We sat down with Peak Power’s expert on all things IT & Security – Kevin Sauves. Kevin is a Certified Information Systems Security Professional (CISSP). Which means he possesses the knowledge and skills to effectively design, implement, and manage a best-in-class cybersecurity program. This is one of the most respected certifications in the cybersecurity field, recognized worldwide. We chatted about his journey in IT, the importance of curiosity, his perspective on security, the balance of both convenience and privacy, and tips on how we can all up our security game.
Tell us about your role with Peak Power and what you enjoy most.
I’m an IT Infrastructure and Security Analyst with Peak Power. Broadly, that means that I help people fix problems. I love technology and understanding how a machine ‘talks to itself’ so to speak, along with the security aspect. When things aren’t working properly that’s where I’m most curious. My role is to act as the liaison between security and implementation and to be as secure as we can.
What inspired you to pursue a career in IT and Security?
It’s funny. I was 11 and I had just built my first computer. It went up in flames. It was very smoky, but when I went back to the computer store, they provided insight on the cause. It was an issue with a stick of Random Access Memory (RAM) that was not properly installed leading to the sparks. It’s the story of my life, assessing errors, and acting on errors to improve.
I’ve always loved fixing things but the interest in security happened later. I had a great former manager that made me aware of the security world. When we completed our security certification with that organization, that’s when I knew that was where I wanted to go.
The past few months you’ve been co-hosting Security Lunch & Learns for our internal team. What types of topics have been discussed, and from your perspective, why are these discussions so important?
I’ve been co-hosting these Lunch & Learns with Mark Reale, and we didn’t expect that it would be this exciting.
It all started when he and I were talking about how we can make it fun to talk about current technology (e.g. biometrics, encryptions) and ways we can both protect ourselves and make it interesting for others. Mark has always had a good perspective on this. The Lunch & Learns was intended to be a platform where we would chat about security, policies, and what’s going on within Peak Power. The forum started expanding and people brought their own topics. These days, we’re talking about policies we’re looking to implement as we work towards a better security posture.
There’s been a high level of turnout to the Lunch & Learns, can you speak to the ways in which you’ve engaged the team around security and your perspective on the success of this initiative?
The forum has been great; people love to go there and talk about what’s on their mind as it relates to security. Security for me is the intersection of convenience and privacy and how we can make it balance. You can’t have one without the other. Each organization is different but putting this on the radar for employees early on, implementing it as part of our policies from get-go, and tracking progress is important. That way employees can put in their two cents, and it brings awareness to us on areas we may not have yet thought of.
In fact, some people from the company have formed an informal “Loophole Committee” where they try to find vulnerabilities in the policy. It started as a joke, but it’s actually become a fun way for people to be engaged with our new policies
What are two quick ways we can all up our security game?
- Know the tech you are going to implement. It is very easy for you to buy or install any tech, but if you don’t know what information they can get from you it can be a concern. You need to know where your information is going. Often if it’s free, it’s likely they want access to your information.
- Password managers. Shoutout to 1Password! This is probably my favorite product ever. I use it professionally and personally. There are so many passwords we have that we often don’t recall. To offer both a secure solution and to store your passwords in one place where you know where it will be – it’s life changing! And knowing everything is secure… that’s big!
For those looking to pursue a career in IT, what advice would you give?
Be good people. I started my career while working for Apple which turned my eyes to IT and security. If you want a career in IT, you need the ‘je ne sais quoi’, that customer service mindset and friendliness. The human aspect of this is very important. Respecting others and coming to a problem with a curious mindset to understand why the problem is occurring is important. Be curious, be the subject leader on the tech you love, continue to build something on the side, and make mistakes!
