Netflix announced on Tuesday the open source release of Stethoscope, a web application that collects information on a user’s devices and provides recommendations for better security.
Following a user focused approach to security, Stethoscope "acknowledges that attacks against corporate users are the primary mechanism leading to security incidents and data breaches," according to the blog. Stethoscope is available now on GitHub for other companies to download and use as well.
Netflix says because it can’t control its employee’s personal devices, investing in employee education and security training is the best option for protecting its own networks.
Netflix believes basic user training on the reality of threats like phishing emails and the importance of creating difficult passwords can go a long way in protecting an enterprise's data. Providing personalized, actionable information and education minus heavy-handed policy enforcement is a better way to improve overall enterprise network security, according to Netflix.
The company also wants to guide its employees in making such security improvements themselves, without having to involve the help desk, which can save the company money and allow their technicians to focus on bigger problems.
By open-sourcing the security tool, the streaming-giant is wants other organizations to benefit.
People are often the weakest link when it comes to enterprise network security, particularly given the rise of phishing emails, but experts say a little education can go a long way.