Recently Jonathan Cogley, CEO of Thycotic Software and I sat down to discuss his unique corporate culture and in the process of this I uncovered not only his unique strategy with company building but also a very unique perspective on enterprise password management.
I love sharing unconventional thinking about topics that we normally think we have under control.
Jonathan is this type of thinker. He said to me that a CIO and CISO must ask, “Do I have control of my human and non-human accounts on my network….???”
When the topic of employee and administrator password management comes up do you assume all is well or have you asked the question in this way to your staff?…It will evoke a different response based on how you ask the question and will present a different level of risk as well.
We explore in this episode:
Jonathan’s focus on Thycotic’s Unique Culture
- The story of how Jonathan founded the company
- The journey from consultancy to software company
- The genesis of his desire to scale a great product idea
- The Thycotic core strength of being of software engineering company at heart
- Key learning steps along the way: collaboration, teamwork, and servant leadership
- How a simple decision to eliminate the pain of an upgrade for customers led to a complex product being able to be upgraded in less than 4 minutes…..unheard of!
- The importance of building a servant leadership model that embraces multi-generational workers like “gen y” for example.
- Creating a leadership style company that wants to learn, where people are proud of their work, output is high, and where people feel a sense of ownership.
CIO/CISO Objectives –
Jonathan discusses his vision as he sees discussions with CIOs and CISOs changing to RISK more and more…
Note the conversation about “human and non-human accounts”
- Brand Management – if someone hacks your twitter or Facebook credentials this can have devastating effects. Chief Marketing Officer
- Insider Threat – This is changing from malicious insiders to insiders that have been impersonated by hackers. How can you tell the difference?
- Privileged Accounts Security – Admin, local, Unix, eg.
- Service Account Security – backups and scheduled tasks
- Compliance and Regulation – how can this be automated?
- External Threats – Malware – crime
To Learn More About Thycotic Use The Links Below:
- Thycotic Company Blog
- Thycotic User Conference 2015
- Like the Thycotic Facebook Page
- Follow Thycotic On Twitter
All methods of how to access the show are below:
- Listen on iTunes (for iPhones etc.)
- Listen to it on Stitcher (This is for Android Phone Users. Download the Stitcher app here)
- Stream it on Libsyn
- Listen to it on Soundcloud (This is for listening via PC/Mac Browser)
- Please subscribe here to Bill Murphy’s Redzone Podcast on iTunes.
- Subscribe to my RSS Feed here.
- Link to LinkedIn blog post
If you enjoy the show, you can help us out by leaving a review on iTunes. Here’s How!
The entire show notes are listed below.
- What is privileged account management? [1:10]
- How did Thycotic get started? [3:40]
- Thycotic’s Core Competencies and Capabilities [7:15]
- “The last thing we would want is the customer to have to go through pain for an upgrade…” [8:53]
- “Even Though I had the credibility from the community, I often had no authority” [11:58]
- “Your manager is there to facilitate and help, but not to tell you what to do” [13:54]
- “How did you stay mentally and organizationally disciplined? [15:01]
- “The danger for CIOs is that it’s [Identity Management] so darn simple, the concept, that they don’t even realize the complexity that you’ve taken away from them” [17:31]
- Human Accounts vs. Non-Human Accounts [18:46]
- CIOs and Password Management [19:19]
- “The risk very frequently is not with the human accounts, it’s with all the privileged accounts” [22:50]
- The risk presented by Service and Privileged Accounts [23:46]
- Where does Thycotic decrease costs in regards to being compliant? [28:30]
- Access Control and Authentication Options [30:06]
- Brand Management and IT Security [30:40]
- “All you have rights to as a company is the access into your social media accounts and the access control around that” [32:12]
- The importance of doing the basics [34:04]
- To Learn More About Thycotic [35:55]
To participate in discussions about these topics and others join our CIO Group on LinkedIn.
Bill is dedicated to your success as an IT Business Leader. Sign up/Subscribe for weekly podcast, CIO Mastermind and CISO Mastermind updates delivered to your inbox easily and effortlessly: Follow Bill on LinkedIn and Twitter.
Leave a podcast review here