Jack Poller

Jack Poller

Jack Poller is an analyst covering cybersecurity at Enterprise Strategy Group drawing upon more than 25 years of industry experience across a broad range of storage, networking, and cloud-based products and markets.

Recent Posts by Jack Poller:

Multifactor Authentication Is Not a Panacea

Two recent high-profile breaches—Intercontinental Hotels Group and Uber—demonstrate the criticality of securing your identities. Both of these attacks started with a social engineering attack. One started with traditional business email compromise (BEC), and the other started with MFA push bombing. The next stage of both attacks compromised the password/secrets vault.

Topics: Cybersecurity

DSPM: The New Kid on the Cloud Security Block

There are many different cybersecurity categories, and it seems that a new category is created every minute. If you're paying attention to cloud security, you may have seen or heard about DSPM—data security posture management. 

Topics: Cybersecurity Data Protection

Using Data Security to Defend Against Ransomware

As ransomware actors have gained in experience and sophistication, they've adopted new tactics. Before encrypting your data, they exfiltrate it. This way, they can make you pay twice--first for an encryption key, and second, an extortion fee to prevent the attacker from publishing your sensitive data.

Data security encompasses the principles and practice of ensuring legitimate access and preventing unauthorized access to data to preserve the cybersecurity triad of confidentiality, integrity, and access (CIA). A data security platform that enables you to discover, classify, and protect your sensitive data can stop a ransomware attacker from data exfiltration and limit your exposure to extortion.

Topics: Cybersecurity

2023 Will Be the Year for Passwordless Authentication

Easy-to-remember passwords are easy to crack. Strong passwords are hard to remember,
leading to password reuse and the risk of password compromise that causes multiple account takeovers. Passwords are risky business.

Multifactor authentication (MFA) is a way to combat the inherent weaknesses of passwords. Yet MFA is also susceptible to compromise. Passwordless authentication based on the FIDO standards and public key encryption is the new archetype for authentication, and is phishing- and compromise-resistant. 

Topics: Cybersecurity

The Impact of the Cloud on DLP

Cloud adoption is ubiquitous, and many organizations have adopted a cloud-first deployment policy. However, organizations continue to use on-premises infrastructure. Thus, the new normal IT infrastructure is hybrid multi-cloud. In such an environment, the perimeter becomes amorphous and dynamic, changing rapidly as organizations spin up new applications.

Topics: Data Protection DLP