Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura BellFounder and Lead Consultant -‐ SafeStack @lady_nerd [email protected] h6p://safestack.io Better connected
View Slide
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook 28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs • PGP, S/Mime, SSL Mul=ple financial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=fiers • 3 payment processors
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
go protect it together
Laura BellFounder and Lead Consultant -‐ SafeStack @lady_nerd [email protected] h6p://safestack.io Questions?
ladynerd
taichinakamura
minorun365
etaroid
stefafafan
yuj1osm
muziyoshiz
dahatake
ysasago
masasuzu
cimadai
cybozuinsideout
onlinesalon
dotmariusz
akosma
bcantrill
mza
wjessup
jmmastey
keathley
danielanewman
mthomps
zakiwarfel
jennybc
tammyeverts