 23707710
- May 12 - 15, 2020 Munich, Germany
The European Identity & Cloud Conference 2020 is proud to present a large number of partners