Ideas for startup administration:
- OSX admin: Fleetsmith
- Logging/infra analytics: OSquery/Kolide
- Password storage and sharing: Lastpass
- Email: Gmail (preferrable ot office365, since the lowest versions of o365 don't allow 2FA and fleetsmith/kolide prefer gmail integration for auth)
- 2FA solution (because google-authenticator doesn't allow backups:
- Initially (free): Authy
- Later on, for all their integrations and yubikey/ease of use: DUO
Goals for security admins:
- Involve users minimally in setup and configuration of security products.
- Make sec infra as invisible as possible.
- Don't require 100 different passwords. Try to limit it to 3ish.
- Log from the get-go: https://medium.com/starting-up-security/starting-up-security-87839ab21bae
Everything Ryan writes here is pretty great: https://magoo.github.io/Blockchain-Graveyard/advice/
