insider threats

People of 3nom: David Cameo, Senior Systems Engineer


The new episode of our blog series People of 3nom turned out to be just that — an episode of a podcast hosted by 3nom’s own Senior Systems Engineer, David Cameo. We jumped on the opportunity to ask David all about the behind-the-scenes of life at 3nom, including all the ways it is similar to his favorite TV show and his podcast topic, The Walking Dead. David has some serious advice for small and medium-sized businesses too, so don’t skip this one.  

What did you do before, what brought you to 3nom and why in the world did you decide to stay?


I’ve been working in IT since I was 13: some summer internships with a computer-aided design company, some freelance gigs. This took me through high school and college, and eventually, I hooked up with Abe (Abraham Sasson, 3nom Managing Partner). He and I grew up together in New Jersey in a small bubble on the Syrian Jewish community, which is heavily concentrated in Brooklyn, New York. Our moms were close friends and we barely knew anyone else in New Jersey. 


Fast forward ten years later, I’m in my 20s just getting off a job and running late to Abe’s brother’s bar mitzvah. He found out why I was late—I was helping out with some antivirus clean up for a cousin of mine up in the Bronx—and offered me the job on the spot with his first company. 


I stayed on with that company for several years and eventually moved to Chicago. I still freelanced for that company until Abe eventually formed another company of his own which you know now as 3nom. First he asked me to help out on a specific project, but I never left. I’ve been with 3nom since 2005, it’s coming up on 15 years now.


I don’t think many people at this point can say they’ve worked somewhere for so long! So what is it about IT that keeps you interested and stimulated this whole time?


I think it’s because a big part of my role is solving problems or developing solutions to complex problems or technology scenarios that will help a client to advance. It’s like solving a puzzle.


I don’t know if this is just my personality, but I’ve always been a fixer, an engineer. I’ve always taken things apart and put them back together better than they were before. So this position is perfect for me: I get to do that for multiple clients and it’s very gratifying. 


Let’s get specific. What is something fun, exciting, unexpected, or particularly impactful that you have recently solved for?


That would be the creative solutions that we had to implement to mitigate some of the damage from a lot of the ransomware that we’ve been dealing with lately. When it comes to ransomware, you can pay the ransom and take your chances or you can restore from backup. 


In one of the recent cases, we had to implement a mixed approach because you want to get the client up and running as fast as possible. So while we’re restoring some files, we’re creating a parallel environment where we store whole servers and then stand up another environment with new servers. The idea was to bring up things in parallel to see what gets the customer up faster. So, you would take a little bit of column A, column B, column C to get them up as fast as possible with minimal downtime and at least get some services up so they can continue working, I think that’s where we excel. 


How do you split responsibilities within the team in case of such a complex and urgent situation? 


Obviously, it’s not just me doing the work. Each of us has specialties, people like Avrohom Liberman, our CTO, and Abe Sasson rolls up his sleeves and gets down and dirty, so we’re all involved. We all work in tandem to support each other and lift each other up. 


Speaking of ransomware, what should small or medium-sized businesses be the most vigilant about today?


Keeping recent attacks in mind and some of the ransomware and cyber attacks that we’ve had to deal with, we found that the root of the problem often is in customer passwords. When passwords are easy, criminals can run what’s called a rainbow table against them and easily crack them with common passwords or just random letters. Or somehow they get the credentials from a site that’s been compromised, like a credit card site or even a vendor site. I just got an email from PayPal that said that they were attacked again.


And so if you’re using the same passwords across different vendor sites and you happen to be using the same password for your corporate email or your corporate log on, it may be a good time to establish some sort of turnover for your corporate passwords or to personalize your corporate password to stay vigilant.


We have solutions that can force users to change passwords on a specified cadence. But we always aim to provide a mix of security and convenience. But in light of recent events, we had to become somewhat stricter about credentials and security.


Passwords are the bane of my existence — 30 letters min with 5 special symbols and 22 numbers! But they are important. I also found 3nom’s free Security Awareness Webinars super helpful — they talk about passwords as well, and also other relevant things around using public Wi-Fi, email security etiquette and more. 


What is something unexpected that you learned about life while working at 3nom?


Oh, that’s an interesting one. I think on a professional level, working at 3nom has taught me to be more tolerant of other people’s experiences. As a technician, you can get wrapped up in your own stress or your own attempt to resolve a client’s situation. But being in this business for so long, you develop a patience quotient. And over time, with things that would normally stress you out to infinity, you can take a step back, take a breath and go, “this customer is having a bad day.” 


So it’s on you to not only be the person who’s going to solve the problem but also who is going to hold their hand and guide them through the situation. Most of the time you will be able to fix it but sometimes you have to tell them it’s taking longer than expected or you have to call this person or that person or I have to contact a resource or vendor or software developer to solve this problem. And you have to be that voice of reason. 


And on a personal level, I think I’ve gotten to be more tolerant of other people’s viewpoints politically or socially as well. I can better see and accept views that may be opposite to mine. It’s a skill that I didn’t know I had until I sat down and realized that we all have our boundaries and limits and beliefs, and it’s on me to be able to at least listen and then discuss and find ways to be okay with that. This feels like a really serious skill level to learn in a globally connected internet age.


I’m wondering if there’s something in particular about 3nom’s way of work or approach to projects that contributes a lot to the success of those projects.


I think Abe might have brought it up, but it’s the ability to receive options. 


For example, we can give you the soup-to-nuts Rolls-Royce treatment when it comes to how to approach a particular customer demand, but we will also give you the kind of solution that will match your budget and make the most sense for you. We’ll give you the high-end, we’ll give you the low end, and there are a few gray middle areas that we can also give you. 


This is something that you learn over time. We started off trying to be more pennywise for customers and then eventually got our backs against security. Sometimes you do have to be a little more aggressive about emphasizing the need for security or the need for best practices to provide a safe solution. 


It’s unfortunate, but most MSPs will shoot higher and not even meet the customer in the middle when it comes to their needs or budget. It’s funny to say but I feel bad doing that. It is in 3nom’s culture to always look out for the customer’s best interest while considering the boundaries we are working with. 


What does a private business need to know and understand about their IT and technology to be successful? 


That’s a tough one because we really make it easy, our unofficial motto is, “the best IT is when you don’t know it’s there.” 


When you make it that easy, there is always a risk of infantilizing your customer to a point that they don’t need to know anything and they trust you. It is a good thing but it’s not always empowering to the business and the business owner. 


I feel like as a Managed Service Provider, it’s your job to simplify their technology in a way that will help them adapt to present-day dilemmas. So you’re implementing solutions that will bring them into the 21st century. And to do that, they need to understand at least the concepts that you’re bringing to the table, the pitfalls, the opportunities. The hope is that this will inspire them to ask questions. You’ll even find that some customers will ask questions that you never thought that they would had you not eased them into the process. And when you do that, that leads to even better solutions because then they know exactly what is and isn’t possible. As a business owner, you should not be afraid to ask questions and if your IT provider can’t even answer the most basic questions, then they’re not the kind of partner that you want to involve yourself with. 


If there was one thing that you think that all small or medium-sized businesses need to consider investing in the next 6 months, what would it be?


As of now, they’re investing in remote desktop solutions, so let’s take that off the table. I would say more backup, you know more backup is always better but it does cost money. But at the end of the day, you don’t want to not have it when you need it. 


You also want to invest in staying on top of cutting-edge antivirus and antimalware solutions with the help of your managed service provider. And I stress managed service providers because they will have certain antivirus tools that may not be available on a consumer level. You can go with your McAfees and your Notrons but there are artificial intelligence solutions that can help you go beyond the scope of what a mass-market antivirus will do without all the clutter it has baked in.


An example of this would be, a ransomware attack starts happening and the AI antivirus will see on its own that this is abnormal behavior, “I think I’m going to shut this down.” It’ll think ahead and it’ll start to anticipate certain behaviors and mitigate them.


This technology is something else, we wrote about Managed EDR on our blog a couple of weeks ago. Now, let’s have some fun: in which way is the Walking Dead series similar to working at 3nom?


Okay, so to simplify, it goes back to why we are who we are and to the pandemic too. But we are our best when we are cooperating. Modern humanity emerged from their ability to cooperate and a lot of that occurs in The Walking Dead: we need to come together in order to survive. When we worked together even with our limited physical attributes, we were able to overcome stronger opponents and dominate the Earth. The Walking Dead has that in spades: when you try to work together as a community, you can survive. 


What we tend to do in our company is we try to distribute the talent across multiple technicians. We try to nurture specific talents or to train users in certain best practices to alleviate the stress on any given technician so that you have a range of technicians that can handle certain situations from different angles. An organic show of talent will emerge naturally and the collaboration, cooperation happens organically. 


I don’t think I’ve seen a single episode of Walking Dead. What would be your pitch to me to watch the show?


You would think that the show is about zombies, but the show really is about showing the range of the best and the worst of us. The tagline of the show is We Are the Walking Dead. It’s not the zombies, it’s us, we are them. It’s a show about who we really are at our base level and who we become as a result when we encounter something that would test our limits. Who you are before almost doesn’t even matter anymore. But what you become now, what I intend to be matters. And you tend to become who you really are because none of the nonsense of the day-to-day of what we do ends up mattering, and you can’t pretend and you can’t fake your way through an apocalypse. 


It appears that we are trying to do that, or at least make our way through one right now! 


Yeah, the lamest apocalypse ever. This one wouldn’t make for compelling television.


Have more questions for David about your IT? Get in touch! Or follow David’s Squawking Dead podcast anywhere you visit. 




Improve Your Productivity

Subscribe to learn more