Mastodawn

Anybody out there actually practicing Kolide’s https://honest.security model?

Honest Security

A guide to endpoint security and device management that doesn't erode your values.

Particularly interested in anyone doing it without using Kolide. Our tech-stack at work is gonna be static for the foreseeable future, so new tooling is gonna be out. I’m most interested in doing the best we can using what’s described there as “dishonest” tools.

We’re also limited in some ways by “inheriting” security controls and implementation requirements from a couple layers of public entities, so we don’t have the freedom to say e.g. from their examples “actually it’s completely fine for you to self-manage your employer-owned device”, having an organization-controlled device management agent capable of doing lots of “dishonest” things is a hard requirement, and I think we’ll run into similar in many other cases.

Show thread

AMS 6d ago

@ajn142 Step 1 is do not lie. When a user asks, you answer. Fully and completely. Especially things about "what behaviors are expected of your corporate malware". You need to have lists of IPs and ports ready if anyone is WFH.

Also for WFH, you only own your equipment. You do not scan the network.

2 is announce when and why ahead of time for big changes in security tooling. Especially important for that 5% of uses where something will break. Letting people know in time to work with you makes you a partner or at least competent, not an enemy.