This talk explores how to build scalable, audit-ready Security and IT operations.
You will gain the most from this talk if you are the first or only security hire at a fully remote company and are expected to protect everything (duh!) while keeping teams productive.

You'll learn how to:
- Enforce Zero Trust device enrollment using MDM with minimal friction
- Deliver seamless IT support inside Slack or Teams without a whole helpdesk team
- Move from reactive access management to structured governance
- Integrate Security and Privacy directly into everyday workflows

These are real, working patterns designed for teams that balance scale, compliance, and speed.

Topics

Zero-Trust Device Enrolment

Using MDM server assignments to ensure all accesses and hardware are delivered in an unopened box on Day 1 and revoked on Day X to/from all employees.

Ubiquitous IT support

Building a low-friction Service Desk using Slack, Jira, etc. for compliance purposes. Importance of making it easier for people to ask for help without context switching and the pitfalls of not providing timely assistance to employees, often leading to security implications due to solutions that are built in silos

Decentralizing GRC and Vendor Management

• Creating a vendor management process jointly owned and maintained by Finance, Legal, IT and Security
• Assigning app ownership for accountability and getting help to maintain audit posture

Zero Trust SSO Adoption

• SSO adoption as a security boundary, not just IAM hygiene
• Overhead and dynamically elevating/de-elevating roles based on risk and need