Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Better Connected

Laura Bell
September 02, 2015
Technology
0
61

Better Connected

Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell

Laura Bell

September 02, 2015
Tweet

More Decks by Laura Bell

See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
250
Hackcon 11 - Protecting our people
ladynerd
0
230
Security in a container based world
ladynerd
0
140
Securing Microservice Architectures
ladynerd
2
350
Continuous Security
ladynerd
3
1.1k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
91
Practical tools for privacy audit
ladynerd
0
180
For the greater good? Open sourcing weaponisable code
ladynerd
1
320

Other Decks in Technology

See All in Technology
低レイヤを知りたいPHPerのためのCコンパイラ作成入門 / Building a C Compiler for PHPers Who Want to Dive into Low-Level Programming
tomzoh
0
120
製造業の会計システムをDDDで開発した話
caddi_eng
3
1.1k
職種に名前が付く、ということ/The fact that a job title has a name
bitkey
1
280
ソフトウェア開発現代史: なぜ日本のソフトウェア開発は「滝」なのか?製造業の成功体験とのギャップ #jassttokyo
takabow
3
1.8k
サーバシステムを無理なくコンテナ移行する際に伝えたい4つのポイント/Container_Happy_Migration_Method
ozawa
1
130
ルートユーザーの活用と管理を徹底的に深掘る
yuobayashi
8
750
OSSコントリビュートをphp-srcメンテナの立場から語る / OSS Contribute
sakitakamachi
0
730
コドモンのQAの今までとこれから -XPによる成長と見えてきた課題-
masasuna
0
160
Cline、めっちゃ便利、お金が飛ぶ💸
iwamot
22
19k
モンテカルロ木探索のパフォーマンスを予測する Kaggleコンペ解説 〜生成AIによる未知のゲーム生成〜
rist
4
1.3k
LINEギフトのLINEミニアプリアクセシビリティ改善事例
lycorptech_jp
PRO
0
330
「それはhowなんよ〜」のガイドライン #orestudy
77web
9
2.3k

Featured

See All Featured
Build your cross-platform service in a week with App Engine
jlugia
229
18k
Rails Girls Zürich Keynote
gr2m
94
13k
A better future with KSS
kneath
239
17k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
135
33k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
160
15k
GitHub's CSS Performance
jonrohan
1030
460k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
[RailsConf 2023] Rails as a piece of cake
palkan
53
5.4k
Code Review Best Practice
trishagee
67
18k
StorybookのUI Testing Handbookを読んだ
zakiyama
28
5.6k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
118
51k
Done Done
chrislema
183
16k

Transcript

  1. Laura Bell Founder  and  Lead  Consultant  -­‐  SafeStack @lady_nerd  

     laura@safestack.io   h6p:/ /safestack.io   Better connected

  2. this  is  a  story  about  security

  3. PEOPLE   TECHNOLOGY   PROCESS   CULTURE   ORGANISATION  

  4. None
  5. None

  6. 87  ac=ve  usernames  and  passwords • 7  Twi6er  accounts • 1  Facebook

    28  second  factor  authorisa=on  tokens • 22  applica=on  based • 6  SMS  code  based • 280  backup  codes Mul=ple  encryp=on  keys  &  certs •  PGP,  S/Mime,  SSL Mul=ple  financial  iden==es • 7  taxa=on  accounts • 6  na=onal  banking  iden=fiers • 3  payment  processors
  7. None
  8. None

  9. PART  OF  THE  PROBLEM

  10. 93%  organiza=ons  use  poor  quality,   shared  passwords  and  do

     not  change  them   when  people  leave

  11. 80%  organiza=ons  use  produc=on  data  in   test  environments

  12. We  don’t  understand  our  own   environments  and  technology  suites

  13. None

  14. PART  OF  THE  SOLUTION

  15. SORT  OUT  THE  BASICS. NO  EXCUSES PASSWORD   MANAGEMENT BACKUPS

    ROLES PERMISSIONS LANGUAGE PROTECTING   PRODUCTION   DATA

  16. DATA  IS  A  PRIVILEGE …  store  less

  17. WORDS  ARE  EXPENSIVE say  less,  communicate  more

  18. YOU  CANNOT  REMOVE  RISK by  making  things  more  complex

  19. EXPOSE  YOUR  VULNERABILITY focus  on  visibility  and  survival

  20. EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE

  21. we  live  in  a  connected  world

  22. None

  23. go  protect  it  together

  24. Laura Bell Founder  and  Lead  Consultant  -­‐  SafeStack @lady_nerd  

     laura@safestack.io   h6p:/ /safestack.io   Questions?