What We Do in the Shadows
- attacus
- Comfy con au 2020 summer
- January 1, 1
We’ve all done it. Setting up a Slack to chat to our colleagues when the proper system doesn’t cut it. Forwarding a document from work to our personal email address so we can read it on the device we want to. Building out experimental services on our personal AWS accounts because we couldn’t get the permissions we needed on the company’s systems.
Every organisation’s infrastructure has its shadow, the unofficial system of servers, accounts, and hardware that crisscrosses and bypasses the sanctioned pathways. It is every security department’s nightmare and every development team’s open secret. From the newest graduate to the CEO, we all know at least some of these shortcuts.
This talk is a space for both confession and redemption: in it, we will delve into the psychology that leads to the development of shadow IT, the opportunities that can grow out of this corporate underground, and how to get these systems out of the shadows and into the light. Developers and security professionals alike will emerge from this talk with the tools they need to build the systems they actually want.