March 27, 2024

Clea Ostendorf: Workplace Surveillance & Data Protection

Securing Privacy: Insights on Workplace Surveillance & Data Protection

Watch the episode here:

In episode 4 of “In Security” podcast, Clea Ostendorf, Field CISO at Code42, shares how she approaches the intersection of data security and privacy. Clea, along with our host and GTM leader Mike Cataffo, discuss the implications of workplace surveillance on employee privacy and how to strike a balance between security objectives, legal considerations, and individual liberties. Clea advocates for clear policies and a human-centric approach that respects individual freedoms while safeguarding sensitive data.

Key Takeaways

  • Security, Privacy, and Risk Mitigation: Workplace data protection, GDPR compliance, and defining roles for employee monitoring.
  • Legal Concerns and Response: Organizations setting risk tolerance and managing risks for data sharing versus employee departures.
  • Data Security Policies and Training: Transparency, clear policies, access controls, and human-centric training via video modules.
  • Tech Industry Data Privacy and Security: Concerns over Apple's data collection, security risks for tech workers, and the role of partnerships.
  • AI Adoption and Security Measures: Understanding triggers, building playbooks, AI for IP theft prevention, and new AI-related features.
  • Insights on AI and Machine Learning: Preventing IP theft and the importance of audience communication.

About Our Guest, Clea Ostendorf

Clea brings a diverse background in application security, product management, and sales to her current role as Field CISO at Code42. She is a thought leader on the complexities of data protection and employee privacy, especially with regulations such as GDPR and CCPA.

Challenges of Data Security in a Remote Workforce

As Field CISO at Code42, Clea assesses an organization's business drivers for insider risk initiatives and develops solutions that align security measures with business outcomes. She compares two approaches to data security and privacy: strict enforcement vs. transparent collaboration. Transparency builds trust, educates employees, and fosters a more robust security culture.

Shadow IT refers to using personal devices, unapproved software, or external vendors without proper procurement, posing risks like security breaches and compliance issues. Code42's solutions, including the Instructor Module, provide empathetic video training to guide users in following data protection policies and best practices. The solutions also detect and mitigate risks associated with shadow IT.

Clea shares practical examples and real-world anecdotes to illustrate the challenges of detecting insider threats and mitigating shadow IT risks. She advocates for collaboration between security vendors and customers to develop holistic security strategies that leverage cutting-edge technologies such as AI and machine learning.

Explore workplace data protection, legal risk management, transparent policies, and AI's role in preventing IP theft with Clea Ostendorf. Discover the significance of collaboration, transparency, and human-centric approaches in data security alongside insights on shadow IT challenges and Code42's solutions.


The “In Security” podcast brings you conversations and thoughts on the shifting landscape of security, Governance, Risk, and Compliance (GRC), technology, and beyond. Featuring insights from industry executives and leaders in cybersecurity and GRC, we explore the crucial strategies, trends, and stories shaping our ever-evolving digital world.

Subscribe to our newsletter for the latest in Security, GRC and GTM:

No items found.
No items found.
Nirvana Karkee
Content Writer