Better Connected

September 02, 2015

73

Better Connected

Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell

Laura Bell

September 02, 2015

Tweet

More Decks by Laura Bell

See All by Laura Bell

DIY security for the amateur superhero

0

270

Hackcon 11 - Protecting our people

0

240

Security in a container based world

0

150

Securing Microservice Architectures

2

360

Continuous Security

3

1.2k

Automated Human Vulnerability Scanning with AVA

3

2.7k

Blindsided by security

0

130

Practical tools for privacy audit

0

210

For the greater good? Open sourcing weaponisable code

1

330

Other Decks in Technology

See All in Technology

会社紹介資料 / Sansan Company Profile

PRO

12

400k

Kaggleコンペティション「MABe Challenge - Social Action Recognition in Mice」振り返り

1

560

スクラムマスターが スクラムチームに入って取り組む5つのこと - スクラムガイドには書いてないけど入った当初から取り組んでおきたい大切なこと -

3

2.2k

Digitization部紹介資料

PRO

1

6.6k

田舎で20年スクラム（後編）：一個人が企業で長期戦アジャイルに挑む意味

1

1.6k

ALB「証明書上限問題」からの脱却

0

220

【Oracle Cloud ウェビナー】ランサムウェアが突く「侵入の隙」とバックアップの「死角」～過去の教訓に学ぶ — 侵入前提の防御とデータ保護～

oracle4engineer

PRO

0

140

Sansan Engineering Unit 紹介資料

PRO

1

3.7k

モノタロウ x クリエーションラインで実現するチームトポロジーにおけるプラットフォームチーム・ストリームアラインドチームの効果的なコラボレーション

0

980

Java 25に至る道

3

230

ソフトとハード両方いけるデータ人材の育て方

1

480

Databricks Free Editionで始めるLakeflow SDP

0

140

Featured

See All Featured

Primal Persuasion: How to Engage the Brain for Learning That Lasts

0

200

Sam Torres - BigQuery for SEOs

PRO

0

170

Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI

0

48

16th Malabo Montpellier Forum Presentation

PRO

0

40

Visual Storytelling: How to be a Superhuman Communicator

2

410

Public Speaking Without Barfing On Your Shoes - THAT 2023

1

290

AI: The stuff that nobody shows you

PRO

2

180

Design and Strategy: How to Deal with People Who Don’t "Get" Design

133

19k

コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI

58

41k

A brief & incomplete history of  UX Design for the World Wide Web: 1989–2019

1

280

Testing 201, or: Great Expectations

46

7.9k

Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure

48

9.8k

Transcript

Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected] h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs •  PGP, S/Mime, SSL Mul=ple ﬁnancial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=ﬁers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected] h6p:/ /safestack.io Questions?