Volunteer Spotlight: Henry St Andre

Henry St. Andre’s work in the IT and telecom industries dates back to the divestiture of AT&T and the creation of the competitive long distance industry. Henry spent those years in operations managing network operation centers. In 2003, Henry went to work for inContact, a cloud provider of contact center services as the Director of Operations. Four years ago, as part of its goal to become the global leader in the cloud contact center market, Henry was instructed to create a Trust office. inContact became a corporate sponsor of the CSA and Henry began his involvement with the CSA and its mission. The CSA has provided Henry with tools and resources such as the CCSK and the GRC stack to support his mission as Director of Trust, and has afforded him opportunities to participate in the larger cloud security community as SME co-chair, assisting with CSA conferences such as the yearly USA Congress, RSA, and Blackhat. In his spare time, Henry can be found hiking and thanking his wife for her patience as he tracks mud back through the house.

How did you become involved in the CSA?

Our COO had the vision, which was that inContact should be more than just a company looking for best practices for its own use. He felt that we should also be involved in the community and lend our resources and support to the CSA mission. With that mandate, and his support I approached the CSA from the perspective that I wanted to not only make use of their guidance in my day to day job, but that I would actively seek opportunities to become involved and the CSA has been generous in providing me with the chance to do so.

What type of knowledge or skills have you gained by your involvement in the CSA that otherwise you would not have in your current role?

First of all the CSA guidance publication, and the CCSK certification is probably the best set of material for anyone who is going to work in or with cloud based services and that knowledge set has been a huge benefit to me. Second, the opportunity to participate in working groups such as HIM and Market Maturity, and SLA. The materials the working groups have produced and my understanding from being part of those groups have enabled me to make recommendations and provide guidance to our development and regulatory departments at inContact that I would otherwise not have been able to do. Finally, I have met many people and have discovered a network of individuals that I have and continue to reach out to, to answer questions and solve problems.

How do you think your involvement has impacted cloud security?

I like to think that in my own small way I have been able to contribute to cloud security in as much as I have been able to provide peer review to materials, make recommendations to help the CSA establish an office in Singapore, be a contributor to the process of selecting speakers and subject matter for the CSA Congresses in the USA for the last two years and as an SME Council co-chair, in small way try to make the CSA a more valuable tool for the 100+ corporate sponsors who have representation in the SME Council.

How has it impacted your career path?

I believe that I am typical of many security professionals who began their career in IT, Networking, System Administration or Development and had an opportunity to become involved in Security. Almost overnight the Cloud has taken on a commanding presence that is affecting businesses and the entire security profession. The impact has been to recast and re-assess policies, procedures, regulations, and compliance in a different context, which has meant that my career path has been recast into one that has new opportunities and responsibilities that simply would not exist without the Cloud.

What is next for Henry with the CSA?

I will continue to look for opportunities to participate and serve, first because I enjoy it, second because it brings value to me, my company and the customers we serve, and third because I have a personal interest in the CSA story and mission. From a career perspective, I am using the CSA Cloud Controls Matrix, CSA Guidance, and other CSA tools to differentiate myself. When I attend meetings, when I assess products, systems, networks and processes, I am bringing the entire CSA family with me to the table and to the extent that I can develop ways to leverage CSA knowledge and resources, I will be benefited professionally, and inContact will continue to be a leader in providing secure cloud based services.