Aaron Palermo on Cybersecurity and SDP - Episode 018

Today's episode is a bit of a special one — your host, Jeffrey Palermo, interviews his own older brother, Aaron Palermo. Aaron is a DevOps engineer, solution architect, and all-around cybersecurity expert. He works for a global cybersecurity services company, is a member of the Cloud Security Alliance, and is a co-author of the up-and-coming Software Defined Perimeter Specification Version 2.

SDP is a full replacement for VPN — providing better protection to fully secure your data, devices, and accounts.

This episode is jam-packed with incredibly useful information applicable to software developers — but also anybody who has a Wi-Fi network. Stay tuned to hear about how an SDP replaces a VPN, Aaron's recommendations on how people can fully protect themselves online, which state-of-the-art multi-factor authentication people should be using, how to keep your data safe and protect from Wi-Fi vulnerabilities, and more.

Topics of Discussion:

[:52] About today's topic and guest.

[1:24] About the Palermo family and Aaron's background in the industry.

[5:23] Aaron explains what an SDP is.

[7:18] How an SDP affects a person's setup.

[13:22] Does an SDP complement a VPN or does it replace a VPN?

[13:40] Does an SDP create a network to a data center or can parts of the network exist anywhere?

[14:23] What are the products available now to use an SDP?

[16:00] Some differences between an SDP and a VPN.

[17:00] A message from The Azure DevOps Podcast's sponsor: Clear Measure.

[17:28] Aaron's thoughts on whether or not companies not using SDP would be considered malpractice in the future.

[19:26] Why SDP serves a good solution.

[21:05] Would an SDP be an absolute recommendation to people working from home when accessing anything that's not 'software as a service?'

[22:49] For smaller organizations, what are Aaron's SDP recommendations that are easy to get started with?

[24:32] What are some things that people should be doing to protect themselves and their accounts online?

[26:55] On the corporate side, Aaron gives his suggestions on what people should be doing with their 'software as a service' accounts.

[28:05] The state-of-the-art multi-factor authentication people should be using.

[29:22] Aaron gives a rundown of YubiKey and how it's used.

[31:35] The brands Aaron and his customers use (multi-factor authentication-wise.)

[32:05] Aaron speaks about general Wi-Fi vulnerabilities.

[35:08] Aaron explains the premises of his two recent presentations: "Tell My Wi-Fi Love Her," and "Wi-Fi Trolling."

[39:27] Aaron's best recommendations for keeping your data safe.

[41:26] Aaron's recommendations for backup services.

[43:00] Aaron's recommendations for backup services on the business or corporate level.

[45:52] Aaron's take on single sign-on providers and his recommendations to balance ease of development.

[50:30] Aaron and Jeffrey wrap up this week's episode.

Mentioned in this Episode:

SDP Specification v1.0

Cloud Security Alliance

Azure DevOps

Cyxtera

Zscaler

Duo Security

Clear Measure (Sponsor)

YubiKey

KeePass

LastPass

1Password

BitLocker for Windows

FileVault on Mac

CrashPlan

BackBlaze

Want to Learn More?

Visit AzureDevOps.Show for show notes and additional episodes.