So I have been geeking out a lot while listening to the MacAdmins Podcast in the car. I consider it to be like swimming in the deep end of the pool... I'm often treading water, just trying to stay afloat and understand all that is discussed.
In
a recent episode, they had
Jason Meller on who is the CEO of
Kolide. He was talking about
a guide that he had written, with the input of others, that talks about "endpoint security, and device management that doesn't erode your values." It focuses on five tenets:
THE TENETS OF HONEST SECURITY
- The values your organization stands behind should be well-represented in your security program.
- A positive working relationship between the end-user and the security team is incredibly valuable and worth fostering.
- This relationship is built on a foundation of trust that is demonstrated through informed consent and transparency.
- The security team should anticipate and expect that end-users use their company-owned devices for personal activities and design their detection capabilities with this in mind.
- End-users are capable of making rational and informed decisions about security risks when educated and honestly motivated.
The podcast and the guide got me thinking about how we all "teach" about the security of our devices to our end-users... faculty, staff, administration, and students alike. While the tool they have developed at Kolide requires SLACK, which would rule it out for us, the underlying guide and philosophy was something that I was very interested in and thought valuable to share.
I recently reached out to Jason to get his thoughts on his work and how his work might apply to schools directly. I will be happy to share what he says if I hear back from him. In the meantime, I hope you get something from the guide and if you have an hour to spare the podcast too.
#TeachingandLearning#ITSystemsandSupport#CybersafetyandDataSecurity------------------------------
William Stites
Director of Technology
Montclair Kimberley Academy
------------------------------