Using AI for Data Breach Response

Adi Elliott

Adi Elliott is the Chief Revenue Officer at Canopy, an industry-leading data privacy and cybersecurity software company. Adi has over a decade of leadership experience in the software and services industries. He’s led multiple marketing, sales, product, and strategy teams recognized for innovation.

Previously, Adi founded and led Relativity’s marketing and enterprise sales teams. He later led product and marketing at Iris Data Services, a leading IT service management company. When the company was acquired by Epiq, Adi began leading strategy for Epiq’s global eDiscovery business.

Available_Black copy
Tunein
Available_Black copy
partner-share-lg
partner-share-lg
partner-share-lg
partner-share-lg
partner-share-lg

Here’s a glimpse of what you’ll learn:

  • Adi Elliott shares how his roots in the eDiscovery space led to his passion for privacy, security, and data breach response
  • How does AI impact the data breach response process?
  • Adi explains how Canopy helps companies form a better response to data breaches
  • How Canopy is reducing the cost of breach response by using AI
  • Adi walks through Canopy’s sale process, customer education, and how they align their tool with each customer’s company policies
  • Adi’s top security tip for Apple users

In this episode…

No one likes to think about getting hacked. But how can you plan ahead in case your company’s data is breached?

How about a team of professionals paired with the top AI software platform for data breaches? Canopy’s AI software can perform the initial data mining. Then, it evaluates: What’s the impact? Is it an incident? Is it a breach? Do we need to review it? If there is a breach with PII, the software can also help send out notices to affected clientele much quicker than any human response. So, how can you create a response plan to help your company bounce back quicker from a data breach?

In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels sit down with Adi Elliott, the Chief Revenue Officer of Canopy, to discuss the best practices for data breach response. Adi talks about how Canopy aligns their software with each client’s company goals, how they’re using AI to reduce costs, and why their software is so effective.

Resources Mentioned in this episode

Sponsor for this episode…

This episode is brought to you by Red Clover Advisors.

Red Clover Advisors uses data privacy to transform the way that companies do business together and create a future where there is greater trust between companies and consumers.

Founded by Jodi Daniels, Red Clover Advisors helps their clients comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. They work with companies in a variety of fields, including technology, SaaS, ecommerce, media agencies, professional services, and financial services.

You can get a copy of their free guide, “Privacy Resource Pack,” through this link.

You can also learn more about Red Clover Advisors by visiting their website or sending an email to info@redcloveradvisors.com.

Episode Transcript

Prologue  0:01  

Welcome to the She Said Privacy/He Said Security Podcast. Like any good marriage we will debate, evaluate, and sometimes quarrel about how privacy and security impact business in the 21st century.

Jodi Daniels  0:21  

Hi, Jodi Daniels here. I’m Founder and CEO of Red Clover Advisors, a certified women’s privacy consultancy. I’m a privacy consultant, and certified informational privacy professional, providing practical privacy advice to overwhelmed companies.

Justin Daniels  0:37  

Hi, Justin Daniels here I am a technology attorney who is passionate about helping companies solve complex cyber and privacy challenges during the lifecycle of their business. I am the cyber quarterback helping clients design and implement cyber plans as well as help them manage and recover from data breaches.

Jodi Daniels  0:56  

And this episode is brought to you by that was a really weak and then interesting drum roll, we got to work on drum oh, we’re gonna have drum roll lessons for your Red Clover Advisors. We help companies to comply with privacy laws, and establish customer trust so that they can grow and nurture integrity. We work with companies in a variety of fields including technology, SAS, e commerce, media agencies, and professional and financial services. In short, we use data privacy to transform the way companies do business. Together, we’re creating a future where there’s greater trust between companies and consumers. To learn more, visit redcloveradvisors.com. Do you think

Justin Daniels  1:42  

we want to share our big announcement with our viewers about what happened on Friday night? Go on ahead. Now I want to hear you

Jodi Daniels  1:50  

do it. Now you’re doing I don’t want to take away from your thunder, why not?

Justin Daniels  1:53  

Alright, if I embarrass you will be my fault. Well, what we’d like to share with our viewers is in February Jodi, and I’ll be taking a road trip to San Francisco, because our version of a fun weekend includes speaking at RSA on a really cool topic, which will be autonomous vehicles and drones privacy and security versus surveillance. So if you get to RSA in 2022, on February 7, come see us,

Jodi Daniels  2:27  

God and Justin shows on the road again. Well, to get started, we’re so excited for today’s guest we have Adi Elliott, who is the Chief Revenue Officer at Canopy and brings more than a decade of leadership experience in the software and services industries, to his role, leading Canopy’s global revenue operations. He has extensive experience building and leading high performance marketing sales product and strategy teams. Welcome to the show. Thank you so much. Well, we’re so excited that you are here to join us, you did not realize that we were going to be chatting all about the fun going to San Francisco big bridge behind you.

Adi Elliott  3:09  

Yeah, that’s actually very timely considering my background.

Jodi Daniels  3:13  

It’s my favorite city. I love San Francisco, anytime used to answer any of those quizzes, and what which city are supposed to live in, I was always San Francisco.

Adi Elliott  3:23  

I don’t begrudge that. It’s a great city, and

Jodi Daniels  3:25  

deed. Well, to get us started, we always like to ask a little bit of everyone’s career journey and how they got to where they are today in this privacy and security world. So please, take us all the way back. But fill us in.

Adi Elliott  3:40  

Yeah, it like it was circuitous and accidental, like many. So I came in through, essentially the eDiscovery door and that I’m a marketing and kind of product person by trade. And there was a time this is like in oh eight or so where I was living in Chicago, I wanted to stay living in Chicago. And all the product and marketing jobs were either in the San Francisco Bay area, or in Seattle, at least with big companies. And there was like a small consulting company that wanted to become a software company and, and they needed a head of marketing. So I said, Well, if this company like like implodes in a year, then I’ll just take a job and like Mountain View or something, you know, like and so I took the job there leading marketing for an ediscovery company that became a much bigger ediscovery company and was pretty successful. The name of it now is like relativity, and they’re like a big player in the in the eDiscovery space. And essentially, that kicked off a good probably like 15 years in ediscovery or so. And then, and then privacy and security and data breach response came along when I was kinda, I guess you could say burned out by helping companies to each other because that’s kind of what ediscovery is. And, and but data breach response is like working with data. So a kind of friend put me in the CEO of Canopy together and said, Hey, you too should have a conversation. They’re doing pretty interesting stuff in the data breach response space, it’s somewhat adjacent to ediscovery. But it’s still working with data. And I’d honestly, I had some friends that have gotten into privacy. And obviously, there’s a ton of momentum in the software world there. And so from a software perspective, it was really interesting to me. And from a problems to be solved perspective, it was super interesting. And, and as soon as I really saw what was happening, and data breach, I couldn’t not be a part of it. So pretty quickly, me, me and me and the CEO of Canopy were like, Let’s figure this out.

Jodi Daniels  5:47  

Well, thank you for sharing you discovery is certainly morphing a little bit, I find a lot of people coming from the eDiscovery world into the privacy and security space, right? There’s there’s definitely some intersection and an overlap all. For me, my favorite phrase is it’s all about the data, which is underlying for both of those worlds.

Adi Elliott  6:06  

Absolutely. And it’s one of those spaces that like, if 30,000 feet, it looks like it looks very similar to ediscovery. But like a data breach response. But when you get into the weeds, it’s actually like incredibly different.

Jodi Daniels  6:18  

Oh, apps, absolutely. By the fundamental connector is data.

Adi Elliott  6:21  

Absolutely. Interesting. Yeah. And we like living data all the time. And being able to work with and understand structured and unstructured data is super interesting. And what do you do with it? And how do you get your arms around it? And, and it’s interesting problems that humanity faces these days.

Justin Daniels  6:38  

So why don’t we dive in a little bit about your current role, and talk a little bit about how AI impacts the data breach response process?

Adi Elliott  6:48  

Yeah, it’s really, it’s really transformed it in a lot of ways. And it kind of gets it a bit of what I was saying a second ago is that data breach response is a really interesting space. And that it was created kind of by Fiat by a bunch of very sensible regulations. Like it wasn’t a slow, a space that developed over 50 years. And slowly, there’s a tick tock between like solutions and problem, it was all of a sudden created when both in Europe, North America, Australia, Asia, all of a sudden, every country started realizing that there are risks to it to all the data that’s being held, and that the citizens of each of these countries, each of these states, that that there’s real impact to all of the hacks and incidents and breaches Call it what you will. And so all of a sudden, worldwide there is the need to do data breach response because of the regulation. So it’s created by regulations and what it didn’t. So there was no software space for that at the time. So everyone had to just use best available Tech because the software, the GDPR CCPA, or the state of Virginia, they didn’t say, hey, politely wait until a piece of software comes along that specifically solves this problem and said, Hey, right here, right now notify all the people that are impacted by this. So what people were using is just cobbled together solution. So like, at the time, it was like search terms and regular expressions were what they would use to like, say, Okay, I have a business email compromise. It’s not even that big of like 20 gigabytes is like pretty typical. That might be a few 100,000 records, though. So how do you find out a few 100,000 records if there’s PII in there not to notify the people and what names are in there. So in the beginning, that that part was like search terms and regular expressions, not super efficient. If you use that on on, like any data set at all, you’re it’s going to tell you like 70% of the of the dataset needs to be looked at which, which in reality, is way over inclusive. So right from the jump. One of the ways that AI is transforming it is building models, to to specifically address every element of PII, instead of relying on the kind of search terms and regular expressions that people were showing up with it because that’s all they had. So like, that’s one part of it. And that gets you closer to like the true pie level within a dataset because what you find is, if you’re using AI, to in machine learning and algorithms to solve this problem, what you’re finding is is that the true the true amount of PII in any given data set unless you’re talking about a healthcare case, that’s like crazy town and like it’s all PII, it’s usually like 15%, like between 10 and 20 is pretty typical. So you like reviewing 85% of the of the dataset that doesn’t contain any any PII at all is kind of wasteful, and there’s money to be made for some folks there, but it’s not super not super cost effective. So like, right from the jump, like just identifying PII is like the perfect kind of problem that data science and AI solving. And then even when you get into it, like connecting like, hey, is this Alice McNeil is that her social security number is that her address, may allowing reviewers once they’re looking at data making those elections happen really fast. It’s definitely an AI problem. And then even like the entity consolidation, if you think about it, like, like God take of taking your data is I’m sure appeared as all of our data has in many incidences that become breaches. I bet when they’re identifying your data, they have your name, like several different ways. They probably have maiden name, married name, they probably have Jodi spelled wrong, they probably they might have a middle name or something. So you might there might be there might have several different addresses that you’ve lived at. But if you’re a lawyer, that is like overseeing this whole process, you’re like, yeah, just tell me who I who we send in this thing to I get it, her data is compromised. What’s her last name? What’s her address? How do you spell Jodi, what are we doing here? And that’s another AI problem with just getting down to 10 instances of various spellings and instances of people’s name down to who we send in the letter to in the end. So a an endless AI problem.

Jodi Daniels  10:52  

And I see Justin smirking over here. Maybe they even have our running because sometimes we’re called to all different kinds of things. Or a lot of times, especially for you, you’re you’re called Daniel

Justin Daniels  11:03  

or Jason or Tom.

Adi Elliott  11:06  

Elliott all the time. My name is Adi, but people don’t know what to do with Adi. So they’re just like, okay, Elliot. And they I’m positive that my name is just turned up in Elliott, because one day they just he like Elliot’s all they know what to do with. So they’re just like, we’re just rolling with Elliott.

Jodi Daniels  11:22  

Oh, well, so fill us in a little bit about Canopy and how does it help companies better respond to data breaches? Where does it fit into this puzzle?

Adi Elliott  11:31  

Sure. So we’re the only company in the world that’s end to end focused on the data breach response problem. So there’s a lot of like, adjacent cobbled together like, Oh, this is kind of on the margins of what we do. But what we do is from, from the time like, so what happens before us is the incident response process where some digital forensic or incident response organization, well, I be sure an incident has occurred. And then they’ll say, this is the data right here. So maybe it’s a file share, that is the subject of ransomware. Maybe it’s a, the the PST that has been compromised because of a phishing attack. But they’ll say, here’s the data. It’s right here, it’s a PST, it’s 30 gigs. It’s 80 gigs. It’s these three Ps, DS, whatever the data is, from then on is where our software comes into the mix. So what people do is they upload the data into our software. So we, we run a ton of AI models against the data that our clients like. So another thing that’s interesting about us is we’re appear on the data breach response side were peer channels. So we sell to people like Incident Response groups, law firms, litigation service providers, on the review side, sometimes insurance companies, if they’re particularly entrepreneurial, some, but we sell to people who solve the problem. So for the CIO, all the people around the table are using our software to, like initially do that data mining. So that’s like, the first thing that happens in our software is they upload the data, we run all that AI against it, and then they data mine it and just say, Okay, we’ve got this, you know, 80 Gig PST, what are we gonna what? What’s the impact here? Is it? Is it an incident? Is it a breach? Do we need to review it? Does it need to go any further, everyone’s praying, there’s no PII in it. Most of the time there is unfortunately, but enough that it probably is notifiable a lot of the time more than people think. But yeah, so they, it enters our software, like what comes into our software is that like raw data, like usually unstructured data and what comes out, like a whole bunch of stuff happens that we can go into if you want, and people doing work our clients doing work on the software. And what comes out is a CSV that is like a list of names and addresses of the people that are going to be notified. So we’re kind of input is the data output is the CSV with names and addresses. What happens in the middle is like the several steps like the data mining step, the review step, and then the entity consolidation step all is happening inside of our software.

Jodi Daniels  13:48  

It makes sense, and a very needed piece of the puzzle for sure. Yeah.

Justin Daniels  13:54  

So how do you see companies paying for breach response? Or how is it going to evolve? Because premiums have gone through the roof? Yep. And coverage is now starting to be significantly curtailed.

Adi Elliott  14:09  

Yep. So in a way, and this is kind of a really quirky place that we play in the biggest beneficiaries, like the two biggest beneficiaries of our software is number one, insurance companies, but they’re usually not our direct client. But what we do if you think about it, so like and then let me like Ben, slice that a little if you think about it, the reason why there’s two main costs that are happening that makes these incidences so expensive, one is usually paying the ransom if there’s a ransomware like that’s thing number one that makes it expensive. And thing number two is human beings reviewing data. So like that is actually extremely expensive and in a really easy shorthand is like $1 a document. So if you have a few like if you have 50 gigs in a PST, which is like real standard that is not a crazy PST size, but we’re talking several 100,000 documents maybe even a million and just a 50 gig PST depending like the like a lot of you can see anywhere between 5000 Docs per gigabyte up to like 1213 14,000 Docs per gigabyte. So even 50 gigs like the math of that gets crazy fast. So the difference between reviewing 15% of that collection and reviewing 70 to 100% of that collection is enormous. And the the the folks who are on the hook for that ideally, or not, ideally, but like usually are the cyber insurance. So the how they pay for it usually as a cyber insurance company, I like they have a cyber breach plan. But you’re right, these these because of the combo platter of holy cow, this is expensive to review. And these ransoms often are going to get paid and they’re expensive as well, you put those two together, and people are maxing their policy like every single time, every single time. And what we’re trying to do is, is essentially reduce at least that that that review cost and what insurance companies are realizing because up until now, everything was the same cert until Canopy came along. The entire solution for data mining was search terms and regular expressions and there wasn’t really AI involved, it was just search terms of regular expressions. And for that, you’re going to get either 70 to 100%. And, and so there’s a whole ecosystem of like really transparently of review companies that have built their whole business around the review 70% to 100% of the collection. And it was like incredibly lucrative, like it is it is a heck of a business to do that. But Canopy comes along and says, what if you only reviewed 15% of that. And for an insurance company, that’s fantastic. Once they like wrap their mind around, hey, if you like save money, like the data mining phase controls that review phase, so like save the money, a data mining, and then review fewer documents. But there’s all these review companies that are like killing it on 70 to a brick reviewing dollar a document 70 to 100%. There, it’s it’s pretty lucrative for them. So they’re gonna fight back hard on that and try and keep a technology like ours out of the game. So what we’re doing so that’s thing number one is saving the cyber insurance number two and think number two is companies. Because if you think about it, what we’re ultimately trying to do is make the cost of doing business less crazy here. So we can all get cyber insurance. So we can so this this, so it doesn’t exclude the cyber insurance market. So this doesn’t, it becomes no it because if you think about it, hackers have created a tax on business via all these cyber insurance policies that we all have to have. Now. That’s that’s really what it is. And Canopy’s ultimate end game here is to reduce that tax as much as possible to mitigate that. And the data breach response is the reactive side of that. And then we also have like a proactive looking thing on the on the proactive side to help people mitigate as well. But essentially, that’s that’s, that’s how they pay for it via insurance, insurance premiums go up insurance companies are like, Whoa, boy, I don’t know if I want to do this anymore. And we’re trying to change the dynamic there.

Justin Daniels  17:55  

And well, thank you for that. So one thing I wanted to talk about specifically in your role as chief revenue officer is talk a little bit about how the sales process works, and aligning your software with educating the customer about the data your tool might collect and company and privacy security policies. Around that data. I find too often in the sales process, this is omitted. And then when I the lawyer get the contract, and it’s one sided, it results in either deals being delayed,

Adi Elliott  18:26  

or they don’t close. Yeah, it’s kind of it’s it’s tricky for us. I mean, one we obviously take security extremely seriously. We operate worldwide. We’re in like North America, Europe, Australia, software’s used all over the world. And and the security questions and questionnaires and all that stuff is like a standard operating procedure for us and usually gets handled before any specific project. So usually, we’re working with like the law firm or the or the digital forensic Incident Response folks to like that, like they make sure up yep, your your security bonafides makes sense. But the the quirkiness of the whole situation is is that one, the data is not going to live in our software for very long, the only reason it’s in there is to get the folks notified as fast as possible. And to it’s breached data, like it’s not this isn’t like corporate data that in the traditional sense, this is like like or it’s it’s data that has been compromised, let’s not say breached, because that’s a that’s a legal definition. But the essentially, like like I said, we take it super seriously. But the the endeavor is to, for the for the data to be in our software. For frankly, as short as possible. We don’t want the data in our software long because the faster the data comes in, it’s data mined, like they reduce that dataset, then they review it, then they get the they consolidate the entities they get the list of human beings that need addresses, and then they just delete it from our system and it’s gone never to be heard from again, and it’s wiped and then all they have is a CSV with a list of names and addresses. And that’s the output and then and some metadata of like, what’s in the, like, how many social security numbers, how many addresses, or if it’s like in the UK or something like how many NHS numbers or something, but the actual PII goes away, the data goes away, etc.

Jodi Daniels  20:14  

You had shared before a little bit about how you also have some mitigation measures. You know, imagine a company goes through this whole process, they learn how messy all their data is, oh, my gosh, look at how much personal information we have. So kind of to the conversation that we just had, and what Justin was talking about, where it how do you educate companies on? Hmm, hopefully, you don’t have one of these breaches again, and we need but if you do, you might want to take these kinds of steps to have a smaller pool have cleaner data, I’d love to hear a little bit more about those mitigation and proactive measures.

Adi Elliott  20:47  

Sure. So we I mean, it this is kind of a funny story. Because like our clients and and shout out Gartner a little bit like Gartner helped us invent a whole product? Because there they just explained to us that nobody does this. And then some clients were like, can we pay you for this, but we launched a after the data breach response product that that on the success of how well it is how good a job it does it p identification and data mining. We had some clients that like a company would use us in the data breach response process. And then their like CIO or chief privacy officer, somebody would hear about our software from data breach response, and they’d say, what if we use something like that, before the data breach occurs just to see what we have. And, and essentially, this here’s, here’s our kind of take on that is a lot of the market is is all about remediation. And what privacy audit our product is about is a is about changing human behavior. So it says, like, we know from data breach that almost every time these these compromises occur, what the company finds, once they run it through our software is that the the folks were out of compliance with policies. Now they were clicking through all the surveys, they had done the tabletop exercises, they had the right incident response, digital forensics folks in house, ever, they were taking all the right steps. And yet, the HR team, the marketing team, the sales team, whoever it was, they still had a ton of PII that nobody knew about. And there’s just no no vector in to find out. So what privacy audit does is take all those algorithms that we’ve developed across billions of elements of PII identified on the data breach side and said, instead of trying to remediate every every bit of PII in your enterprise, because that’s a fool’s errand that’s literally proposing running a data breach response project on your entire company, which nobody is going to do. Instead, just take a couple samples, say, Let’s take two random HR people that you think represent the way HR uses data and take us in, run it through the software, see what kind of PII is there? And then instead of anecdotes, or a tabletop exercise where people are trying to pull out of their heads, what do we think we do today? It’s tangible, like, hey, if we had a breach today, or we had an incident or a compromise, or somebody got fished from this department, you can like drop the report on the table and say, here’s what we’d have. Now you i, we understand that you need you have a job to do, and that you didn’t realize you were exporting this Excel spreadsheet out of this tool over here, emailing it to this other person, and then they would manipulate it and they drop it into fileshare. And but not like we didn’t know that was happening you didn’t think about that was happening. You didn’t think about once it’s in your email, technically, now it’s in your email. But like, what do we need to do here to like to, not from like this specific spreadsheet, but from a workflow, from a from a behavior, like it allows training and policies to be updated to be specific to the people that that you’re talking to, with the line of business, and it allows benchmarking, so you really know if people are in compliance or not. So that’s what the product is. And, and that’s the way we think about it. And so it’s like I said, it’s about changing human behavior and changing policies and training, not so much about, hey, let’s crawl your whole enterprise and look at every bit and byte. Like, that seems that seems the I don’t know that that dog never hunted for me in, in, conceptually, because that always, that was always a pitch to do data breach response on an entire company. And we know from actually doing data breach response that that’s, that’s there’s no way because you can barely get a cyber insurance company sometimes to pay for data breach response, or just this data right here, let alone the whole company.

Jodi Daniels  24:23  

It makes sense. Thank you for sharing. And I I like the idea of the proactive piece because there’s there’s data hiding in a variety of different nooks and crannies inside companies.

Adi Elliott  24:36  

And it’s where it like and it’s not even I guess I’d say this, it’s only hiding because no one has a way to look at it. Like it’s not really it’s just sitting there and PST is and file shares. Not it’s hiding in plain sight. It’s just that there’s no vector into it. There’s like nothing that like says Here it is. Here. Here’s here’s 30,000 Social Security numbers just sitting in someone’s PST. There’s nothing that says that.

Jodi Daniels  24:57  

Right? Hopefully they won’t keep having 30,000 Security numbers. I think someone’s BSD

Adi Elliott  25:02  

you’d hope not. But I would have

Jodi Daniels  25:04  

not. Yeah. But I know it happens in some companies

Justin Daniels  25:09  

more than we like to think about indeed, well, kind of changing the game a little bit is, in your experience. Would you like to share? What is your favorite privacy or security tip with our audience?

Adi Elliott  25:22  

Oh, absolutely. This is something that uh, that most people are like, it’s wild to me the most people don’t know about. So the caveat here is that this is, if you live in Apple world, this is going to apply. So if you have like an iPhone, and it really superduper applies if you’re using a Mac. So the one of the most like, I would say unheralded, because they don’t get a ton of the advertising. But the team working on authentication and passwords inside of Apple is killing it. And the person who manages that T Ricky Montello, shout out Ricky modelo is like phenomenal and doing like, amazing. That whole team is crushing it, but they now have multi factor authentication built straight in to, to pretty much the lowest level of, of Apple devices. So if you think about previously, I’d been using like Google Authenticator in my personal life to use multi factor. And the thing about that’s annoying about that authenticator app is like, if you have it on your phone, one, you have to copy the codes across. And two, if you get a new phone, you have to like do this dance of transferring your multi factor from one phone to the next phone. It’s like super frustrating. So now, the Apple solution is like so good. It’s built straight into the autofill. Password. And if you go into like settings and passwords, and then go into any specific site, so like say, just take Twitter, if you go in, if you want to set up multifactor via apple on Twitter, you can just go into the password section of of your Apple device. And you can do it on if you’re on the latest and greatest of their software, either the passwords thing and you go into the website and question, and then you can set up code or whatever it is. But it allows you to do it either via QR code, you scan it, and now it works across all your devices. So literally, when you get a new iPhone or iPad, your multi factor is ready to go. It’s just right there and it auto fills. So when you get the multi factor dialog, like it’ll autofill it from from the the keychain. And like this is this is like the the way normal people can implement multi factor because I think multifactor is really hard to understand stuff for your average person. And this is the way if i Any, any, any civilian, I don’t know what we call like people who don’t live in privacy and security space, but any regular person who doesn’t want people Yeah, normal people, I would say this is the route and even if you’re even if you’re like one of us, I would still say it’s the implementation is phenomenal, phenomenal implementation of multi factor. Highly recommend if you’re if you live in Apple world, if you have an iPhone, if you have a Mac, this is this is my recommended, like it’s just so easy. And so, so user friendly.

Jodi Daniels  28:00  

I’m just curious, if you have a let’s say PC, computer, Windows based computer and iPhone, does it still work? Or does it get messed up? If you want to be on Twitter on the PC and Twitter on your phone? No, it

Adi Elliott  28:12  

still works fine, because you just get the code, the code is always there and that passwords location on your phone. So you’d still just be able to like look the code and like type in the six digit code or whatever. It’s still right there. But it’s still amazing because if you think about it, when you get a new iPhone, which we every two years or so a lot of us do. It just transfers there’s no dance of voltage, there’s no multi factor dance. And it really when it’s the worst is if you use your current phone is like the upgrade phone and trade it in then you’re really toast if you don’t think about it ahead of time because you’re like MultiFit you can be in multifactor purgatory. This solves like all of that. All of its solved it’s right there and consider the apples like the privacy company of floors me I don’t get that they don’t talk about this more.

Jodi Daniels  28:53  

Well we will do our best to highlight that tip for everyone maybe even give a little shout out to Ricky so thank you know when you’re not giving out awesome tips and being the privacy professional that you are like you’d like to do for fun. Um

Adi Elliott  29:07  

so one highkey the company Canopy were named that way because like our CEO one of his favorite things is like hiking with his wife and it just it like coincidentally a lot of us at the company that’s my favorite thing in the world too is hiking with my wife so like hiking in the Pacific Northwest or wherever there’s a beautiful nature, but I love hiking. I love watching NBA basketball. And and so that’s like think number two I think number three somehow thanks to my kids, it’s like Pokemon Go. I like it’s just become like, the background noise of my life somehow is Pokemon Go.

Jodi Daniels  29:40  

I didn’t know if that was still around. Because I remember years ago it was the thing. Like shopping centers had to have blockades and then I I don’t hear about it anymore.

Adi Elliott  29:48  

It’s still a thing and it’s like it’s it’s the game itself is like not like there Yeah, I somehow don’t even get how I got sucked into this world but I did. And so now I kind of played Pokemon Go, like on a on some sort of basis. And my oldest kid who like is the one who got me into like, like laughs at the fact that like, like I played more than he does at this point like, like so, but it’s still there. And it’s kind of the jumping off point that Niantic the the company behind all those technologies, it’s like their flagship products still in there, they’re still chasing, like the next thing to do with their like geolocation, AR. All the technologies behind Pokemon Go they’re like always trying to like launch new products. I’m always seeing what else they do with it, but Pokemon Go was like the perfect mix of, of our intellectual property and, and technology. But it’s a great game. And it’s really interesting, and it gets you going around every city you go to.

Justin Daniels  30:42  

Have you purchased your first and NBA NFT

Adi Elliott  30:46  

that so I have not? I have not. And I’m like I’m kind of Taiki I guess I’m taking on the NFT thing. Like I like I get it, I get why people like it. I collected basketball cards as a kid and they’re like digital basketball cards. I just, I’m proud I’m of the belief that I would probably buy the one that would immediately go down in value and like mine wouldn’t be worth a lot and I just be like, Yeah, I’ll just like, go to games and watch on League pass and enjoy it that way. But it’s cool. I love that they’re doing it and it’s like one of my favourite implementations of blockchain technology.

Jodi Daniels  31:20  

One of Justin’s other favorite pastimes. Well, Adi it’s been so much fun if people want to connect with you and or learn more about Canopy where should they go?

Adi Elliott  31:29  

Canopyco.io. That’s the so Canopyco.io is our website. All the informations there. And that’s the easiest way to find all of us online.

Jodi Daniels  31:41  

Well, excellent. Well, thank you so much again for joining us today. We really enjoyed the conversation. My pleasure. Thank

Adi Elliott  31:47  

you so much. That was awesome.

Prologue  31:53  

Thanks for listening to the She Said Privacy/He Said Security Podcast. If you haven’t already, be sure to click Subscribe to get future episodes and check us out on LinkedIn. See you next time.