Security Q&A with Expert Thomas Zucker-Scharff

Posted by · February 21, 2017 11:09 am

Thomas Zucker-Scharff is an IT professional with over 30 years of experience in his field. He specializes in IT security with subspecialties in malware removal, training, and documentation. With well over one million overall points on Experts Exchange and serving as a moderator, Thomas is a major asset to our community.

I sat down to talk with Thomas about his thoughts on the state of security. Check out our Q&A session below:


Jaime Lewis: What is your current role and company?

Thomas Zucker-Scharff: Currently I am a systems analyst for the Albert Einstein Cancer Center of the Montefiore Health System.


JL: What are your qualifications and certifications in cloud-based protection?

TZ: I have been an institutional proponent of cloud-based solutions since cloud solutions were a possibility.  Although I hold no particular certifications in the field, my experience at this institution has given me a unique outlook on our abilities and needs.


JL: What do you see as some of the largest gaps in cloud storage protection?

TZ: Clearly the biggest gap is the lack of enough security to make most solutions compliant with federal regulations, especially in the healthcare and education industry.


JL: What are some of the largest threats of theft?

TZ: Data breaches


JL: What systems or products do you recommend for securing these gaps and threats, and why?

TZ: There are few, if any, actual ways to secure against such problems. That said, I find that end-to-end encryption takes care of many of the problems I encounter. Encryption is best initiated at the endpoint and needs to be AES 256 bit at the very least, preferably 1048 bit.


JL: How do you think technology is advancing to keep up with this changing landscape?

TZ: Technology is not advancing fast enough to keep up. We do have end-to-end encryption on all backups of all devices in the enterprise. Although we offer the same for all devices as well, not enough people avail themselves of this. The biggest advances are coming on portable devices, BYOD’s, where encryption is now much much easier. Unfortunately, at the same time we are seeing a marked increase in ransomware on such devices and in the enterprise as well.

The true need is not better technology to keep up with any changing landscape, but better user education to keep up with the ever-changing threat landscape, including- but not limited to- ransomware. At the Albert Einstein Cancer Center of the Albert Einstein College of Medicine we have embarked on a program to educate users on the dangers of phishing/malware and ransomware.

Thank you to Thomas for taking the time to chat with us! Be sure to follow him for more security news, updates and content.

Want more information on Cloud Security? Check out our article, Welcome to the Cloud: How to Protect Data in the Virtual World.