Better Connected

Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell

Laura Bell

September 02, 2015

Tweet

More Decks by Laura Bell

See All by Laura Bell

DIY security for the amateur superhero

0

280

Hackcon 11 - Protecting our people

0

240

Security in a container based world

0

150

Securing Microservice Architectures

2

360

Continuous Security

3

1.2k

Automated Human Vulnerability Scanning with AVA

3

2.7k

Blindsided by security

0

130

Practical tools for privacy audit

0

210

For the greater good? Open sourcing weaponisable code

1

340

Other Decks in Technology

See All in Technology

クレジットカード決済基盤を支えるSRE - 厳格な監査とSRE運用の両立 (SRE Kaigi 2026)

6

2.7k

【Oracle Cloud ウェビナー】[Oracle AI Database + AWS] Oracle Database@AWSで広がるクラウドの新たな選択肢とAI時代のデータ戦略

oracle4engineer

PRO

2

140

AI駆動PjMの理想像と現在地 -実践例を添えて-

masahiro_okamura

1

110

Claude_CodeでSEOを最適化する_AI_Ops_Community_Vol.2__マーケティングx_AIはここまで進化した.pdf

2

550

ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか

0

230

StrandsとNeptuneを使ってナレッジグラフを構築する

1

110

All About Sansan – for New Global Engineers

PRO

1

1.3k

Data Hubグループ紹介資料

PRO

0

2.7k

データ民主化のための LLM 活用状況と課題紹介（IVRy の場合）

2

700

Azure Durable Functions で作った NL2SQL Agent の精度向上に取り組んだ話/jat08

0

180

Codex 5.3 と Opus 4.6 にコーポレートサイトを作らせてみた / Codex 5.3 vs Opus 4.6

0

140

AI駆動開発を事業のコアに置く

1

170

Featured

See All Featured

Dealing with People You Can't Stand - Big Design 2015

367

27k

Improving Core Web Vitals using Speculation Rules API

sergeychernyshev

21

1.4k

Tell your own story through comics

1

810

How to Talk to Developers About Accessibility

2

130

Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)

0

350

Impact Scores and Hybrid Strategies: The future of link building

tamaranovitovic

0

200

Color Theory Basics | Prateek | Gurzu

0

200

ピンチをチャンスに：未来をつくるプロダクトロードマップ #pmconf2020

128

55k

Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI

0

64

Believing is Seeing

1

54

186

16k

Groundhog Day: Seeking Process in Gaming for Health

0

92

Transcript

Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected] h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs •  PGP, S/Mime, SSL Mul=ple ﬁnancial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=ﬁers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected] h6p:/ /safestack.io Questions?