Data Privacy

Data Privacy
What challenges have you encountered with Active Directory SOX Reports?

Top Answer : One challenge with SOX and the AD in reporting consolidating under you, is that you're being given the responsibility to be accountable for processes, services, and people that you don't have direct control over. And then you have to attest.

4 views
2 comments
1 upvotes
Related Tags
Adopting Data-as-a-ServiceAdopting Data-as-a-Service

What does "data-as-a-service" mean? 100 IT execs share their thoughts with the Pulse community.

Should coworking spaces increase their on-site security measures?

Top Answer : I sat down with WeWork and talked to their IT teams and my first question was, "Is your WiFi password the same globally?" They said, yes and it never changes. They treat it as a Starbucks. At that point, your responsibility—in IT or security—is to treat every single end point as an office. Especially if you're going to have people in a fully remote work environment. So with that being said, something like a secure access service edge (SASE) could be beneficial if it's not just your run-of-the-mill cloud access security broker (CASB) plus SD-WAN.

2 views
2 comments
1 upvotes
Related Tags
What are your thoughts on SaaS management platforms (SMP)?

Top Answer :

11 views
0 comments
2 upvotes
Related Tags
Business Application Development
Architecture & Strategy
Maintenance
Requirements & Design
Testing, Deployment & QA
Mobile Development
Development
Selection & Implementation
Business Analysis
Applications Vendor Landscapes
Optimization
Backup
Data Center
Public and Hybrid Cloud
Telephony
Network
Compute
Storage
Business Applications
Cloud
Crisis Management
Data & Business Intelligence
Artificial Intelligence
Business Intelligence Strategy
Data Management
Enterprise Integration
Integrations
Machine Learning
Governance
Data Lake
Big Data
Data Warehouse
Disruptive & Emerging Technologies
5G
Blockchain
Cryptocurrencies
Virtual Reality
IoT
Reality
Digital Innovation
Bots
Augmented Reality
End-User Services & Collaboration
Collaboration solutions
End User Equipment
End-User Computing Devices
Endpoint management
Productivity tools
Document Management
End-User Computing Applications
End-User Computing Strategy
Mobile
Voice & Video Management
Continuous Integration
Technical Product Management
DevOps
Continuous Deployment
Development
Quality Assurance
Customer Relationship Management
Enterprise Content Management
Customer Success
Enterprise Information Management
Finance
Enterprise Resource Planning
HR
Legal
Marketing Solutions
Retail
Human Resource Systems
Marketing
Product Recommendation
Sales
Risk Management
GDPR
SOX Compliance
Governance, Risk & Compliance
Infrastructure & Operations
Cloud Strategy
I&O Finance & Budgeting
Operations Management
Network Management
DR and Business Continuity
Server Optimization
Leadership
Attract & Select
Cost & Budget Management
Engage
Culture
Manage Business Relationships
Innovation
Organizational Design
Program & Project Management
Train & Develop
Values
Talent management
Performance Measurement
Organization Structure
Manage & Coach
Availability Management
Financial and Vendor Management
Reporting
Service Desk
Management Tools
Enterprise Service Management
People & Process
Process Management
Asset Management
Project & Portfolio Management
Portfolio Management
Project Management Office
Pulse
Security
Confidentiality, Integrity, Availability
Secure Cloud & Network Architecture
Endpoint Security
Data Privacy
Identity and Access Management
Security Operations Center
Security Strategy & Budgeting
Security Vendor Landscapes
Threat Intelligence & Incident Response
Threat & Vulnerability Management
Vendor Management
Infrastructure Vendor Landscapes
Budgeting
Roadmap
Outsourcing
Strategy & Operating Model
Business Continuity
Architecture Domains
Strategy
Tool Recommendation
Do organizations implement enough data security when it comes to their SaaS products?

Top Answer : It’s difficult because for many companies, most of their customer data is sitting in SaaS platforms that they have no access to. So even if they wanted to do something with it, they couldn't. In that situation, how am I going to test Salesforce? It's got my CRM, my investor data—all my stuff is in there. And if they have a vulnerability or loophole in their code, I just don't know how I would protect myself against that.

Do you think lobbyists contributed to the emphasis on Zero Trust architecture in Biden’s executive order?

Top Answer : The executive order calls out zero trust a few times in the things they're doing now. While I agree with zero trust architecture, having been in the tech sector for a long time, it suggests to me that the tech players who have big public policy lobbying arms inserted that language to give themselves the ability to market to the federal government. I've just seen the public policy arm of various industries influence the language of policy for their own profit motivations. There could have been a different way to describe it that was benign of the labeling that benefits some people.

Will the increasing ethical complexities of data protection make it harder for IT to operate at the speed of the business?

Top Answer : When it comes to ethics and how we protect data at the code level, it's a totally different mindset now. I can't move at the speed of the business. Looking at access to the systems solely from the human perspective is just wrong. Last year, our whole cyber defense testing model was all about defending data in the middle of a contaminated container. This year, we're going to continue that concept and add a compromised virtual private network (VPC) layer, plus issues with our API connections from a poorly configured solution.  Ethically, if I'm responsible for being able to track the integrity, availability and confidentiality of the data, I now have to look at it from both the human factor perspective and systems factor perspective. There are very few solutions that understand tracking ethical usage of data from the system identity out to the human being, it's always from a human being in.

Have online users become trusting to the point of critical exposure?

Top Answer : On the internet, essentially everybody is exposed to anybody. That is, my mom is exposed to people whose goal is to take advantage of her in obvious ways or just politically. The problem is that we've never had the ability to connect 7 billion humans together, and have instantaneous communication. And we've never as humans, used that as an attack service for this. We have a natural tendency to trust people based on cues in their physical demeanor, etc. But we’re really just users. We're bad at this digital domain.