Philosophy ● TaskRabbit is an online marketplace. ● TaskRabbit is a tech startup. ● We only hire smart people ● This means that if you work here, you are smart and you know about technology. ○ We trust you to be safe, and we trust you to know what you are doing. ○ Your peers are here here to teach you. ○ Therefore, we don’t need to have heavy-handed IT policies. ● Please don’t prove me wrong!
Philosophy (part 2) The scary part: ● We deal with Millions of Dollars every month ● Credit Cards, Social Security Numbers, Addresses, Phones number, and more all flow through our systems ● We are a famous company with a famous team ● Some of our company actions have (and will continue to) upset people We are a very desirable target.
Disk Encryption: FileVault What: Even with a password on your laptop, someone could steal your laptop and plug it into another computer and read everything on your hard drive Solution: Encrypt everything so that only the combination of OSX + your account password can read it At what cost: If you ever forget your password, no one can recover your data (we’ll cover password management later)
Back it up: Google Drive What: Stuff Breaks. This includes computers. YOU are responsible for your own backups. Many of the tools we have chosen as a company (Google Docs, Git, etc) already back things up for you. Solution: Backup your stuff! At what cost: None if you set it up properly!
Back it up: Google Drive At TaskRabbit you have free, UNLIMITED drive space on your Google Drive. Don’t store important files on your Desktop or Documents folder. Store them in your google drive. For bonus points, you can actually delete your Desktop and Documents folder and create Symlinks/Aliases back to similarly named folders in your Google Drive. Visit drive.google.com to get started. Log in with your TaskRabbit account.
2-Factor Authentication What: You can have your password stolen. Vendors which accept your password can get hacked. People can ruin your lives. Having 2-factor auth means that a second “factor” (your phone) is required to log in Solution: Turn on 2 factor auth. At what cost: It’s annoying to check your phone when you log in. WE ARE TURNING ON 2-FACTOR AUTH FOR GOOGLE APPS/EMAIL/CALENDAR
2-Factor Authentication There are many options for 2 factor auth applications: ● Google Authenticator (free) Simple, just on your phone ● Authy (free) syncs between many phones and your desktop ● 1Password ($$) Syncs between many devices (via Dropbox/Google Drive)
Password Management What: You can have your password stolen. Vendors which accept your password can get hacked. You should use complex and unique passwords every time you need a password Solution: Use a password manager. At what cost: Plugins now exist for all browsers, phones, etc… but you have to be very diligent and make a new password for *every* site you use
Password Management ● KeyPass (free) The granddaddy; confusing matrix of products and sync options ● 1Password ($$) Syncs between many devices (via Dropbox)
evantahler
forcia_dev_pr
interu
weblyzard
onlinesalon
hankehly
iselegant
red_frasco
kadogen_0527
nozomiito
zakiyama
k9i
matsumoto_r
dougneiner
danielanewman
samlambert
trishagee
paulrobertlloyd
notwaldorf
stephaniewalter
dotmariusz
holman
nonsquared
bcantrill