Follow Mark on LinkedIn Follow @marknca on Twitter Follow marknca on YouTube
marknca

Mornings With Mark
no. // 0 0 0 3

Delivering Information With Context

Subscribe to the podcast.

Watch the episode here

Join the discussion on LinkedIn

Tweet about this episode

Full machine generated transcript follows

Hey everybody. How you doing today? Mark here. Good to see your smiling faces. It's been a little while. And the reason for that is last week with AWS reinvent 2018 in Las Vegas. It was the biggest conference in cloud has the biggest reinvent Yap over 50,000 Builders to send it on Las Vegas for a week of learning of announcements of networking just generally fantastic time.

Now, I've been surprised missing since Revenge because there was a record number of announcements again features functionality new services that a brioche is kind of dumps on the community and this wonderful to absolutely fantastic, but it's a lot to take in and that's what I wanted to talk to you about today.

Not the reinvent announcements if you want to follow those go to my medium page, so I just look for Mike NCAA on medium.com. I'm going to see a bunch of summer is there in the course? You can follow me on Twitter or else we'd all those out as they get published on throughout the week.

And what I want to talk to you about was actually the perspectives on those information. So it's As a community here was a longtime Cloud Builder as a security professional I sit and listen to these announcements and I hear a certain angle on it right by default. This is sort of my perspective on this matter in this manner, but I talk to other people throughout the week and they had completely different interpretations of some of the things now, none of the Technologies, but of how they're going to be using those Technologies and it was the real reminder.

Communicating a message in communicating intense and is can be really tricky and as a follow-up to that. Just communicating intent, but how people take something you built especially if you're building a set of a primitive Tsar building blocks ikwf does and what they do with that is a completely different cause I think that happens all the time insecurity mainly because people like the context time to make a proper decision already understand what's happening or why it's happening and but I think it is the point is is relevant is that we have this challenge.

So if you roll out something like multi-factor Authentication Normal, you're going to say hey, this is going to make you more secure. Please take the time to complete the enrollment and start using multi-factor authentication for all of your key password. Maybe you mandated so they can't log in without something like that and that'll probably be relatively successful.

But I would ask the key question is after that effort after you have multi-factor. You said it was to make things more secure sure. They can go in a brooder to take that back Tuesday always makes things more secure, but do they understand how or why it does that and I think that's a great example of you know, an opportunity to inform to educate and to teach and help expand people security perspective and the challenge I saw last week a true event was because I'm a come a come a super super fast and you know, all them were crazy and amazing and you kept going like a wild squirrel squirrel squirrel.

It made it really hard to kind of push your perspective or the push. Some guidance and it was interesting is one of those announcements was a well architected tool which is designed exactly to do that to help people understand how to build with an eighth of your us. And if you're at the point, we need to build a tool to help people understand how to build the other tools.

I think that talks to a communication issue that talks to an audience fracturing 1/8 scale. That's totally understandable. I was totally normal and the problem is I see that small organizations small organizations have the same fraction problem with that same Communications problem because they're not teaching contacts if we go back to that time.

If a example if you're going to roll an MFA the organization you absolutely should the critical thing. Let users know to say look there's a risk of password reuse. So you don't we don't recommend you reuse passwords and we really hope you're pushing towards passphrases but adding this multi-factor authentication ads about a second or two to your login experience, but what it does for the attackers, is it puts a significant barrier to entry for them? So in case they did hack your password and they've got your user Adding multi-factor for the extra second or two.

It takes you in the morning to login makes a significant barrier for of the criminals because now they need to hack every individual users multi-factor. They need the time that multi-factor because it refreshes every 30 seconds or 60 seconds and it really sets huge obstacle in the way of attackers.

That's why we asked you to sacrifice a second or two in the morning to log in using essential Factor communicating in that manner. I think it's far more effective and we will go all that's the context. Okay. So yeah, it's a little bump for me in the morning. But it look at how much harder it makes attackers jobs right attackers attempted to hack our company.

So I think that's a really cute point is if you're communicating something communication context communicating in a relatable way. I'm at helping people lying with a perspective that you intend as the deployment or is the Builder. I was a person setting up that system. I think that's critical. That's how I'm continuing to approach on my remit coverage.

I'm looking back in the mountains around machine learning around contain Lambda and server list the lack of container announcements around security around all the stuff. I'm trying to help that perspective and provide my viewpoint in sure that I will be audience will look for more for me on medium at Market in CA from reinvent.

But also a thought away if you're setting up something special needs your leading into the new year or if you have a holiday push around security try to add that context take that extra moment to explain to people because they're really does make a world of difference. What do you think? I'll let you know hit me up online at Mark and as always my email me at Mark and.

CA I hope you have a fantastic day. I hope you have had a fantastic past week and a half. I'm glad to be back in the air with you. Look forward to talk to you online and on the show tomorrow. Hey everybody. How you doing today? Mark here. Good to see your smiling faces.

It's been a little while. And the reason for that is last week with AWS reinvent 2018 in Las Vegas. It was the biggest conference in cloud has the biggest reinvent Yap over 50,000 Builders to send it on Las Vegas for a week of learning of announcements of networking just generally fantastic time.

Now, I've been surprised missing since Revenge because there was a record number of announcements again features functionality new services that a brioche is kind of dumps on the community and this wonderful to absolutely fantastic, but it's a lot to take in and that's what I wanted to talk to you about today.

Not the reinvent announcements if you want to follow those go to my medium page, so I just look for Mike NCAA on medium.com. I'm going to see a bunch of summer is there in the course? You can follow me on Twitter or else we'd all those out as they get published on throughout the week.

And what I want to talk to you about was actually the perspectives on those information. So it's As a community here was a longtime Cloud Builder as a security professional I sit and listen to these announcements and I hear a certain angle on it right by default. This is sort of my perspective on this matter in this manner, but I talk to other people throughout the week and they had completely different interpretations of some of the things now, none of the Technologies, but of how they're going to be using those Technologies and it was the real reminder.

Communicating a message in communicating intense and is can be really tricky and as a follow-up to that. Just communicating intent, but how people take something you built especially if you're building a set of a primitive Tsar building blocks ikwf does and what they do with that is a completely different cause I think that happens all the time insecurity mainly because people like the context time to make a proper decision already understand what's happening or why it's happening and but I think it is the point is is relevant is that we have this challenge.

So if you roll out something like multi-factor Authentication Normal, you're going to say hey, this is going to make you more secure. Please take the time to complete the enrollment and start using multi-factor authentication for all of your key password. Maybe you mandated so they can't log in without something like that and that'll probably be relatively successful.

But I would ask the key question is after that effort after you have multi-factor. You said it was to make things more secure sure. They can go in a brooder to take that back Tuesday always makes things more secure, but do they understand how or why it does that and I think that's a great example of you know, an opportunity to inform to educate and to teach and help expand people security perspective and the challenge I saw last week a true event was because I'm a come a come a super super fast and you know, all them were crazy and amazing and you kept going like a wild squirrel squirrel squirrel.

It made it really hard to kind of push your perspective or the push. Some guidance and it was interesting is one of those announcements was a well architected tool which is designed exactly to do that to help people understand how to build with an eighth of your us. And if you're at the point, we need to build a tool to help people understand how to build the other tools.

I think that talks to a communication issue that talks to an audience fracturing 1/8 scale. That's totally understandable. I was totally normal and the problem is I see that small organizations small organizations have the same fraction problem with that same Communications problem because they're not teaching contacts if we go back to that time.

If a example if you're going to roll an MFA the organization you absolutely should the critical thing. Let users know to say look there's a risk of password reuse. So you don't we don't recommend you reuse passwords and we really hope you're pushing towards passphrases but adding this multi-factor authentication ads about a second or two to your login experience, but what it does for the attackers, is it puts a significant barrier to entry for them? So in case they did hack your password and they've got your user Adding multi-factor for the extra second or two.

It takes you in the morning to login makes a significant barrier for of the criminals because now they need to hack every individual users multi-factor. They need the time that multi-factor because it refreshes every 30 seconds or 60 seconds and it really sets huge obstacle in the way of attackers.

That's why we asked you to sacrifice a second or two in the morning to log in using essential Factor communicating in that manner. I think it's far more effective and we will go all that's the context. Okay. So yeah, it's a little bump for me in the morning. But it look at how much harder it makes attackers jobs right attackers attempted to hack our company.

So I think that's a really cute point is if you're communicating something communication context communicating in a relatable way. I'm at helping people lying with a perspective that you intend as the deployment or is the Builder. I was a person setting up that system. I think that's critical. That's how I'm continuing to approach on my remit coverage.

I'm looking back in the mountains around machine learning around contain Lambda and server list the lack of container announcements around security around all the stuff. I'm trying to help that perspective and provide my viewpoint in sure that I will be audience will look for more for me on medium at Market in CA from reinvent.

But also a thought away if you're setting up something special needs your leading into the new year or if you have a holiday push around security try to add that context take that extra moment to explain to people because they're really does make a world of difference. What do you think? I'll let you know hit me up online at Mark and as always my email me at Mark and.

CA I hope you have a fantastic day. I hope you have had a fantastic past week and a half. I'm glad to be back in the air with you. Look forward to talk to you online and on the show tomorrow.