Upload
alert-logic
View
184
Download
0
Embed Size (px)
Citation preview
DIGITAL MARKETING IN THE “SECURE AGE”
Christopher GeiserChief Technology Officer – The Garrigan Lyman Group
GLG Fun Facts
• 24 years young• Privately held• Grew up digital• Headquartered in Seattle, WA with offices in Boise, and NYC• About 125 employees• Enterprise and SMB clients
GLG Services
Data and insights
Brand strategy
User experience
Digital retail
Advertising
Media strategy
Creative and content
Search and social
Systems integration
Web development
E-commerce
Managed services
Guiding Principles
simplicityscale performanceextensibility security
• Meet current needs
• Evolve as market conditions change
• Take on new data sources
• Reach across components
• Increase the value of each component
• Perform to standards
• Make technology invisible
• Protect customer data
• Protect intellectual property
• Minimal customizations
• Minimal work-arounds
Skillsets
Enterprise code frameworks and repeatable patterns that follow industry best practices without sacrificing innovation.
Responsive, mobile-first front-end frameworks that allow for innovation and extensibility.
Managed services such as hosting, content delivery network, security, and active monitoring.
Actionable analytics and managed data services (MDS) that tell the key performance indicator (KPI) story and provide a clear path to opportunity and optimization.
The Wayback Machine
1999
GLG starts hosting websites
Enterprise Clients
2005
National Product
Launches
2011
Enterprise Clients start ”truing it up”
01/2012
UH OH
Award
2000 12/2012
Present-ContinuedMaturation
2012
Hosting
• Different from other agencies – wanted the hosting business
• Hosting offered clients a turnkey solved problem
• Performance and security needed to go hand-in-hand
• Applications and sites became progressively more complex-Gradually – and then – Suddenly
• More data = more danger – no risk, no reward
Sometimes it takes a meltdown….
• Security minded, but not security mature
• Projects were treated individually based on perceived risk
• No holistic approach to “what’s in the box” from a security perspective
• Meltdown pointed out the flaws in that thinking
• We forgot it was there
“Act as if…”
• …it’s enterprise
• …it has compliance needs
• …it is a target
• …the data is sensitive – all data is sensitive
What was working?
• Turnkey solution with a hosting provider – already running solutions like Alert Logic
• Sites were secured by default, with measures put in when the stack was lit up
• Breaking down the model revealed the path to success
• Leveraging compliance requirements from clients allowed us to reverse engineer our way to maturity, and into the cloud
Current and Evolving State
• Compliance minded – cloud driven
• Owning the shared responsibility model
• Guiding principles drive the design process
• We don’t know what we don’t know – partnerships are critical
• There is no such thing as a small incident
• It never stops!