top of page
  • Anne Cruz

Compliance and Remote Work

Updated: Jun 19


In this episode, our hosts Andreas Wieman and Tim Keefe welcome Dan Hernandez, CEO and founder of PCS Technology, delves into the complexities of compliance, the unique challenges posed by remote work, and the critical role of continuous employee training in bolstering cybersecurity defenses. 


The discussion explores in-depth how organizations can manage IT security effectively with dispersed teams, navigate the intricacies of BYOD (Bring Your Own Device) policies, and implement robust measures to combat cybersecurity threats, including ransomware. 

Moreover, Dan emphasizes the necessity for organizations not only to meet but to demonstrate compliance, underscoring the importance of active and verifiable security practices in today’s digital landscape.




Podcast also available in Spotify!


Key Points or Highlights:


  • Compliance Challenges for Nonprofits: Dan outlines the rigorous demands placed on nonprofits, particularly in San Francisco, to not only meet compliance standards but to actively demonstrate adherence. This involves detailed tracking and reporting mechanisms to satisfy local health department regulations.

  • Remote Work and IT Security: The shift to remote work has dissolved traditional IT security boundaries, prompting the need for more sophisticated security measures. Dan discusses how organizations must adapt to protect sensitive information when employees are outside the corporate firewall, utilizing tools like advanced endpoint protection and continuous security monitoring.

  • BYOD Policies and Security Protocols: Dan delves into the complications introduced by BYOD policies, explaining the difficulty in ensuring that personal devices comply with organizational security expectations. He emphasizes the critical role of technologies like multi-factor authentication in managing these challenges.

  • The Importance of Training and Awareness: Stressing the necessity of regular security training, Dan highlights how these programs help employees recognize and respond to cyber threats effectively. This training is crucial for meeting insurance and regulatory requirements and is integral to fostering a proactive security culture within organizations.


Power Quotes:

Dan Hernandez:

"We implement a concept called zero trust. It’s not about just waiting for an attack; it's about actively preventing unauthorized access. Our system continuously learns and adapts to what's normal for daily, weekly, and monthly activities, and automatically restricts any action outside of these parameters. This proactive approach has significantly helped protect my clients from ransomware and other security breaches."

"One thing that we're doing for our clients and our prospects is performing a risk assessment and having a 30-minute conversation on, you know, understanding what your risks are, and even performing a very simple vulnerability scan, so that you can understand what these risks are. And so you need to be asking these questions. As a CEO of an organization, CFO, you know, it's your responsibility to make sure that your data is protected."

Tim Keefe:

"Yeah, it's funny because we're probably like the biggest problem child, I could think of, at least from our business model. We're not even a lot of employees. But actually, you know, a lot of contractors think of us like the movie business where as a film comes together, you often are bringing the film crew together based on the unique requirements of the film."

Andreas:

" I'm going to go on record and say I think the cybersecurity teams in general are probably one of the less appreciated groups in a lot of companies."

Conclusion:

Today’s episode provided a deep dive into the complex landscape of IT security and compliance, particularly under the constraints of remote work and the evolving demands of regulatory bodies. Dan Hernandez's insights illuminate the vital measures organizations must take to secure their operations and data in an increasingly digital and dispersed work environment. These discussions underscore the ongoing need to innovate and adapt in the face of new cybersecurity challenges.

Thank you for tuning in to another episode of the "Stop Doing Stupid Stuff" podcast. Join us next time as we continue to explore the critical issues impacting businesses and individuals in today’s fast-paced world.

Get Your Copy of SDSS:

We strongly advise getting a copy of Tim and Andreas' book, "Stop Doing Stupid Stuff," for those who feel motivated by today's discussion and want to learn more about these transformative concepts.

Available on Amazon, SDSS promises to be your guide to fostering a smarter, more value-driven work and business environment.


2 views0 comments

Comentários


bottom of page