Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Better Connected
Search
Laura Bell
September 02, 2015
Technology
0
71
Better Connected
Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 02, 2015
Tweet
Share
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
260
Hackcon 11 - Protecting our people
ladynerd
0
240
Security in a container based world
ladynerd
0
150
Securing Microservice Architectures
ladynerd
2
350
Continuous Security
ladynerd
3
1.1k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
99
Practical tools for privacy audit
ladynerd
0
200
For the greater good? Open sourcing weaponisable code
ladynerd
1
320
Other Decks in Technology
See All in Technology
AWS CDKの仕組み / how-aws-cdk-works
gotok365
8
290
OSSのSNSツール「Misskey」をさわってみよう(右下ワイプで私のOSCの20年を振り返ります) / 20250705-osc2025-do
akkiesoft
0
170
LLM時代の検索
shibuiwilliam
2
430
CDK Toolkit Libraryにおけるテストの考え方
smt7174
0
120
CDKコード品質UP!ナイスな自作コンストラクタを作るための便利インターフェース
harukasakihara
2
130
〜『世界中の家族のこころのインフラ』を目指して”次の10年”へ〜 SREが導いたグローバルサービスの信頼性向上戦略とその舞台裏 / Towards the Next Decade: Enhancing Global Service Reliability
kohbis
2
360
開発生産性を測る前にやるべきこと - 組織改善の実践 / Before Measuring Dev Productivity
kaonavi
14
6.5k
[ JAWS-UG千葉支部 x 彩の国埼玉支部 ]ムダ遣い卒業!FinOpsで始めるAWSコスト最適化の第一歩
sh_fk2
2
130
事例で学ぶ!B2B SaaSにおけるSREの実践例/SRE for B2B SaaS: A Real-World Case Study
bitkey
1
160
Glacierだからってコストあきらめてない? / JAWS Meet Glacier Cost
taishin
1
170
20250705 Headlamp: 專注可擴展性的 Kubernetes 用戶界面
pichuang
0
290
関数型プログラミングで 「脳がバグる」を乗り越える
manabeai
2
210
Featured
See All Featured
BBQ
matthewcrist
89
9.7k
How GitHub (no longer) Works
holman
314
140k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.8k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
7
740
StorybookのUI Testing Handbookを読んだ
zakiyama
30
5.9k
Building a Modern Day E-commerce SEO Strategy
aleyda
42
7.4k
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3.3k
Scaling GitHub
holman
460
140k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
46
9.6k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
Thoughts on Productivity
jonyablonski
69
4.7k
Transcript
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs • PGP, S/Mime, SSL Mul=ple financial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=fiers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Questions?