That’s Odd Behavior, with Security Engineer Jack Smith

Episode 4   Published April 7, 202411 minute watch

Episode Summary

In this episode, Ashley interviews Jack Smith, a Security Engineer. They discuss the role of a Security Engineer, how Jack uses Automox in his day-to-day work, and the impact of endpoint management on IT administrators and end users. They emphasize the importance of user happiness and the need for a strong relationship between IT and employees. Jack also shares his advice for those interested in pursuing a career in security. Overall, the conversation highlights the importance of curiosity, creativity, and collaboration in the field of IT and security.

Read the Episode Transcript

Ashley: Well, welcome to the Heroes of IT podcast where we at Automox interview our heroes of IT. Today we have Jack Smith, who is a security engineer here to answer all of our questions. If you are familiar at all with the Automox community, Jack is definitely somewhat of a legend on there and so very excited to have him on today.

Jack Smith: Thank you and happy to be here.

Ashley: Awesome. Well, why don't we start off talking a little bit about what you do as a security engineer?

Jack Smith: So my primary job is to secure the infrastructure. I've got to come in and develop policies, the automation that we're going to use to maintain all of that, as well as looking for any gaps or holes in our network. And it's just a continuous cycle of that and trying to find anything that we can to squeeze a little bit more security out of the world and find that nice balance between user happiness and security.

Ashley: I think that this comes at a perfect time because this month people across all of Automox's podcasts are talking about end user happiness, which isn't to say, you know, end user happiness. It's the happiness of our end users. And I think this is going to be an awesome conversation. So to kick us off, Automox and Endpoint Patch Management can sometimes fall in the odd in between security and IT. As a security engineer, how are you using Automox in your day to day?

Jack Smith: So I get to use Automox for a lot of different challenges and I'd like to say that I use it uniquely, but I'm hoping others are also doing what I'm doing. But a lot of times I'll build Worklets to extract information that's not readily available in most inventories. And for example, I wanna know who's a local admin on a workstation and I wanna be able to track that in real time or as close to real time as one can get. And so I'll build Worklets that can extract that information out and then use the API in Automox to be able to turn that into a report and some actionable intelligence and are we accidentally doing things that we didn't intend to do? Or was that actually intentional? Other areas that I tend to use it is for system hardening. There's great tools out there to harden systems. You have Group Policy, Intune, SCCM. They're all great. I find Automox a little bit more useful in that regard just due to those feedback loops that I can get with the API. 

And I can continuously ensure that the setting that I wanted to configure, we all know with Group Policy, we don't always get that yes or no that it's configured, whereas some of the other tools will tell you if it's done, but they are a little bit more cumbersome to configure and get everything in place and get all the knowledge in place to execute on those. Then the last place I probably use it as a security engineer is to develop really complex workflows. One of my more recent examples was working with .NET runtimes. 

There's a lot of different versions that exist out there, different flavors, net, you have the desktop edition, you've got core, you have the full on SDK that you can play with, and just being able to use Automox to detect how an individual user on the environment is using and in which fashion, and are they using an outdated version, and being able to use Automox to kind of come to that conclusion and give the logic to say, okay, this is the actions or the steps that we need to take next, and then implementing that, and then of course back to that feedback loop, being able to use the API and say, did and what I wanted it to do, work. And then comparing that to our vulnerability data and being able to execute that over and over and over on any task that has come up and I have yet to find one that I haven't been able to solve with Automox yet.

Ashley: That's awesome. That's great to hear.

Do you have any thoughts on what might be important to consider for your IT counterparts, people who aren't on the security team or anyone who's looking to branch out into the security side of things?

Jack Smith: I'd say just be curious and being a security engineer requires you know everybody's world just enough to be able to get in there and know when things are good or when they're bad. So you've got to know a little bit about databases and networking and infrastructure and operating systems and policy and auditing and all the fun things that come with it. So I would say be curious, keep learning, and eventually things will work out to where you'll start finding yourself on the a security team yourself and now you're looking at alerts and you're looking at ways to solve vulnerabilities and you're contributing to the overall security of an organization which we all know is becoming more and more important as each year progresses.

Ashley: Yeah, it's interesting because I feel like IT is definitely viewed as a very traditional job role and it's, you know, black and white and things like that. But I think something that I've learned through talking to a lot of people in IT and in security is that so much of it revolves around creativity and curiosity and in figuring things out like that and through those viewpoints, which it's definitely something that I didn't know before working out Automox and working with people in IT.

Jack Smith: Certainly, certainly. It definitely gets you busy and there's always something new and exciting to dive into or a problem. My favorite words from other fellow IT people are, that's odd behavior. I'm like, oh, is it? What's going on there? What can we do to fix that? And then just kind of diving into that moment and saying, okay, well, let's see how many layers we can peel back. Is there a log? Can we turn on logging? Is there a way to really track down? And I think there's a lot of tools out there at our disposal to help us answer these questions as we're exploring. So my favorite problems are always the unexplained ones. And so being able to drive at those and say, well, how do I unlock the answer? And that's a huge motivator for me.

Ashley: Yeah, definitely. I love that quote. Well, that's odd behavior. You should, we should get that printed on a sign here at Automox and hand it out to some people. We should put that on our yetis and give those out for sure. Okay, cool. Well, moving on to our second talking point of today, how can endpoint management impact the life of an IT administrator? I think at Automox, we view the happiness of our end users as you know, the people in sales and marketing and research who have Automox installed on, you know, their laptops or the servers that are installed, you know, at a company, but the IT administrators are also our end users. So how can your tool set kind of impact that?

Jack Smith: Yeah, it's really, really important that you pick the right tool set for configuration management. You cannot expect a config management tool to keep an end user happy if you're pushing that change to them at the most critical moment in their moment of need, and it's not getting done. If you're sitting there waiting for a tool to get the job done, that end user experience is going down super, super fast. And so we wanna be able to react to any employee's needs and be able to do it fast and with precision. So if it’s not working as intended, you're gonna wanna get a better configuration management tool. Automox has always been really quick to the draw in terms of, you know, we build the Worklet we run so many ad hoc Worklets out of Automox. 

It's fun. Just being able to hear the people that are struggling with something and saying, I have a solution, click. Or even using the API to say, go run into this policy on this group of individuals. One time I accidentally blocked Chrome from executing in an environment. Not my best moment in life, but I was able to use Automox to quickly do the changes necessary to undo what I had just done and get people back up and running. So from the moment they were like, this is an important browser, like yeah, that's important. Was able to use Automox to quickly undo what I had done. It was an honest mistake, but we got it corrected really fast.

Ashley:  Hehehe. It's okay, it's just a security commissioned coffee break for them. That's all it is. Yeah.

Jack Smith:  That's right. I was helping everybody out. I was like, you guys are working too hard. Let's take a break.

Ashley:  Yeah, definitely. OK, so conversely, if an IT team is doing everything correctly, they're patching everything, they have set updates, they're watching what third party software is installed on everyone's laptops. Devil's advocate, why should it matter what your employees think if everything is safe?

Jack Smith: I think having a solid trust relationship between the IT teams and employees is important to preventing further problems from occurring. So I know that when IT is unable to perform for employees, they might just go solve it themselves. The next thing you know, you have a new tool in the environment, or they're using their own mobile or laptop device to get the job done, and now company data is sitting there. So it's really important that there's a good, strong relationship between IT and employees, maintaining the infrastructure, but they're listening to everyone in the company and saying, what can I do to enable you, help you work better, more creatively, faster? What tools do you need to be successful so that they're not trying to solve it on their own? Not that IT has all the answers, but when we come together, we tend to create a much better experience for not only ourselves, but for fellow employees as well.

Ashley: Yeah, definitely. And I think it says a lot about the culture of, you know, a team of a company when there's kind of that collaboration across departments.

Jack Smith: Definitely.

Ashley: Okay, awesome. Well, this has been a great conversation. For those of you who are not in the Automox community, I'm biased, but I think you should join. Jack definitely thinks that you should join because Jack is always answering people's questions in the community. He's a Worklet wizard. It's insane. And so I ask all of you who are listening to go into the Automox community after this, make an account.

Jack Smith: Certainly..

Ashley: And we'll post this question in the community as well after, but we're very curious to hear how much or how little are you taking into consideration end user happiness. Does it matter? And we want you all to be honest about it. There's no shame in a restart in the middle of the day. It's just an IT sanctioned coffee break, but we want to hear about it for sure.

Jack Smith: Definitely, I'll definitely be in there commenting with all of you.

Ashley: Awesome. Okay, well thank you so much, Jack. This has been a pleasure.

Jack Smith: Certainly, thank you.

Episode Takeaways

  • A security engineer's primary job is to secure the infrastructure and find a balance between user happiness and security.

  • Automox is used by security engineers for tasks such as extracting information, system hardening, and developing complex workflows.

  • Choosing the right configuration management tool is crucial for keeping end users happy and preventing them from finding their own solutions.

  • A strong relationship between IT and employees is important for preventing further problems and maintaining a secure environment.

  • Curiosity, creativity, and collaboration are essential qualities for success in the field of IT and security.