Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Better Connected

Laura Bell
September 02, 2015
Technology
0
61

Better Connected

Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell

Laura Bell

September 02, 2015
Tweet

More Decks by Laura Bell

See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
250
Hackcon 11 - Protecting our people
ladynerd
0
230
Security in a container based world
ladynerd
0
140
Securing Microservice Architectures
ladynerd
2
350
Continuous Security
ladynerd
3
1.1k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
89
Practical tools for privacy audit
ladynerd
0
180
For the greater good? Open sourcing weaponisable code
ladynerd
1
320

Other Decks in Technology

See All in Technology
ペアーズにおけるData Catalog導入の取り組み
hisamouna
0
210
Restarting_SRE_Road_to_SRENext_.pdf
_awache
0
170
初めてのPostgreSQLメジャーバージョンアップ
kkato1
0
470
お問い合わせ対応の改善取り組みとその進め方
masartz
1
430
Go の analysis パッケージで自作するリファクタリングツール
kworkdev
PRO
1
430
17年のQA経験が導いたスクラムマスターへの道 / 17 Years in QA to Scrum Master
toma_sm
0
420
コード品質向上で得られる効果と実践的取り組み
ham0215
2
210
Cline、めっちゃ便利、お金が飛ぶ💸
iwamot
20
19k
20250328_OpenAI製DeepResearchは既に一種のAGIだと思う話
doradora09
PRO
0
160
近年の PyCon 情勢から見た PyCon APAC のまとめ
terapyon
0
130
Javaの新しめの機能を知ったかぶれるようになる話 #kanjava
irof
3
5k
Tirez profit de Messenger pour améliorer votre architecture
tucksaun
1
160

Featured

See All Featured
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.4k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
40
2k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
Art, The Web, and Tiny UX
lynnandtonic
298
20k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
12
1.4k
Become a Pro
speakerdeck
PRO
27
5.2k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
39
7.2k
Gamification - CAS2011
davidbonilla
81
5.2k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
25k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
233
17k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
29
2k
How to train your dragon (web standard)
notwaldorf
91
5.9k

Transcript

  1. Laura Bell Founder  and  Lead  Consultant  -­‐  SafeStack @lady_nerd  

     [email protected]   h6p:/ /safestack.io   Better connected

  2. this  is  a  story  about  security

  3. PEOPLE   TECHNOLOGY   PROCESS   CULTURE   ORGANISATION  

  4. None
  5. None

  6. 87  ac=ve  usernames  and  passwords • 7  Twi6er  accounts • 1  Facebook

    28  second  factor  authorisa=on  tokens • 22  applica=on  based • 6  SMS  code  based • 280  backup  codes Mul=ple  encryp=on  keys  &  certs •  PGP,  S/Mime,  SSL Mul=ple  financial  iden==es • 7  taxa=on  accounts • 6  na=onal  banking  iden=fiers • 3  payment  processors
  7. None
  8. None

  9. PART  OF  THE  PROBLEM

  10. 93%  organiza=ons  use  poor  quality,   shared  passwords  and  do

     not  change  them   when  people  leave

  11. 80%  organiza=ons  use  produc=on  data  in   test  environments

  12. We  don’t  understand  our  own   environments  and  technology  suites

  13. None

  14. PART  OF  THE  SOLUTION

  15. SORT  OUT  THE  BASICS. NO  EXCUSES PASSWORD   MANAGEMENT BACKUPS

    ROLES PERMISSIONS LANGUAGE PROTECTING   PRODUCTION   DATA

  16. DATA  IS  A  PRIVILEGE …  store  less

  17. WORDS  ARE  EXPENSIVE say  less,  communicate  more

  18. YOU  CANNOT  REMOVE  RISK by  making  things  more  complex

  19. EXPOSE  YOUR  VULNERABILITY focus  on  visibility  and  survival

  20. EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE

  21. we  live  in  a  connected  world

  22. None

  23. go  protect  it  together

  24. Laura Bell Founder  and  Lead  Consultant  -­‐  SafeStack @lady_nerd  

     [email protected]   h6p:/ /safestack.io   Questions?