#DefragCon 2013 Notes: Security before convenience, and other lies – David Meyer, OneLogin

less than 1 minute read

Security before convenience, and other lies – David Meyer, OneLogin

  • Security theater #1: Security images
    • they are ineffective, intuitions are not reliable, people don’t behave the expected way
  • Security theater #2: “Fort Knox”
    • the simple things complicate the more complex infrastructure that is in place and can be circumvented through the appearance of trust
  • Building a security culture means explaining the practices so that humans can understand the impact and reasoning
  • Consider:
    • You have more cloud than you think – firewalls are a joke as we have mobile devices
    • You have more endpoints than you think
    • Security is a culture challenge
    • IM can remove friction while increasing security
    • Follow the people – onboarding and offboarding