Endpoint Management and Security with Sami Laiho – Past, Present, and Future
For our second Q & A with SysAdmin Superstars, we interviewed Sami Laiho, an 11-time MVP in Windows OS. Sami is a leader in the Privileged Access Management (PAM) space, and specializes in troubleshooting, security, Active Directory, and penetration testing.
Paint a picture of your household growing up. Could 10-year-old Sami imagine your current successes within the Microsoft arena, including your MVP status? Could your family?
IT has been in my life always. My dad used to import and build computers when I was young, so I grew up surrounded by motherboards and memory chips. Ten-year-old Sami was very good with hardware but couldn’t imagine he’d one day be teaching software.
My dad did two things that helped me become successful. First, he got me a summer job as a 16-year-old working for the landlord of PepsiCo. I quickly built a website for them, which I was tasked to do. The speed and quality impressed them enough that they sub-contracted me to PepsiCo. While still 16, I next started consulting with a large NT4.0 environment.
My dad also made me take “those useless Microsoft certificates” that later earned me a job as an IT instructor with Tieturi at the age of 21 – the youngest the company had ever hired.
What advice do you have for SysAdmins working for small to medium-sized businesses who feel frustrated by their day-to-day firefighting, wishing they and their company could work more proactively instead of reactively?
You need two things:
1. Get rid of end user admin rights.
2. Install Application Control, like AppLocker. Once you have Principle of Least Privilege and Application Control concepts implemented, you’ll have time to work more proactively.
You spend a significant amount of your bandwidth advocating for Zero Trust principles. Should Zero Trust be the primary agenda for IT and Security teams regardless of business size? Or are there other bedrock security protocols to solidify before focusing on Zero Trust?
Zero Trust is not all or nothing. Every company, whatever the size, should implement bedrock principles from it, like the Principle of Least Privilege and MFA.
What advice would you have for an administration team running into resistance as they move closer to a Zero Trust environment?
Zero Trust is a bad name. You can rebrand it to “Secure Remote Work Compatibility” or something else like this. Ultimately, Zero Trust aims to make your workplace secure and efficient, whether you are at the corporate office or a Starbucks. I believe every company, large or small, wants this.
What do you feel are some of the most common slip ups organizations make regarding security? How can organizations better approach these issues?
Giving people too many privileges because then “everything just works.” Get a PAM solution and your life will be better.
With Zero Trust being the current trend in security, what do you foresee being the next big wave in InfoSec?
I expect Canary tokens to become a big thing. In the old days, miners used Canaries in mines to monitor air quality, watching to see if the birds passed out due to carbon monoxide. This would raise an alert to get out, protecting the miners. Within the security space, canaries can be tokens, websites, files or other resources that no one is ever supposed to use. If someone touches them, security teams get an alert and security protocols are activated.
With so many “entry level” security jobs requiring years of experience, what advice would you give to someone who is looking to get into the field?
Learn the basics, like Windows Internals. When you have the root knowledge, everything new is easier to learn. Take some programming classes as well. Invest in online learning like Pluralsight.
About Sami Laiho
Sami has been auditing and implementing security solutions since 2002, specializing in Principle of Least Privilege and Application Control. He has deployed solutions for companies ranging from 100 to 550,000 endpoints. He also frequents the Microsoft event circuit as a guest speaker, where he has ranked as the best external presenter by attendees on multiple occasions. Learn more about Sami Laiho.
SysAdmin Superstar Series
Explore our other interviews with SysAdmin Superstars: