Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Better Connected
Search
Laura Bell
September 02, 2015
Technology
0
59
Better Connected
Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 02, 2015
Tweet
Share
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
240
Hackcon 11 - Protecting our people
ladynerd
0
220
Security in a container based world
ladynerd
0
140
Securing Microservice Architectures
ladynerd
2
340
Continuous Security
ladynerd
3
1.1k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
85
Practical tools for privacy audit
ladynerd
0
180
For the greater good? Open sourcing weaponisable code
ladynerd
1
310
Other Decks in Technology
See All in Technology
コンテナサプライチェーンセキュリティ
kyohmizu
1
130
php-conference-nagoya-2025
fuwasegu
0
140
2/18/25: Java meets AI: Build LLM-Powered Apps with LangChain4j
edeandrea
PRO
0
160
AIエージェント時代のエンジニアになろう #jawsug #jawsdays2025 / 20250301 Agentic AI Engineering
yoshidashingo
3
190
Classmethod AI Talks(CATs) #17 司会進行スライド(2025.02.19) / classmethod-ai-talks-aka-cats_moderator-slides_vol17_2025-02-19
shinyaa31
0
170
ビジネスモデリング道場 目的と背景
masuda220
PRO
9
690
ディスプレイ広告(Yahoo!広告・LINE広告)におけるバックエンド開発
lycorptech_jp
PRO
0
210
Goで作って学ぶWebSocket
ryuichi1208
3
2.4k
設計を積み重ねてシステムを刷新する
sansantech
PRO
0
130
Swiftの “private” を テストする / Testing Swift "private"
yutailang0119
0
140
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
18k
Raycast AI APIを使ってちょっと便利な拡張機能を作ってみた / created-a-handy-extension-using-the-raycast-ai-api
kawamataryo
0
190
Featured
See All Featured
Rails Girls Zürich Keynote
gr2m
94
13k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
27
1.9k
How to Think Like a Performance Engineer
csswizardry
22
1.4k
Java REST API Framework Comparison - PWX 2021
mraible
29
8.4k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
100
18k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
114
50k
Practical Orchestrator
shlominoach
186
10k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
6
570
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
30
4.6k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
RailsConf 2023
tenderlove
29
1k
The Cult of Friendly URLs
andyhume
78
6.2k
Transcript
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
laura@safestack.io h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs • PGP, S/Mime, SSL Mul=ple financial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=fiers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
laura@safestack.io h6p:/ /safestack.io Questions?
ladynerd
kyohmizu
fuwasegu
edeandrea
yoshidashingo
shinyaa31
masuda220
lycorptech_jp
ryuichi1208
sansantech
yutailang0119
safie_recruit
kawamataryo
gr2m
marcduiker
csswizardry
mraible
panda_program
aki_iinuma
shlominoach
irinanazarova
kevinliebholz
aarron
tenderlove
andyhume
