Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Better Connected
Search
Laura Bell
September 02, 2015
Technology
0
73
Better Connected
Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 02, 2015
Tweet
Share
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
270
Hackcon 11 - Protecting our people
ladynerd
0
240
Security in a container based world
ladynerd
0
150
Securing Microservice Architectures
ladynerd
2
360
Continuous Security
ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
110
Practical tools for privacy audit
ladynerd
0
200
For the greater good? Open sourcing weaponisable code
ladynerd
1
330
Other Decks in Technology
See All in Technology
技術広報のOKRで生み出す 開発組織への価値 〜 カンファレンス協賛を通して育む学びの文化 〜 / Creating Value for Development Organisations Through Technical Communications OKRs — Nurturing a Culture of Learning Through Conference Sponsorship —
pauli
5
330
旧から新へ: 大規模ウェブクローラの Perl から Go への移行 / YAPC::Fukuoka 2025
motemen
3
920
持続可能なアクセシビリティ開発
azukiazusa1
4
120
AWS資格は取ったけどIAMロールを腹落ちできてなかったので、年内に整理してみた
hiro_eng_
0
230
重厚長大企業で、顧客価値をスケールさせるためのプロダクトづくりとプロダクト開発チームづくりの裏側 / Developers X Summit 2025
mongolyy
0
100
ABEMAのCM配信を支えるスケーラブルな分散カウンタの実装
hono0130
3
540
『HOWはWHY WHATで判断せよ』 〜『ドメイン駆動設計をはじめよう』の読了報告と、本質への探求〜
panda728
PRO
5
1.9k
re:Invent完全攻略ガイド
junjikoide
1
360
[mercari GEARS 2025] Keynote
mercari
PRO
1
280
今、MySQLのバックアップを作り直すとしたら何がどう良いのかを考える旅
yoku0825
2
390
はじめての OSS コントリビューション 〜小さな PR が世界を変える〜
chiroito
4
330
Moto: Latent Motion Token as the Bridging Language for Learning Robot Manipulation from Videos
peisuke
0
150
Featured
See All Featured
Docker and Python
trallard
46
3.6k
Practical Orchestrator
shlominoach
190
11k
Testing 201, or: Great Expectations
jmmastey
46
7.8k
The Illustrated Children's Guide to Kubernetes
chrisshort
51
51k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
658
61k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.5k
RailsConf 2023
tenderlove
30
1.3k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
35
3.2k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
140
34k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
48
9.8k
A better future with KSS
kneath
239
18k
Navigating Team Friction
lara
190
15k
Transcript
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs • PGP, S/Mime, SSL Mul=ple financial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=fiers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Questions?
ladynerd
pauli
motemen
azukiazusa1
hiro_eng_
mongolyy
hono0130
panda728
junjikoide
mercari
yoku0825
chiroito
peisuke
trallard
shlominoach
jmmastey
chrisshort
lemiorhan
philnash
tenderlove
rmw
eileencodes
mongodb
kneath
lara
