Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Better Connected
Search
Laura Bell
September 02, 2015
Technology
0
49
Better Connected
Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 02, 2015
Tweet
Share
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
200
Hackcon 11 - Protecting our people
ladynerd
0
210
Security in a container based world
ladynerd
0
130
Securing Microservice Architectures
ladynerd
2
330
Continuous Security
ladynerd
3
1k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.6k
Blindsided by security
ladynerd
0
77
Practical tools for privacy audit
ladynerd
0
160
For the greater good? Open sourcing weaponisable code
ladynerd
1
290
Other Decks in Technology
See All in Technology
JBUG岡山 #6 WordCamp男木島の チームビルディング
takeshifurusato
0
150
E2Eテスト自動化プラットフォームにおけるAIの活用
shift_evolve
0
190
推薦システムを本番導入する上で一番優先すべきだったこと~NewsPicks記事推薦機能の改善事例を元に~
morinota
0
130
開発生産性をむしろ向上させる セキュリティパートナーの作り方 / Dev Productivity Con 2024
flatt_security
0
380
公共領域から学ぶ クラウド移行についてエンジニアが意識していること
kawakawa2222
0
140
Luupの開発組織におけるインシデントマネジメントの変遷 ver.RoadtoSRENEXT2024
grimoh
1
270
技術負債による事業の失敗はなぜ起こるのか / Why do business failures due to technical debt occur?
i35_267
0
190
スタートアップにおける組織設計とスクラムの長期戦略 / Scrum Fest Kanazawa 2024
yoshikiiida
13
3.6k
ここがすごいよ! AWS Systems Manager!
saichan11
0
1.8k
AI研修【MIXI 24新卒技術研修】
mixi_engineers
PRO
0
130
[I/O Extended Android 2024] What`s new in Android 2024
kyeongwan
0
220
【基調講演】変える、今ここから ― IoTとAIで紡ぐ未来
soracom
PRO
0
320
Featured
See All Featured
What the flash - Photography Introduction
edds
65
11k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
78
15k
How GitHub (no longer) Works
holman
305
140k
Fireside Chat
paigeccino
25
2.8k
Writing Fast Ruby
sferik
623
60k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
129
32k
Statistics for Hackers
jakevdp
792
220k
Bash Introduction
62gerente
607
210k
Adopting Sorbet at Scale
ufuk
71
8.8k
Build The Right Thing And Hit Your Dates
maggiecrowley
28
2.2k
Leading Effective Engineering Teams 2024
addyosmani
3
300
Rails Girls Zürich Keynote
gr2m
93
13k
Transcript
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs • PGP, S/Mime, SSL Mul=ple financial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=fiers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Questions?