Transcripts

This Week in Enterprise Tech 519 Transcript

Please be advised this transcript is AI-generated and may not be word for word. Time codes refer to the approximate times in the ad-supported version of the show.

Louis Maresca (00:00:00):
On this week in Enterprise Tech, we have Mr. Brian G, Mr. K Franklin, back on the show today. Now Apple is expanding their sack coverage with Global Star. We'll talk about what that means for their service, plus Misconfiguration Plagues infrastructure services out there. Now, what can organizations do to protect themselves? Plus, we have a great guest today, Mike Johnson, CISO Fastly, and he is gonna take us through the role of the CISO and just how it's evolved over the last several years. Definitely should miss it. TWieT on the set

VO (00:00:32):
Podcasts you love from people you trust. This is, TWiT

Louis Maresca (00:00:45):
This is this week in Enterprise Tech, episode five 19, recording November 11th, 2022. Do no Evil, see So No Evil. This episode of this week in Enterprise Tech is brought to you by Melissa. Over 10,000 clients worldwide in industries like retail education, healthcare, insurance, finance, and government. Rely on Alyssa for full spectrum data quality and ID verification software. Make sure your customer contact data is up to date. Get started today with 1000 records cleaned for free at melissa.com/twi and by IT Pro tv. If you're looking to break into the world of IT or your IT team needs to level up, get the introduction you need with IT Pro tv. Check out an IT pro TV business plan by visiting IT pro.tv/enterprise today. And by nor layer, nor Layer is a secure network access solution for your business. Join over 6,000 fully protected organizations. Go to nor layer.com/twi. Get your first month free on purchasing annual subscription.

(00:01:55):
Welcome to Twat this week at Enterprise Tech, the show that is dedicated to you, the enterprise professional, the IT Pro, and Nike who just wants to know how this world's connected. I'm your host, Lewis Maka, your guide to this big giant world of the enterprise, but I can't guide you by myself. I need to bring in the professionals and the experts. So starting of their own and very busy senior analyst at amd. He's the man with the pulse of the enterprise and he's Mr. Curtis Franklin. Curtis, he made it through the storm they call Maker Fair and another hurricane. How things are going over there.

Curt Franklin (00:02:29):
Well, things are ever so slightly soggy, but, uh, no great damage here in the Orlando area for, for most of us. Uh, unfortunately had a couple of folks who, uh, learned a, uh, valuable lesson about touching downed wires. Um, but in general, uh, we came through in pretty good shape. Maker Faire was spectacular. Uh, nothing but good things happened there. Uh, everything from AI art to printing with a steam roller to battling robots, uh, to drone, uh, races. It was just a, a great weekend of creativity, uh, and excitement. Uh, we enjoyed it and then came home and promptly passed out for a couple of days, so that was nice, uh, in the rest of the world. It's been, uh, a week of research and interviews. I'm, uh, finishing up, uh, some work on cybersecurity awareness training. Get ready, getting ready to go into a deep bit of research on two things. One is the use of AI in cybersecurity. In the other is risk quantification. So I have a fairly full dance card for the next couple of months, uh, looking forward to it.

Louis Maresca (00:03:47):
That's great to have you back. Thanks for being here. Well, we also have to welcome back Arian, Mr. Brian Cheese net architect Sky Fi expert and all around tech Geek cheaper. It's been a month. How are things are going? How was Maker Fair?

Brian Chee (00:03:59):
Maker Fair was amazing. Got to do a lot of work with the fairground staff on upgrading the wifi system. Get this, they, they managed to turn off a whole bunch of cable modems, um, lots and lots of money every month pouring out the doors. They turned off, you know, I think 80% of them and used that money to go and pay for a new wifi infrastructure. So I was helping them ring the bugs out and apparently I did an okay job be because they asked me to sit on the board. So that ought to be interesting. Uh, so I predict it's going to be a busy year of helping them do things like sustainable energy integration, smart meters, and upgrading their IT infrastructure.

Louis Maresca (00:04:50):
Fantastic. Well, thank you guys for being here. Well, speaking of busy, it has been quite a busy week in the enterprise, so we definitely should get started. Satellite based telephony and services have been in the news lately. We talked a little about SpaceX is Starling. However, apple surprised the world with their latest phones to have the ability to have an SOS service built into it that's SAT based. You might be surprised just how far Apple will go to make this work. We'll talk about that. Plus, we have a great guest today, Mike Johnson, c CISO of Fastly. He's gonna take us through how the role of CISOs evolved over the last several years and how cloud services should be securing yourselves. So we'll talk about that. So definitely stick around lots to talk about, lots of exciting stuff. But first, like we always do, we have to go through this week's enterprise news blips.

(00:05:35):
Now, what do you call a robotic arm that relies on computer vision, artificial intelligence, and fancy suction to move things around on Amazon's world? It's called Sparrow. Now, this week, Amazon unveiled a robot capable of identifying individuals items, shapes, sizes, and textures. And according to this article over here at, uh, tech Crunch, Sparrow can also pick up items with suction cups and place them into separate plastic crates at a record rate. Now, the question people need to be asking themselves is successful or successfully integrated? How many jobs will take over now? Right now, the system can identify over 65% of Amazon's massive inventory. If you think about how many items Amazon actually houses, that is a lot of items in the database. And ID now in June, Amazon unveiled its first autonomous robot called Proteus, which can lift and move package carrying carts. Now, right now, about 75% of 5 billion packages that a company processes annually are handled by robots in at least one part of the delivery process.

(00:06:37):
Amazon gave the same soundbite to the news outlets as it did when IT camera systems went online in its warehouses, that the system will relieve employees of repetitive tasks, leaving more room for other tasks, and also offering better safety, focusing on safety there. And it's a good line for the masses. If you ask me. Large corporations don't fund projects like these unless it saves money in the long run, including such things as better loss prevention and increasing success metrics when it comes to actually shipping items, sure, safety's a part of it, but having a more consistent and reliable system, especially during the holidays, is Amazon's biggest target. We'll have to wait and see just how far Amazon will take the system. They'll just stop at boxing items.

Curt Franklin (00:07:24):
Well, just to prove that cyber issues don't always stay in the cyber world of vulnerability. In a series of popular digital door entry systems offered by AI phone and used by high profile customers, including the White House and the UK's houses of Parliament, can enable hackers to literally open wide the doors simply by using a mobile device and an NFC tag. According to an article published this week at Dark Reading, a researcher with the Norwegian security firm pro Proman discover the vulnerability and also found that there is no limit to the number of times and the incorrect password can be entered on iPhone door lock systems, including the G T dm, bn, G T, DM B, lvn, and G T D B VN devices. Now, after using brute force multiple attempt methods to find the admin passcode, that's fancy way of saying you just enter all the possibilities and still something works.

(00:08:25):
A malicious actor can inject the serial number of a new NFC tag containing the admin passcode back into the system's logs of approved tags because the system does not keep logs of the failed admin code attempts. No digital trace of the hack practicing responsible disclosure, Proman first alerted AI phone to the issue in June, 2021. The company says, systems built before December 7th of that year cannot be fixed, but any systems built after that date include a feature limiting the number of passcode attempts that can be made. According to the promo researcher, the product seems predicated on the notion of physical security. And when NFC was added, they added a touchless high speed data port on the exterior of the building, which kind of does away with that whole physical security thing is a very specific example of a much broader problem in the world of iot security by design, a principle common in software design is almost non-existent in iot. In this case, adding user convenience deleted a high degree of security from a product specifically intended to provide security is is something that all companies should be on the lookout for when purchasing any iot systems that are intended to be deployed on company property.

Brian Chee (00:09:56):
So I really don't need to read the entire gizmoto article for you to know just how valuable thermal imaging devices can be. I bought my original one so that I could look behind the walls on houses. I was thinking about buying to see if there are cold spots that could have been leaking pipes or leaking air conditioning ducts in the ceiling. Well, after that, I loaned my unit to lose so it could track down heat leaks, leaks in his new home. Well, factors and repair folks use them to see if a motor is heating up and might be on the road to failure. Search and rescue personnel regularly use handheld or vehicle monitor units to search for lost people in the wilderness and military where the driving force for the miniaturization of the unit for field use by war fighters. Well, however, the lightning version I bought may just become obsolete once Apple changes all its iPhone devices to us, b C, to placate the eu, what this version does is remove the reliance upon a specific mobile device by using both Bluetooth and Bluetooth and wifi to handle the immense amount of control and vision data that thermal imaging required.

(00:11:07):
So who knows, I may be gifting the lightning version to Lou as an excuse to buy this new wireless version for my toolkit.

Louis Maresca (00:11:19):
The semiconductor industry has been on a downward trend due to the reduction in orders for fabrication companies and the availability of, you know, the cost of the units due to supply chain issues. Now things are starting to look up according to this Wall Street Journal article. In fact, so much so the Taiwan Semiconductor Manufacturing Company or TSMC is planning on building a second fabrication plant in the great state of Arizona. That's right, TSMC is coming to America and the expansion is a sign of the chip makers' long term optimism about demand, even in the face of market turmoil this year. Now, despite the near term industry despair, chip makers still expect global sales to double to over a trillion dollars a year in the next decade. And now that's not Trump change if you ask me. The US this year allocated about 39 billion for chip making Giants, giants Grants for expected to be handled over the next starting next year.

(00:12:11):
Actually, in addition to creating tax breaks on semiconductor manufacturing equipment, that means that TSMC might be able to get a piece of that pie. The first thing that they will look to do is produce the five nanometer chips that they've been doing in a gear up for the four nano ones the coming year. Now the plant will start mass production in 2024. Now what this also means is that other companies can continue to use chips from TSMC since they are fabricated on local soil. Let's hope that moves, you know, also helps move and kickstart the supply chain movement and the ability to rely more on locally manufactured parts in the future. Well, folks that does it for the news blips next up the bites, but before we get to the bites, we have to thank really great sponsor of this week, enterprise Tech. And that's Melissa.

(00:12:58):
Now, Melissa's the leading provider of global data quality identity verification management solutions, and has announced the availability of 2020 threes. Melissa's solutions catalog highlighting their comprehensive suite of solutions and services that help keep customer data clean, current and enriched for the greatest insights and most efficient business practices. And Melissa's solutions catalog features, data quality, enrichment and identity verification solutions, power and compliance, fraud prevention, sales, customer engagement and analytics developed as an industry resource for database administrators and developers alike. This catalog highlights tools that Clean verify, update de-dupe, and enrich customer contact data. Now, capabilities can be implemented at any point in the data chain and are designed to ensure all your global people. Data addresses, names, phone numbers, and emails are validated, updated, and standardized. The deployments are flexible. They're available on on premise web service, secure FDP processing, and SaaS delivery options. In fact, check out these testimonials from Melissa's happy customers, quote.

(00:14:10):
Melissa's Price was one of the key reasons we decided to try this software over the competition. Its performance seemed quite good for the price and it was, and it was simple to use software with excellent results, for example, it barely takes a couple clicks to perform the entire debugging process. Another quote, the data hygiene solutions is world class and we benchmark Melissa against the big names and data when the cost is factored in. It's no contest. Now since 1985, Melissa has specialized in global intelligence solutions to help organizations unlock accurate data for more compelling customer use. Melissa has ranked number one, that's right, the ring number one, across overall enterprise, mid-market and small business segments in various categories such as price reporting and ease of use. Melissa continually undergoes independent security audits to reinforce its commitment to data security, privacy and compliance requirements. They are also SOC two, HIPAA and GDPR compliant.

(00:15:13):
Make sure your customer contact data is UpToDate. Get started today with 1000 records cleaned for free at melissa.com/twi. That's melissa.com/twit. And we thank Melissa for their support of this week in Enterprise Tech. Well, folks, it's now time for the bites. Now, back in May, we reported the possibility of Apple getting to bed with Global Star at basically a SAT based telecom company where they spent about 300 million of finance 13 new satellites for their SOS services. Now, fast forward to September where they released the iPhone 14 and they announced the SOS capabilities, but the service was still in the fritz and Apple put stake in almost a, almost a third tier provider here, global Star, which actually lost about a billion and a half dollars in the last decade with its stock trading the $2 per share. Now they actually put a lot of stock, stock and stake into this company.

(00:16:10):
Now, fast forward to now Apple's planning on spending 450 million more to expand the infrastructure across the US with the majority of the funding going to global start. Now, this PC magazine article talks about just how far they're willing to go in the infrastructure. In fact, part of the infrastructure is to push updates and expansions to a number of the ground stations across the US to use high power antennas from a company called Cob Ham satcom. Now, the interesting thing here is there is some competition in the market, right? In fact, SpaceX's Starling Services is also including a partnership with T-Mobile phones for a similar type service. And now Apples, Apple's SOS service will roll out latest this month, but will only actually support text based messaging at first, and they'll also offer a free two years of service when you purchase a phone. I wanna bring my cohost back in because this is interesting movement for Apple. It's a lot of money they're spending now cheaper. I I wanna bring you in first because I thought that this was supposed to just be, um, a low bandwidth protocol. Why do they have to spend so much more money for expansion here?

Brian Chee (00:17:12):
Oh, it, it's all about load the, um, satellites in orbit. You think of 'em just as a switch, that's really all they do. Um, it is once the data gets down to the ground, there's only a limited amount of channels or bandwidth to be able to get to the ground. And then from there, goes out through high speed links and does its thing. Well, here's the problem. Uh, global Star has not had the biggest market on earth, um, pun intended. Uh, <laugh>, I've used Global Star a lot. In fact, the autonomous underwater, the open source autonomous underwater vehicle project, the plan is to use a relatively expense about 130, $140 hat that goes onto a raspberry pie and allows me to go and send, you know, in this case, in the last time I looked the, it was $65 for unlimited number of inbound or outbound messages.

(00:18:15):
Now, keep in mind these are very, very asynchronous. Sometimes a message could take upwards of two hours to get to its destination. But what I'm just sending updates and, you know, wait, you know, have, you know, SMS messages waiting to come inbound? Um, I was just going to go and update mission profiles for the vehicle. Well, their primary customer has been emergencies, uh, hikers, boaters, people like that, that need to be able to go and send for help no matter where they are. And they don't wanna spend the astronomical amount of money for a regular Iridium satellite phone. Um, it's not the cost of the phone that kills you, it's the airtime. Anyway, their other big primary user is food safety. Being able to send updates, you know, along the way in containerized cargo saying I'm still frozen is a big deal. Now what Apple's doing is they're dramatically, dramatically increasing the market with potentially tens or 20 or hundreds of millions of phones all over the world that will be able to stay in touch all the way up to, I think I remember it goes all the way up to about, um, five degrees and 360 degrees.

(00:19:47):
So it doesn't work at the very top and very bottom of the globe. Um, but everywhere else it works. I've actually used, uh, global Star Services in the middle of the Pacific to send tweets while we're doing research out in the middle of the Pacific. So by adding more ground stations and upgrade in the ground stations, they'll be able to relieve those bottlenecks. And by having more places to switch to, um, hopefully the bottlenecks of adding millions of iPhones isn't going to trash the performance of existing scientific and safety, um, users with Global Star.

Louis Maresca (00:20:33):
It's pretty interesting what they're doing here. Curtis, I I wanna throw this to you because, you know, I'm seeing a lot more opportunities across the, uh, you know, the market for organizations to use cloud providers, almost democratizing satellite usage like Azure Space. And they're, you know, they're using services, you know, like starlink and they're partnering with service like starlink. Now Apple seems to be going the private route where they're, you know, they're building their own satellites, uh, set of constellations there for their particular purpose. Um, it sounds like the wrong way. I feel like they're going the wrong way. Why not just work with global start to offer more infra on platforms so that more organizations can use this and it expands the market going forward? Do you feel like they're going like a really expensive wrong way for this?

Curt Franklin (00:21:16):
Well, let, let's first put something into context. For a company like Apple with this sheer ton of cash, they're sitting on 450 million, um, is is a round off error. I mean that this is, this is not a huge amount of money for them. Uh, if they were going to buy, I don't know, Luxembourg, uh, to host their stuff, then that starts being money. This isn't, you have to know that. A couple of things are true. One is that Tim Cook was Apple's head of operations. He was the COO before becoming ceo. He is known for his skill, uh, and his acumen with finding cost effective ways to do things, right? Uh, so if Apple is going into their own satellite capabilities, you have to believe that, that they have looked at that very closely. The other thing is that they do have experience partnering with iCloud.

(00:22:24):
ICloud by and large does not sit on Apple servers. Uh, it sits on one of the other major, uh, providers of cloud storage and cloud systems. So they know exactly what, uh, partnering for a major part of the benefit that they provide to customers looks like. Now, I think that what Apple is looking to do is find additional ways to be an advantage to the Apple iPhone customers, when as inevitably will happen, they have to have communications that go across satellite systems. You know, just as in the early days, iMessage was a, a closed walled garden. It didn't work well with any other messaging system. Then they added sms and now more and more features from iMessage or available regardless of what kind of network and what kind of client, uh, the people on the other end of the, the conversation are using. The same will inevitably happen with satellite. And what I think is going on is that Apple is positioning themselves to make it advantageous to Apple owners and Apple users even after the great democratization happens,

Brian Chee (00:23:52):
Right?

Louis Maresca (00:23:53):
It's interesting to see how much money they're putting in. Like you said, it is kind of a small on a drop in the bucket for them, but I, I feel like there's obviously something else coming that not just an SOS service, it's it's gotta be something else. Um, obviously it's gonna be probably have voice, it's probably gonna have data related. Um, maybe it's a second part of the, you know, advantage of having an iPhone. We'll have to see. But we'll have also see, you know, what starlink is planning with T-Mobile. Cause this could be something very similar, um, that could be competitive and it almost beats them to market we'll. So we'll have to see how fast they go and how far they will go with it. All right, well, let's put that one to bed. Let, I think there's another one come. We have another bite coming here cuz you know, a lot of this is more applicable to our IT audience as well. Cloud service users are notoriously plagued with misconfiguration issues. Now this creates vulnerabilities across the market, um, and a lots of users and IT organizations are having trouble here. What's going on here? T

Brian Chee (00:24:48):
Well, the, the story, um, basically is talking about how gee, there's, um, all kinds of databases out in the world and basically the systems were misconfigured. Well, I'm going to ignore a good chunk of the article just because it's a good article, but I wanna make a slightly different point. Databases, especially small databases where we use, almost use them for a workspace and things like that, um, is just the bread and butter of our industry. You do lots and lot of prototyping. Um, this almost feels like the old days of the I original IBM PC sneaking in the back door and running, um, wasn't Excel, uh, was SuperCalc. That's what it was, made a huge, huge difference. While small databases in the cloud, I think are today's SuperCalc, and we're getting lots and lots of people using them to do work, you know, try this, try that.

(00:26:03):
Let's prototype this or prototype that, um, before we take a more, shall we say, um, a, well, a better formed idea to our DevOps team to go and make it into a product. Well, one of the things that I'm seeing a lot of dealing with people is that they'll prototype and then forget about it. It'll just sit there. And that, I think is one of the reasons why we see these, you know, a few data leaks. Well, the rogue server concept, which the article does talk about, says 81% of organizations have experienced a security, security incident related to the cloud service over the past 12 months with almost 45 suffering. At least four incidents according to the, um, person interview. Well, the increase in complexity, the cloud based and hybrid infrastructure on, with a lack of visibility into the infrastructure, has caused the increase in incidents.

(00:27:05):
So yes, misconfigured cloud storage is one of the primary reasons for data leaks. I do not believe this is a trend according to the person interviewed, the increase in this trend is most often due to misconfiguration related to access controls. While only authorized users need to be allowed access to cloud storage. A simple mistake in configuration often enables authenticated, you know, any authenticated users to gain access. So, okay, we, we've got a lot of people, we've got people that are supposed to have access to this data, um, but they're in a rush. They're trying to go and get something built. They're trying to build a product. They're trying to do a prototype before they go to DevOps. Well, where's the mistakes? You know, they're not DevOps teams. They're going to make, you know, mistakes. I, I think that's the part that the article does miss a little bit.

(00:28:02):
And I give props to dark reading. You know, it is a really great article and it talks about what could be happening behind the scenes, but your security really is only as strong as your weakest link. Where are the controls that we've talked to a bunch of different people about cloud storage automation, AI automation, things like that to try and remove the human errors. Um, so I'm, this is my theory. My theory is that what this article is seeing is more of the prototyping. A lot of people just saying, I wanna try something. I wanna do what ifs. And I'm going to throw it to Kurt to see if he has the flip side of the coin to talk about.

Curt Franklin (00:28:56):
Well, you know, you, you mentioned two incredible things there that are important. One is the idea of what are your assumptions when you're building one of these systems? You know, if you're making, uh, cloud storage available to customers, and initially when cloud storage was a relatively novel concept, they defaulted to making it easy. That unfortunately didn't go with making it secure, uh, because we had a number of misconfigurations that were basically of the form. I want to make a file that I've put into a, an AWS bucket or an S3 bucket available to Brian. So I'm going to change my private only I can see it flag to let Brian see it. Well, in doing so, I do one tick box and I let everyone in the world see it. And furthermore, I let everyone in the world see every file that's in that bucket.

(00:30:08):
It's easy, it's quick, it's one click, it allows. And if I did it for just long enough to allow Brian to have access, then went back to private, it'd be great. But most people didn't do that. They gave everyone in the world access to everything, and then life came along. They got busy and they never turned off the access bit. Now, a lot of companies have made it more difficult to do that. You have to be much more intentional about offering that level of access, and they've also changed the defaults. Whereas before, the default might have been easy access for the greatest number of people. Now the defaults tend to be toward security, but it's still possible to make stupid errors in configuration. You know, the other thing is that it's very easy for a company to be deploying these, as Brian pointed out in a, um, prototyping or trial or testing situation. And trust me, I have done testing like this. And ideally what you're going to do is have a test data generation program that generates garbage data that you can use to validate the design of your application. In too many companies though, what they do is just grab a copy of a production database, stuff it over there because it lets them see that the application works on their real data. It's great until they leave that test application alive with the data.

(00:32:08):
And don't worry about security because hey, it's just a test. What we have in all of these cases is the, the balance between convenience, productivity, efficiency and security, and what we need is a balance. If you weight it down fully on one side or the other, then the organization is going to suffer. But if you think about it, have policies and procedures in place to ensure that you're not misconfiguring things and you're remembering to take down permissions that you don't need, then you can look at using these, uh, cloud storage facilities with some degree of security.

Brian Chee (00:33:05):
You know, awesome. But Lou, you've gotta defend yourself. You're on the DevOps side of the shop. How can we protect ourselves from ourselves? What do you think?

Louis Maresca (00:33:19):
Yeah, I've, I've definitely developed and, and built a lot of continuously deployed services in my career. I can a lot of microservices fronted by API gateways or backed by, you know, cloud stored. Now it's a complex environment. I can definitely tell you that. Um, and you know, and you sometimes will, humans will technically put together, you know, armed templates on the fly. So there, there's a lot of human, uh, era that could happen there. Like Kurt said, you know, there's lots of potential for misconfiguration. I've seen organizations handle all these things and do some very, very bad things. Now, how can you manage that? Why there's tools out there, obviously there's automation, there's tools, you know, you build arm templates for your, for your environment. Um, and in order to verify configuration problems, there's, you know, there's CLIs and there's scanners to, to scan your arm templates to make sure that you're not making mistakes.

(00:34:04):
So you have your base, your base image that you put out there for most, most of the services, and then you apply an ARM template on top of that and you could go and, you know, open the door to bad things. And so you, you definitely want the ability to, to scan those things and to verify the configuration to make sure you're not making mistakes. Now, there's also vulnerability assessment tools, and these are, can be enabled and they can be enabled against cloud storage, whether it's, you know, SQL backends or even no SQL type scenarios. And to ensure that you're not, you're also not misconfiguring those as well, and you're not opening the door to potential public access or, or, you know, exploits that can happen with those. And there's also lots of smoke testing tools. They're consist, you know, actively poking at your deployed environments to just make sure that, you know, you're continually compliant and you're secure over time even after you've already deployed these, uh, these environments or put them online.

(00:34:55):
So I, I would say automation is definitely a key here because you're getting, you know, you have your engineers or your, you know, your IT people building out these configurations and then deploying them. And you wanna make sure that what you're deploying is not gonna open the door to exploits in the future. And you wanna run these things continuously. You wanna be part of your pipeline, they wanna be part of your, um, you want, wanna be part of your active environment that you put out into production as well. So I, I, I feel like automation's definitely the way to go and will definitely help you in the future for sure.

Brian Chee (00:35:28):
Awesome. But you know what, we could go round and round on this forever. You know what I think we should do? I think we should do an ad and then I think we should let our guest wade into this because I just bet you he's sitting there chomping at bit going, but I have an opinion and I think he probably does let, let's go do that. Thanks Mike. We'll be with you in just a second.

Louis Maresca (00:35:52):
Who we are. We are. Well folks, it's now time for the guest drops of knowledge on twi, right? But before we do, we do have to think another great sponsor of the sweet enterprise tech and that's it. Pro TV training is an important aspect of any organization people want to grow, right? Well, plus you want people learning at the speed of the industry. That's an important part of learning. And things can change quickly in the tech and IT industry. Now, your IT team needs the skills and knowledge to ensure your business is a success. And with IT prot fee, more than 80% of users who start a video actually finish it. That's really impressive. Then that means it prov is engaging enough to keep your teams attention so they enjoy learning. Give your team the tools they need to make your business thrive. Courses are entertaining and bitch worthy, keeping your team interested and vested in learning.

(00:36:44):
Now the tech industry is evolving and changing rapidly and your team needs to be trained today. And when a new software release happens, or a system upgrade or a cyber threat faces your business, IT pro TV offers the training and perspective of those disruptions within days, if not hours. Now why is it pro tv right? For your business? So you get all training and certifications for your team done all in one place. Now IT pro TV has every vendor and skill you need for your IT team training. They provide Microsoft IT training, Cisco training, Linux, apple Security Cloud, and so much more. In fact, 5,800 hours worth ranging from technical skills to compliance to soft skills. Now you can do so much with IT pro TV business plans. You can track your teams' results. You can fact you can manage your seats, assign and unsigned team members.

(00:37:36):
You can access monthly uses reports. You can see metrics like logins, viewing time you can tracks completed in those trainings and much more. In fact, you can easily manage your teams as well. Manage subsets of users or teams by providing them with customized assignments, monitoring progress and reporting on usage of the platform. Assignments can be either full courses or individual episodes within those courses. You even get advanced reporting. Get immediate insights into your teams viewing patterns and progress over any period of time with those visual reports. Don't forget that IT pro TV has individual plans. Two, give your team the IT development platform they need to level up their skills while enjoying the journey. Go to IT pro.tv/enterprise today and we thank IT Pro tv, their support of this week in enterprise tech. Well folks, that's now my favorite part of the show. We get to get, bring a, a guest to drop some knowledge on the TWI Ryan, today we have Mike Johnson. He's ciso, uh, Fastly. Welcome to the show, Mike.

Mike Johnson (00:38:41):
Well, thank you very much for having me. Hope. Hopefully I can drop some knowledge. I'll see what I can.

Louis Maresca (00:38:46):
Absolutely. You, you're, you're your veteran in the industry, right? Def you definitely can drop some knowledge. In fact, our audience loves to hear people's origin stories. We have people from all spectrums of experience here. So can you take us through a journey through tech and what brought you to Fastly?

Mike Johnson (00:39:00):
Sure. Uh, I've been in security for over 25 years now, which is crazy when I say that. I started basically help desk, uh, moved over to system administration and my first real job in security was intrusion detection systems for tactical battlefield networks. So basically the US Army, we were helping them develop intrusion detection back when I was loading software from tapes and, and f floppies. And that was where I got my start. And I got, I got hooked and security was this really cool, interesting area of technology that I didn't know was gonna become a career. Turned out that, uh, that steadily became more and more an area that companies were looking to hire. Moved to a couple startups, worked for a large manufacturing company where we would deal with things like, uh, the forklift computers would get compromised on a regular basis, or the paint lines on manufacturing floors would get shut down because of denial of service attacks.

(00:40:10):
So that was very much a business critical function to secure those networks. I moved on from there, was very fortunate to join Salesforce in 2008. So very early in the journey of cloud computing and cloud security. It wasn't a thing. I, I didn't even know what cloud computing was at the time. It was still very early. But we really innovated on understanding what cloud security was, what it really meant to our customers. And really it was an amazing journey, uh, to grow from. I think the security team was less than 10 when I joined. It was, um, several hundred when I left. Probably I think at one point reached a thousand people. So massive security team. Uh, I moved on from, from Salesforce when I had the opportunity to be Lyft's first cso. Uh, that was very much an eyeopener for me in terms of hyper scaling and what that really means and hyper growth and how you bring security into a very developer driven organization. Uh, left, left lift, uh, after a year and a half took some time off. Uh, first time in my career, I'd taken some time off and joined Fastly three years ago to really build and expand the team and expand the focus around securing the platform, securing our systems, our environments so that our customers can really trust us with their data, with their, some of their most critical functions that they have to deal with. So that's, that's kind of my, my story, how I got here.

Louis Maresca (00:41:55):
Yeah, I definitely wanna get into a lot what Fastly is doing. Cause they're in, been in the news a lot around security and, you know, a lot of trustworthy organizations out there. Trust, trust Fastly for, for their services. Mm-hmm. <affirmative>. But first, before we do, I, I wanna get into some interesting topics here. Cause again, we have a large spectrum of experience for, from our audience here. So I wanna get more into the CISO role a little bit. You know, it's, it's essentially been evolving over the past several years. But, but, but I wanna first start with your role. What, what's your day to day look like as a ciso

Mike Johnson (00:42:23):
Uh, meetings, it's, it's mostly just wa wawa meetings. Um, but what, what it's really focused on is understanding where our risks are and working with other business leaders on what is the appropriate risks to be dealing with at any point in time focused on where the business is going. It'd be very easy to build a very secure environment, just shut everything down, but that doesn't really support the business. So a lot of the focus is in understanding the strategy of the business and how that then overlays with the risks that we're either uncovering or working on burning down over time. So it's, it's a lot of conversations, a lot of understanding the current state of the environment.

Louis Maresca (00:43:14):
Now, you know, the, obviously Fastly offers a lot of different services. So it sounds like the conversation you have probably is with lots of different parts of the organization when it comes to, because there's lots of different threats out there. Like what are, what are you seeing, I guess you don't have to give us the secrets from Fastly perspective, but I guess just in general, what you're seeing across the industry. What are the major threats that you are constantly having? Some of, some of the conversations about,

Mike Johnson (00:43:37):
A lot of the types of threats that we're dealing with on behalf of our customers are denial of service attacks. Uh, this is a constant thumb of the internet that most people don't realize. Uh, but as a, for instance, you could have a denial of service attack that is millions of requests per second in a very short period of time, and your average website is gonna have a hard time dealing with that. So we see attacks on a regular basis that are, have moved into that realm. It past denial of service attacks were mostly bandwidth exhaustion. You know, I, I will send you more requests than you have bandwidth, but we have over 200 teter bits per second of bandwidth, uh, available to us. At any point in time. You're not gonna overwhelm our bandwidth. That's, that's not the types of attacks that we see. But when you move up the stack, when you move into applications that have logic flaws that simply take more processing time to manage a request, that's the the type of thing that we're seeing that I, I don't think you see in the, in the news very often because it's so behind the scenes, a site could go down, you don't know why, but the reality is sometimes it's because it was attacked.

Louis Maresca (00:45:02):
You hear a lot about, obviously, we, we talk a lot about, even on the show, a lot about botnets and the fact that, you know, the, uh, adversaries out there are, you know, they're, they're, they're targeting organizations. Even cloud services try to take them down. They're using botnets to do it. Is that, is that sometimes the major, um, you know, the major start of these kind of DDoS attacks,

Mike Johnson (00:45:23):
A lot of them do start the, the fact of the matter is the ones that are effective are all via botnets today. It requires a distributed amount of bandwidth. Uh, if you sign up for an AWS account, sure, AWS has a lot of bandwidth, but it's very easy for a defender to deal with. It's one IP address. I just block it, move on with my day. So for a denial of service to be a, to be successful, it really does have to come through a bot net. What we're also starting to see is, uh, those bots being used for other things. Um, one of the things that is, that was a surprise to me is what we refer to as shoe bots. It's this, uh, underground industry focused on literally buying shoes, uh, when they're dropped, uh, from the manufacturer. They're a limited production run. If you can get your hands on one, you can then turn around and sell it for a lot of money. So there's this entire underground industry around building software that other folks then use to go and buy shoes so that they, they can then turn around and sell them. So the monetization of bots beyond just denial of service is something that we're starting to see more and more of.

Louis Maresca (00:46:50):
Well, I do wanna ask, uh, just how the Cecil's roles evolved over the last several years, but my, my co-host here, I'm sure that they have some questions, maybe we wanna talk about that. And of course, we also have to thank another great sponsor of this weekend, enterprise Tech. And that's nor layer nor layer safeguard your company's network and data. And with a surge of ransomware attacks and employees choosing to work remotely, business networks have become more vulnerable than ever there nor Layer secures and protects remote workforces as well as business data. And it can help you ensure security compliance. Now with newer Layer, it's easy to start less than 10 minutes to onboard your entire business on a secure network, and you can easily add new members, create team members and teams and private gateways, and even do things like IP allow listing site to site connection, network segmentation, and setting up secure network access.

(00:47:41):
Now you go to nor layer.com/twi and get one month free right now at the purchase of an annual subscription. Now, nor Layer is also easy to combine as it's completely hardware free and compatible with all major operating systems, allowing you to implement security features across all teams. Features like two-factor authentication, single sign-on biometrics, threat block, and smart remote access. So no layer is easy to scale as you can choose a plan to unique to your business requirements and your growth rate. And you'll have everything centrally in one place where you can check the server usage, monitor connections to your gateways, and even view Activity Lock. Now, one nor Layer User actually said, we we're looking for an easy way to securely connect our remote workforce to our infrastructure. This is it Awesomely quick, friendly, and efficient support got us up and running in no time.

(00:48:32):
Another one actually said, simple to install and operate no funny business and so fast that our teams don't notice they're using it. Most modern businesses are already adopting network solutions like Sassy Zero Trust and hybrid Work security. Nor Layer has it all and so much more. Don't leave your business vulnerable. Try no layer today and join more than 6,000 fully protected organizations, nor Layer do you wanna secure your business network. Go to nor layer.com/twit to get your first month free when push and annual subscription, that's nor layer.com/twi. And we thank Nor Layer for their support of this week in enterprise tech. Well, folks, we've been talking with Mike Johnson. He's CISO Fastly. Now I have a bunch of more questions, but I wanna also bring my co-host back in. Kurt, I'll throw this to you first.

Curt Franklin (00:49:26):
Oh, it's a good time to be talking about CISOs and, and their roles in the world, um, because we've had a couple of things just in the last three or four weeks that it seems to me could, could have an impact on the way someone approaches the role. And I, I want to ask you about whether you have any thoughts on these, these bits of news. First, we have a case where the, uh, someone who is the CISO for a major ride sharing company a few years ago, um, was there during a time of a breach, things happened and he has now been convicted of a crime. He, and we have to say here, I think that he alone among all of the executives of the company, has been legally held responsible for this. Um, you have to talk to your peers and you have to have thoughts. What, what is going on in the minds of other CISOs, um, is, you know, trying to put grab rails on the side of the bus so you can't be thrown under it, uh, something that's coming to mind. Or is this a very special case that won't have a huge impact on the rest of the industry?

Mike Johnson (00:50:57):
I, I appreciate you adding that last bit in because the conversation comes up a lot, but most people don't look at the particulars of the case. They just see CISO convicted. The reality is, this is a very specific situation. This was a company who had a history of run-ins with the ftc, and ultimately the issue was due to that history. If it had, if they had not been under a previous consent decree with the ftc, the case would've never been brought. It would've never been the situation that it turned out to be. So I, I, I really do think that on the one hand, it's a very specific case, uh, a very specific set of situations. On the other hand, we do need to recognize that we are executives of companies. We have responsibilities to those companies, to the shareholders, to the customers. And while for a long time we've fought for, you know, the, the quote unquote seat at the table, we have it now. And with that comes responsibility. And when you're making decisions for the company on the behalf of the company, then there are repercussions that come along with that. So particular case when it becomes, when it comes to this, this situation. But at the same time, it's good for us to have those conversations and recognize what it truly means to be an executive of a company.

Curt Franklin (00:52:30):
You know, I, I think it's important that you, you talked about what it means to be an executive, because over the past 20 years, we have seen an increasing tendency to think of the CSO and the CSO as business executives rather than simple technologists who happen to have an executive title. Um, and that brings me to the next thing I would love to, to ask you about. We have another very public case of a whole bunch of executives in the security and privacy functions of a company leaving it once. Um, first of all, do you think that it's much more impactful if a group of executives at that level leaves rather than just one and second? What do you think that might do to someone coming into the role if they don't have the colleagues there to share with them the institutional knowledge, the how things actually get done in this organization, kind of knowledge that, that everyone has to have when they come on board?

Mike Johnson (00:53:55):
It very much is, um, it takes a team, uh, to get, to secure an environment to protect the data within it, uh, to understand everything that goes on with that. Uh, especially where you have the specialized knowledge related to the legal side of things, to the compliance side of things. And when you have everyone leave at once, that's a huge set of responsibilities that have to go somewhere else. It's, it's not that those needs go away. If any one of them had left, probably what would've happened is those responsibilities would've shifted to the folks that stayed. So, to some respect, I think there was a recognition that the most powerful statement they could make would be for them to all leave at the same time, so that it really was very clear that there wasn't somebody else to pick that up. Um, in terms of what it says for someone coming in, you have to recognize that there's a lot of work that you're gonna have to do.

(00:55:09):
And right now you'd have to do it yourself. I'm not sure that we're gonna suddenly see Twitter looking for a new ciso. I'm not sure that we're gonna see them looking for a new privacy team. They've got a lot of other problems at the moment. And I, I think that's one of the fo one of the things that people need to realize is that if a company is in trouble, if it's fundamentals are challenged, security is not the first thing that they're thinking about. And that's what we're probably going to see in this situation is you are going to have a company that's struggling, that has a lot of other problems to solve before it comes back to this particular area. It's a company that's well known for actually having a very strong security program, and it might be able to operate okay for some time, but anyone coming into that role in the future is really gonna have their hands fall on just understanding the current situation, much less advancing things forward.

Curt Franklin (00:56:17):
I will say that, worry me, I would, um, want to look carefully at a contract before I, uh, took on, uh, a role under the circumstances. Well, one of my, my last question is really on that, that second one, and it, it pertains to the particulars of the CISO's job because there have been, uh, I think, uh, perhaps flippant, uh, suggestion that what can happen is that people at lower levels of the organization can simply do their jobs. And what the CSO and some of these other executives were doing will just happen because it should, you know, we'll, we'll let, we'll let other people just certify that what they're doing meets all the requirements. Is that a realistic expectation in a modern, large organization? Or are there regulatory, legal and other compliance issues that require specialized knowledge and let's admit it, some specialized focus of time to be able to deal with?

Mike Johnson (00:57:36):
It's interesting that you bring up the regulatory side of that because we're seeing more and more regulations on a global scale that are impacting the expectations of securities, of security at companies. And a lot of that comes back to being able to certify we're doing the right things to be, to be able to have a statement and also back that up with evidence that you are appropriately securing an environment. The way that we do that a lot today is we'll bring in a third party auditor. This is a common practice, especially if you take pci, uh, credit card processing. If you process credit cards, you are required to meet the PCI standards. And part of that is actually having a third party, a test that you're meeting those standards. If you just have somebody yolo their way through security, you're not going to be able to prove that you're actually meeting those particular requirements.

(00:58:42):
And just PCI alone, the impacts can be tremendous. You can lose your ability to process credit cards, and if that's your source of revenue, that's gonna hurt pretty bad. But then you've got other areas like GDPR in Europe that require that you are appropriately securing the data of their citizens. You will have to attest to that as well. And more and more, we're gonna see those attestations being a requirement, and that's where that specialized knowledge comes into play. What is it that we do as a company that meets the expectations of this regulation? It's in a lot of ways, uh, being a translator, I might be able to speak English, um, but I can't speak French. Uh, that's, that's a knowledge that I don't have. And it's, this is a very similar situation of those engineers might understand what the company does, how it does what it does, but then how you translate that into what the auditor is looking for, what the regulation is looking for, that's where you start to see some of that specialized knowledge.

Brian Chee (00:59:54):
Wow. Makes me wonder whether or not you ever want to be a ciso. Hmm. So tell you what, let's go and ask for some of your hindsight. Lots of companies are, um, growing, we hope. And so the sec, the Chief SEC information security officer functions tend to be under the CIO for a while, and as they grow, there's thoughts of should we split this and actually want to follow that on in the, in the role, one of the people in the chatroom asked, well, he's seen other CISOs talk recently. They'd feel it'd be even helpful to split up the roles into two, one that performs the chief risk officer or risk management and the other one for everything else. So we have three milestones, shall we say. What kind of advice, what kind of hindsight can you shed on people that are looking at those decisions now?

Mike Johnson (01:00:56):
So the, the first thing, uh, in regards to where does the CISO set, um, one of the, that's an area that we talk a lot, uh, within the, the CSO communities. And, uh, for folks that are not aware, we have our own little communities. We, we have conversations, uh, amongst each other and, you know, I report to a CIO or I report to a CTO, or I report to a CEO where I report to a general counsel. Those all come up. There's not a single answer to that question. It is going to differ for every company. And what really comes down to is what is the level of influence that you need to have in the company? And can you build that? Can you get things done to actually secure the company? And if you can do that with your re reporting structure, then it works fine.

(01:01:54):
And if you can't, then it's maybe the reporting structure is broken or maybe something else is broken. But fundamentally there's no single, uh, particular way of doing it. The, the, uh, commenter about the chief risk officer as separate from a Chief Security officer. That's the way it is. In, in some companies where risk can be far more holistic than just the technology side of the house, one of your risks could be foreign currency exchange rate fluctuations. That's not something that your average CISO is going to be well equipped to deal with, but that could be a fundamental business risk. So for some companies, it does make a whole lot of sense to split that out. And in others, the only risk that you might have could be strictly technology rate related. And there it makes sense to have one person who's ensuring that it's all being reasoned about with one set of perspectives and, and one repeatable set of processes.

Brian Chee (01:03:02):
Nice. Well, sadly, we're kind of running outta time. So this is the time for the blaton plugs. Go make your marking on people happy. Where can they go for information? What kinds of things make fastly such a good choice? And can you tell us about those?

Mike Johnson (01:03:23):
Sure. Uh, so I'll caveat all this to say I'm not a marketer. Um, but um, please go to fastly.com. What you can really find there is, uh, our three lines of product. Um, one of our lines of product is our programmable edge. Um, this is content delivery. This is, um, media delivery. This is the majority of what day to day you as consumers would actually, uh, you would actually be touching our network. Odds are that any day goes by. You've touched a fastly IP address, uh, if you've been online. So we've got our programmable edge, we've got the content delivery side. We have a computing platform where you can write and run arbitrary programs at the edge. You can bring, um, a application, run it within our environment, very close to your users at very low latency, very high performance, fully distributed, all, all, everyone's seeing the same exact experience.

(01:04:38):
The third is for security business. We're really focusing on, um, right now a web application firewall approach. That's how it's classified, but it's a little bit different. Uh, the way that we approach w is unique. Uh, we are looking at, um, state, we're looking at signals. We're not just looking at, Hey, this rule failed. Uh, it's very much, um, where does the situation with the application that you are, you're monitoring. And we've been very successful in the implementation. Our customers have been very successful. The majority of wfs, when they go and implement them, they don't actually block things. They, they're kind of afraid it's going to break their application. With our wf, the vast majority of our customers are running our WF in a blocking mode that's actually protecting their applications. So come check us out. Um, if you have the, the needs of delivering massive amounts of data, uh, applications at scale, we can help you. If you're looking to increase the performance of your applications, we can help with that. And if you have security challenge related to your web applications, we can help that out as well. So all of that's at fastly.com.

Louis Maresca (01:06:04):
Amazing. Time flies when we're having fun. Uh, great show. Mike. Thank you for being here. You know, we're running low on time. You told them where to go to, to maybe learn a little bit more about Fastly. What about organizations that are getting ready to digital transform and they want to get started with Fastly? Is that the place to go? Do they reach out?

Mike Johnson (01:06:21):
Yes. Um, we have a button on our website that says Talk to an expert. Uh, so it's, it's that simple. If you are looking to make those migrations, and especially in a world where multi-cloud is the direction that people are going, a great opportunity is to use a CDN in front of your AWS and GCP applications. Uh, and you're not beholden to either one of those. So fastly.com, click on the talk to an expert and someone will help you out.

Louis Maresca (01:06:51):
Yes, good for me here. Well, folks, you've done it again. You've sat through another hour. The best dang enterprise podcast in the universe. So definitely Junior Project podcast, dwi, cuz we're on all of them. I wanna thank everyone who makes this show possible, especially took my cohost, sorry they very on Mr. Brian Chi cheaper. What's going on for you in the coming weeks to working people find you?

Brian Chee (01:07:13):
I've actually gotta learn how to be a member of a board directors. I've been technical, you know, this is actually gonna be the first time I've been on a real board, so that's gonna be interesting. But you know what? You can listen to me make mistakes. You can listen to me learn how to be a board member and do all kinds of weird and wacky things. So why don't you listen to me rant on Twitter. Um, I'm ADV N E T L A B Advanced Net Lab on Twitter. Or you're more than welcome to throw email at I'm sheer spelled C H E E B e R T twi.tv. Or you are also welcome to throw email to TWI at TV and that'll hit all the guests. We'd love to hear your show ideas. Uh, we, I have no problems with trying to take a stab at answering your questions. Uh, I am a engineer at heart, Mr. Geeky here and uh, we'll see if we can go and answer your questions. Take care.

Louis Maresca (01:08:21):
Thanks Geer. Well, we also have to thank Mr. Curtis Franklin as well. Curtis, what's going on for you in the coming weeks? Where can people find you?

Curt Franklin (01:08:30):
Well, I'm going to be doing a lot of writing, trying to get some projects, uh, done for our customers at AMIA before the end of the year. I'm doing research on, as I said, uh, both AI in cybersecurity and risk quantification for the coming year. Uh, got a couple of webinars that look like they're on the horizon for December and I've got several articles that I'm planning to publish, either at dark reading or on LinkedIn. And I would love to have people follow me to find out about them. You can follow me on Twitter at KG four gwa. I'm on LinkedIn, uh, as Curtis Franklin. Um, and I've also, uh, gone out and got a Mastodon account. Uh, I'm gonna be, uh, putting links to that over on my LinkedIn, uh, account. So, uh, see if anyone is heading over to Mastodon. Anybody, but maybe that is.

Louis Maresca (01:09:39):
Thanks Curtis. Well folks, we also have to thank you as well. You are the person who drops in each and every week to watch and to listen to our show, get your enterprise goodness. We wanna make it easy for you to listen and catch up on your enterprise and IDT IT News to go to our show page right now with that tv slash quiet. There you'll find all the amazing back episodes we have there. Show notes, cos information, guest information, of course, also the links of the stories that we do during the show. But more importantly there next to those videos, you'll get those helpful. Subscribe and download links. Support the show by getting your audio version, your video version of your choice. Listen on any one of your devices or any one of your podcast applications cuz we're on all of them and the best way to support the show is definitely subscribe.

(01:10:21):
Now you may have also heard we also have Club TWI as well. It's a members only ad free podcast service with a bonus TWI plus feed that you can't get anywhere else. And it's only $7 a month. There's a lot of great things that you get with Club to now. One of them is the exclusive access to the members only Discord server where you chat with hosts, you chat with us, the producers, separate discussion channels about all different tech topics and topics that are out there, including cooking and all that fun stuff. Plus special events. Lots of fun discussions, lots of fun events. Join Club Twi, be part of the movement. Go to twi.tv/club twi. Now you also must know that Club Twi also offers corporate group plans as well. It's a great way to give your team access to our Ad Free Tech podcast.

(01:11:08):
The plans start with five members at a discount rate of a $6 each per month. And you can add as many, many seats as you like. Just go to twi.tv/club twi. Now, after you subscribe, you can impress your family members, your coworkers, your friends with the gift of TWI. Cause we talk a lot about fun tech topics on this show and I guarantee they will find it fun and interesting as well. So definitely give them the give the twi and have them subscribe. Now if you've already subscribed and you're available these days on 1:30 PM Pacific Time, on Fridays we do this show live that's right at live that twi that TV there you'll have all the streams that you can access. Come see the behind the scenes, all the pizza, how the, see how the pizza's made, come see all the fun that we do during the the show.

(01:11:50):
Before and after. Behind the scenes. Come check out the live stream. Now if you're gonna watch the live stream, go ahead and jump into the IRC channels or info is Irsg channel as well. It's, it's a live chat room. Lots of fun characters in there. We have returning characters, we have new characters, new people, new discussions, new topics. They, they really help us drive the show. So thank you to everybody who's in there each and every week. Join that, that the, the IRC channel as well. Cause it's really a fun place to be. Definitely if you wanna hit me up, definitely hit me up on twitter.com/lum. There I post all my enterprise tidbits. I have lots of great discussions with people. Uh, I post great shows like that one right there. Of course, I also wanna hear your show ideas. You can hit me up on, on Twitter, you hit me up on LinkedIn, Lewis on LinkedIn.

(01:12:33):
I've got some really show, great show ideas there and some great discussions about tech as well through LinkedIn. So definitely check me out on both of those. Um, if you wanna know what I do during my normal work week, definitely check out developers.microsoft.com/office. There. We post all latest and greatest ways for you to automate your office applications, whether it's web-based macros for your Excel documents or it's, you know, really customizing your office experience to make it more productive for you. So definitely check all of that out and be part of that as well. I wanna thank everyone who makes this show possible, especially to Leo and Lisa. They continue to support this enterprise tech each and every week and we couldn't do the show without them, so thank you for all their support. I also wanna thank Mr. Brian Chi one more time. He's not only our co-host but he's also our tireless producer.

(01:13:20):
He does all the show bookings and the plannings for the show. We couldn't do the show without him, so thank you cheaper for all your support. I also wanna thank our editor for today. You know, he, they make us look good after the fact. They remove all of our mistakes, so thank you for all your support. I also wanna thank our TD for today, Mr. An Per. He's also has an amazing show called Hands On Photography each and every week. And I, I can't get enough of it. In fact, I posted an example of my Twitter stream an what's going on this week in hands on HandsOn photography and what can I learn this week.

Ant Pruitt  (01:13:53):
<laugh>

Louis Maresca (01:13:53):
Gonna be how to

Ant Pruitt  (01:13:54):
Talk. Thank you Mr. Luo. This week I got into video editing again, uh, continuing that module. But we looked at a piece of hardware from the folks of Black Magic and it's the Speed editor and um, I had my doubts about it, but you have to, uh, watch the show to see, see my final thoughts on the Speed Editor from Black Magic. And before I toss it back to you, I just saw in our IRC that someone thought that our Macon instance, twit social was only for paying members. It is not. So head on over to twit.social, enjoy our Macon instance right there and hang out with with me Mr. Laport and the whole twit crew. So sign up there, twit.social,

Louis Maresca (01:14:39):
Definitely go over there. Lots of good stuff going over there. I actually sat there for an hour yesterday just looking through the stream. So definitely join the Twitch social over there for sure. Well, thank you Ann, and until next time, I'm Lewis Ruka just reminding you, if you wanna know what's going on in the enterprise, just keep quiet,

Jason Howell (01:14:56):
Don't miss all about Android. Every week we talk about the latest news, hardware, apps, and now all the developer goodness happening in the Android ecosystem. I'm Jason Howell, also joined by Ron Richards, Florence Ion and our newest cohost on the panel When to Dow, who brings Her developer chops. Really great stuff. We also invite people from all over the Android ecosystem to talk about this mobile platform we love so much. Join us every Tuesday, all about Android on twi.tv.

All Transcripts posts