CISO of Rogers explains the benefits of cloud-based identity management

(watch this episode here)

Brad Anderson: Anyone who has used the phone, internet, or TV anywhere in Canada over the last 60 years knows Rogers. You were one of the first companies on the planet to go all in on this concept of secure mobile productivity and email. You rolled out Outlook to all your mobile devices. You were one of the first globally to do that using concepts of conditional access. One of the things I know you’ve been big on as CISO is having this great balance: Delivering the security that's required in your role, but also empowering users in a way that they feel productive and agile.

Greg Murray: I think there are two sides to that coin. Sometimes as technologists, we forget as we chase the shiny object that it's all about the customer. And when we understand our customers and focus on the best outcomes for our customers, then the conversation is much easier. The other side of the coin is that we have to understand our businesses specifically in order to protect them. To make sure the bad guys can't defraud us or hurt our customers or our respective brands.

My team spends a lot of time with the business units who spend a lot of time on strategic checks. We learn about what the business unit is doing and what's going on in the competitive markets. For us, it's a security of “Yes, and here's how” versus a security of “No, let's not do that.”

Brad:  One of the things you've been a big advocate for, and your organization has done a lot with, is Microsoft Teams. Tell us a little bit about how you're using Teams and how that's enabled Rogers in a time of working from home because of the virus.

Greg:  We were big fans of Skype, and we found that Skype had a lot of capabilities, but one thing we really wanted was more scalability. And, quite frankly, we wanted the “raise your hand” feature. At Rogers, we're very excited in video conferences and love to talk and share ideas. So we look at what Teams has offered us, and I love the “raise your hand” feature because it seems like such a simple thing, but it demonstrates that Microsoft has really listened to customers.

When we look at that component, along with the reliability it provides and the scalability across our base, we just really like the platform. We've gotten a lot of really good feedback; our end users enjoy it. We also use Teams to integrate with customers externally – so we’re able to communicate, as you said, in this current situation. It brings us closer to customers and brings our teams closer together.

Brad:  Any large, distributed workforce has to keep its users productive and secure. Rogers strikes that balance by focusing on the management and security of identity. Why did you start there, and how have you made it work?

Greg:  It's a really interesting question because I think in security or broader security technology, you're always trying to figure out where should you start and where should you end. For us, whether it's clicks or bricks, the customer journey starts with identity. The second component was thinking through cloud. Identity is the new firewall in cloud. We said, "Okay, what can go wrong with this?" We came up with three main areas: 1) The customer experience could suffer if we didn't get it right. 2) We'd be cost inefficient. And 3) We'd be security ineffective.

So what we decided is, let's do the reverse of that and build a good solid program. Let's get our executive leadership team to approve our roadmap and our risk committee. Let's report every quarter with clear milestones, and let's make sure we put the customer first throughout.

Brad: Well, Greg, thank you for hanging out today. If people want to learn more about Rogers or more about you, where would they go?

Greg:  Go to www.Rogers.com, and I'm also on LinkedIn.