Fascinated by technology and constantly trying to keep up with the industry’s latest developments, the number one duty of Automox’s Product Manager, Gavin Matthews, is to listen to customers.
“We have a large number of customers with a wide range of needs, wants, and approaches to cybersecurity and patching. It is critical for us to listen to these customers, question them on what they need and what they want, and learn how the system should work for them. Then it’s aggregating that data, combining it with other insights so that we can build and prioritize the right features.”
In this week’s Get to Know the Automox Team blog post, Gavin discusses his role as Product Manager and reveals what he thinks about cybersecurity today and where the industry is headed, as well as why simplicity and ease of use are always top of mind when developing the Automox product.
Cybersecurity: A Cat-and-Mouse Game
The cybersecurity industry today is fascinating because as Gavin noted, the people who are ultimately trying to hurt systems, steal data, and break into networks are learning an increasingly powerful skillset every day. Consequently, cybersecurity companies and the technologies everybody uses to protect themselves have to advance at a more accelerated pace so that they’re always one step ahead of hackers and bad actors. It’s a cat-and-mouse game.
According to Gavin, one of the most interesting challenges the industry faces today is not only thinking like somebody who wants to solve this problem, and continuing to find good ways for companies to patch their systems and maintain cybersecurity, but also thinking of the people who are going to find all of the back door ways to get around common cybersecurity approaches on the market.
Because every piece of data you could ever have about yourself is already online, cybersecurity is a foundation of how we do business today. Consumers need to consider how companies are using their personally identifiable information and whether it’s kept secure. Likewise, companies need to do everything possible to keep their systems patched, keep only known software installed, and maintain the right configurations on their systems so that they can prevent any breach that would threaten that data.
“You often hear that our world is now ‘post-privacy’ - so much data has been leaked and stolen that you no longer can expect your secrets and personal details to remain safe. However, if you look at the history of recent severe breaches, neglect is often the root cause. We cannot accept that our data is no longer private if companies are in many cases just failing to ensure that core systems are patched and configured properly.”
The Most Important Element of Cybersecurity
As such, according to Gavin, the most important element of cybersecurity involves doing the basics — endpoint protection, patch management, network configuration, and software configurations.
“If we look back to the recent severe breaches, few of these were really sophisticated attacks leveraging cutting edge tools... most of them were just breaches where somebody exploited a known vulnerability that hadn’t been patched and had been neglected for some time. So, the real first step is still basic: just patch your systems. If you’re not 100 percent patched, or as close to it as possible and with a strategy in mind for why you’re not, you are at risk, and that risk is magnified for every single device that’s not patched.”
So, how can organizations ensure the security of their IT infrastructure going forward? Gavin says that they should have a plan in place. There are a significant amount of responsibilities in information technology, and your IT staff always has myriad tasks that they want to get done - from ticketing to internal support. As a result, cybersecurity can often take a risky backseat. Some IT organizations can get into a state of either “too much to do and not enough time” or analysis paralysis about how to patch a system without requiring downtime or reconfiguration.
Provide your IT staff with a plan and work with them on remediation, but also work on ongoing support and maintenance of your cybersecurity programs as well as identifying clear owners. You should identify several people who know exactly what to do in the event of a vulnerability or how to proactively prevent that vulnerability from appearing.
Organizations need to be looking at plans to address these concerns up front and provide a very clear picture of what every step in the process is, both proactively and during an incident. The last thing your security plan needs is a guessing game where companies wait days, weeks or months to patch systems that should have been patched immediately. Over time, the attacks are not only going to ramp up and grow more severe, but also become a daily occurrence.
“If you are doing business online, and you are not patching your systems and maintaining a cybersecurity policy and plan, you are neglecting your core duty.”
Automox: Simple and Easy to Use
But patch management and basic cyber hygiene has to be an arduous and time-consuming process, right? One big thing that Gavin thinks IT managers struggle with most is having the time, the automation, and ultimately the authority and responsibility to handle endpoint protection. As such, these folks are advocating for tools and processes that streamline cybersecurity and make it an easy part of their day.
“And that’s one of the reasons why I love working at Automox and building the product the way that we do. It’s designed to be simple and easy to use, and to leverage automation wherever possible, so that IT managers can make cybersecurity a core part of their day without sacrificing 30-40 hours a week to patch their systems.”
According to Gavin, Automox is a customer-driven company, which means we rely on the feedback, the ideas, and the innovation that come from our users to drive a good portion of what we build. While we have a vision, as a customer feedback-driven operation, we’re able to apply the voices of hundreds and thousands of IT managers against that vision to come up with unique ideas as well as different approaches to solving problems that we can bake into the product as rapidly as possible.
By putting an emphasis on simplicity, ease of use, and user experience up front, our product team makes the life of anyone concerned about cybersecurity easier and reduces the amount of time-consuming, manual work down to just a few moments each week.
“We have a system that can handle Windows, Mac, and Linux in one place and run policies that intelligently apply the right patches against the right systems and maintain the right configurations. Just in terms of time and ease of use, I couldn’t imagine doing it any other way and feel bad for everyone that has to do this manually.”
Gavin feels that users are the best source of information about the tools that they want to use and the ways they want to use them once they have them in their hands. The key to a customer feedback-driven product development process is that you’re bringing customers in early and often whether they use your software or not. Automox needs their opinions and values and thoughts about not only our technology but also the problems they face every day.
“We get feedback from customers on a daily, if not hourly, basis right now, and that really drives what we do because it can help shape the smallest decisions. Customer feedback impacts all of our decisions, from where a feature lives and what name a particular policy takes on all the way up to major new features or product lines. Feedback gives us a real advantage we can take into product development to make sure we’re building something that doesn’t only solve one problem but solves a range of problems for a range of different types of users.”
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.