Jake M. “Kash” Kashina-milunda heads the Security Risk Assurance department of Globe Telecom’s Information Security and Data Privacy team in Taguig City, Philippines, in the Manila metro area. He has been with the company for more than 17 years, eight of which have been spent in Information Security. Jake holds a bachelor’s degree in Computer Engineering.

Q: Could you please tell us a little bit about your role at Globe Telecom?

A: The team I’m heading consists of Security Risk Managers who are assigned to do enterprise-wide security risk assessment and vulnerability management on all production systems. They work closely with security operations teams, infrastructure teams, platform/system owners, and business stakeholders to ensure that: 1) proper risk management is executed, 2) security risks/vulnerabilities are identified and addressed, 3) business is not impacted by any security threats, and 4) overall security posture of the organization is maintained at an acceptable level.

Q: What motivates you personally? Why do you do what you do?

A: I am motivated by the dynamics of Information Security, how it has evolved over the years from an insurance pitch to a full-blown global concern. I am motivated by the fast-paced evolution as well as by technology and how it has dictated peoples’ lives and eventually the importance of information security (and data privacy now). As my employer, this country, and even the whole world slowly catches on to the importance of adopting security and privacy best practices, it puts us Information Security professionals in a great position to make a difference.

Q: Which Ivanti product do you use?

A: We are using the Ivanti® Endpoint Security solution.

Q: Why would you recommend this product to other organizations? Were there also some unexpected benefits?

A: The most important factors that would influence my recommendation of the product are ease of use and of deployment. The Ivanti Endpoint Security tool was used primarily for patching workstations but had a chance to really shine during the WannaCry global outbreak.

Posed with the challenge of securing more than 10,000 workstations in a span of less than a week, the tool’s powerful scripting capabilities also came in handy when trying to contain the outbreak. It’s hard to imagine going through that fiasco without a centralized management tool like Endpoint Security. Without it, I reckon we would still be manually patching each and every workstation around the country until now!

Q: How did you try to solve the business problem prior to using Ivanti, and why was that approach inadequate?

A: Before Ivanti came into the picture, workstation patching was done manually, sporadically, reactively, and one-by-one. In short, it wasn't being done. We had to rely on advisories to users to manually patch their workstations (lol, I know, right!) and the organization even explored the use of Microsoft SCCM, which was bundled with their enterprise licenses. But we weren’t in a position to manage the SCCM heavy lift of patching Adobe, Firefox, Chrome, Apple, and other third-party apps. GPO was also explored to enable auto-update policies, but there was no effective way to track the progress nor measure it with accurate reports.

Q: What’s happening in the telecom industry that makes the Ivanti solution relevant? What are some of the market drivers?

A: Obviously, the telecom industry is slowly evolving from a heavily telco network-oriented structure to more of an IT infrastructure, with more and more services moving toward a reliance on the internet and data. This IT space is quick to evolve, and with it, security threats and vulnerabilities. A properly implemented patch management program could spell the difference between a good night’s sleep and a brand-damaging breach nightmare.

The patch management program needs to be pervasive and effective, covering all endpoints, whether in the data center, on campus, or mobile. All you need is just one unsecured endpoint from a remote office in the province—one weak link—for an attack cycle to begin. Hence, at the heart of your pervasive patch management program you will need a tool like Endpoint Security.

Q: What’s the next pain point you’re trying to solve in your IT department?

A: We are looking at implementing application whitelisting throughout the organization. We are currently in the planning stages to see how we can do this swiftly and with minimal customer impact. Currently we are only doing blacklisting, which is not efficient.

Q: Please tell us a little about your name, its origin, who named you, and why you chose it:

A: Seriously? Okay then.

When I was younger, my mother told me an angel visited her and asked her to name me “Jake.” But then I grew up and became a smart-mouthed cynic. So when I asked her again, she knew her angel story wouldn’t fly with me (no pun intended). So, basically my name is a combination of my mother’s and father’s names. She is Juliana. He was Kennedy. So imagine if they named me “Juke?” I would probably be in jail right now for being an angry and violent person because of an equally ugly name. Thank goodness my mother came to her senses and decided to just use “Jake” instead.

My last name is a different story. My dad claimed that “Kashinamilunda” in African language means “Great hunter,’ but I’m pretty sure it means “sweet potato farm” or “pass the tomato sauce, please.” My father died many years ago, so I guess we will never know.

Learn More About Ivanti Endpoint Security

Ivanti Endpoint Security, powered by Heat, reduces the known exploitable surface area on your endpoints, detects exploits targeting your environment, and responds to threats before they can wreak havoc on your organization. And all of this takes place in one platform. Take some time to learn more.