“Never open the door to a lesser evil, for other and greater ones invariably slink in after it.” – Balthazar Gracian

Military doctrine often speaks of attacking the seams — the weak points where two organizations meet and have to coordinate.  Seams are notoriously difficult to protect because of the inherent risks and challenges associated with information sharing between two organizations.  The US Military has doctrine to train its soldiers how to properly coordinate with their sister organizations to keep the bad guys from slipping through the seams; can the same be said of your IT organization? This talk will focus on the risks and risk mitigation strategies for three common ‘seams’ in integrating new technology into your stack:

• coordination between the app developers and the sysadmins who will have to maintain it in production,
• configuration management of all of the dependencies for the application(s) being fielded, and
• the management of defects/errors in the system and its dependencies.

Bio

Paul Vencill provides full-stack software engineering, architecture and policy support to US Government agencies at MITRE, a non-profit company which runs Federally Funded Research and Development Centers.  He also serves as the Chief Builder of Things at CyberStride, LLC, and the CIO of the Atlantic Division in the US Army Reserves.

Working in both the public and private sectors, he has a strong interest in the security environment of the development process. This includes addressing issues such as, establishing encrypted channels between developers and clients who may already be under online surveillance, and educating clients in good security practices during the development and deployment phases. In other words, making sure the client doesn’t compromise the application or architecture before it’s even coded.

An armor (tank) officer and graduate of West Point’s class of 1995, Paul is married, and the proud father of two budding geeks.

Back to ShowMeCon 2014 video list