Are you following Smashing Security, the award-winning podcast with "a helpful and hilarious take on the week's tech SNAFUs" (tag line)? Check out this week's episode with Authentic8's Scott Petry.
Smashing Security* is based in the UK and co-hosted by Graham Cluley, a security blogger, researcher and public speaker, and Carole Theriault, who founded the Sophos Naked Security site and now heads up a digital media and communications firm.
For episode 187 of Smashing Security, Carole and Graham were joined by Authentic8 Co-Founder and CEO Scott Petry, who answered questions about web isolation with Silo. Their conversation focused on how web isolation with Silo for Safe Access and Silo for Research enables organizations in the private and public sectors to protect themselves and their users online.
Most Smashing Security listeners are IT security experts, threat intelligence researchers, and privacy experts. Much of the chat covered topics like remote work and the risks emanating from unmanaged work-from-home devices.
When Scott explained how law firms deploy Silo so that attorneys or associates can access social media sites or personal websites without putting sensitive client data on the same device at risk, as "a second window onto the internet," host Carole Theriault summarized: " It's almost like a virtual safe room."
Scott's response: "A 100 percent."
Other topics touched upon: how to conduct sensitive online investigations securely and anonymously, and how to comply with regulatory requirements (the European Union's General Data Protection Regulation (GDPR) was mentioned in particular).
Full visibility for IT into how Silo is used
"We are fully compliant with GDPR and an alphabet soup of other requirements as well, for a variety of reasons," said Scott Petry.
Many Authentic8 customers, he explained, "are operating in compliance-oriented organizations, or they have sensitive workflows, like law enforcement investigations or financial activities." With Silo, Scott continued, "we provide a full suite of administrative policies to control device access, data policies like upload and download."
All activity is logged centrally, he said, "regardless of device, network, et cetera. And that log data is all encrypted with customer-controlled keys, so customers get to control their data rather than us controlling their data."
Listen to the full Smashing Security conversation here.
*Authentic8 is a Smashing Security sponsor.