Automation has always been a good friend to IT. It’s helped us get our work done faster on projects that involved lots of tedium but required little technical skills. Automation allows us to focus our time on more rewarding projects that require years of experience and special tech wisdom.
You know, like redesigning a Hadoop cluster or taming the company’s cable infrastructure so that it’s a thing of beauty.
Get the Free Pen Testing Active Directory Environments EBook
Of course, if only everything in IT were as simple as a script or point and click! But that’s not the way of IT.
We’re often tasked with finding creative solutions with fewer resources, reaching our next milestones faster, or moving past internal resistance in order to experiment with new ideas.
Can we rewire ourselves so that we’re better able to handle the hard challenges of IT? What might help are brain hacks – ways to think about IT differently.
Andy and I came up with some ideas for upgrading your firmware and boosting your own creativity.
Big data challenges require big thinking, or more specifically, design thinking. It is a methodology to solve your data challenges and to generate innovative solutions, based on a user-centered approach with a multi-disciplinary team.
Click here to learn about the 9 step process and how to incorporate it in your data strategy. It helped the guy who created the iPhone and it can help you too.
One area where cogitating in alternative modes really pays off is in penetration testing. The best testers really go into character, viewing themselves as hackers and everything they touch as hackware. Or as we like to say, pen testing is what you get when you red-team data security.
In our posts on pen testing, we’ve written about how testers use standard IT tools—for example, arp, netcat, ssh, psexec—to find vulnerabilities and then hop around the victim’s system.
These links below will expand your pen testing consciousness:
- Penetration Testing Explained, Part III: Playing with RATs and Reverse Shells
- Penetration Testing Explained, Part IV: Making the Lateral Move
- Penetration Testing Explained, Part V: Hash Dumping and Cracking
Diversity & Inclusion
“When surrounded by people “like ourselves,” we are easily influenced, more likely to fall for wrong ideas,” writes Columbia sociologist David Stark and organizational researcher Dr. Sheen Levine, “Diversity prompts better, critical thinking. It contributes to error detection.”
Not only is diversity good for preventing miscalculation, research from Center of Talent Innovation says that companies with a diverse management and workforce are 45 percent more likely to report growing market share, and 70 percent likelier to report that their companies captured a new market.
Privacy by Design
In this past year, we’ve written tons about data security compliance and regulations. If you don’t believe me, check out our C&R topic. But is there a way to think differently about this area? Of course! There’s a meta view of data security that’s nicely contained in Privacy by Design (PbD).
Developed by Ann Cavoukian, former Ontario Information and Privacy Commissioner, PbD take a different view on privacy. Essentially it says that privacy (and security) are something you do at the start—it’s baked into every IT decision.
For example, in looking at the data you’re protecting, you’ll want to question whether you really need it in the first place! Minimizing data collected from consumers and only retaining personal data for a given period of time is an important part of PbD.
Learn more about viewing data security the PbD way in this post, the Privacy by Design Cheat Sheet
User Behavior Analytics
An important exercise in thinking in new ways about data security is to drop basic assumption. One assumption that many in IT still have is that perimeter defense –firewalls, intrusion detection, etc.—will prevent hackers from getting in.
We know from most of the major breaches in the last few years that hacker have come in through the back door, using phishing or injection techniques.
Think differently by dropping the assumption that there’s such a thing as air-tight security.
That’s where User Behavior Analytics (UBA) come into play. This technique takes the view that attackers will get into your system in spite of high cyber defense walls, so your goal should be speedy detection of the intruder.
UBA works by focusing on user activities and then deciding whether they vary enough from a pre-calculated average. So Jane in legal who is all of a sudden copying massive amounts of files from the customer services group may very well be the hacker known as De3thSlasher.