Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Better Connected
Search
Laura Bell
September 02, 2015
Technology
83
0
Share
Better Connected
Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 02, 2015
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
300
Hackcon 11 - Protecting our people
ladynerd
0
250
Security in a container based world
ladynerd
0
160
Securing Microservice Architectures
ladynerd
2
370
Continuous Security
ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
140
Practical tools for privacy audit
ladynerd
0
230
For the greater good? Open sourcing weaponisable code
ladynerd
1
350
Other Decks in Technology
See All in Technology
AIガバナンス実践 - 生成AIコネクタのデータ漏洩リスクと実務対策
knishioka
0
110
サプライチェーン攻撃への備えについて考えている #湘なんか
stefafafan
3
2.4k
管理アカウント単一運用からAWS Organizationsに移行するの大変で滅
hiramax
0
260
Java正規表現エンジン(NFA)の仕組みと パフォーマンスを維持するための最適化手法
takeuchi_132917
0
120
Strands Agents超入門
kintotechdev
1
130
インフラが苦手でも大丈夫! 紙芝居 Kubernetes -WWGT 10周年編-
aoi1
1
260
責任あるソフトウェアエンジニアリングの紹介4章・5章 / RSE_Ch4-5
ido_kara_deru
0
350
さきさん文庫の書籍ができるまで
sakiengineer
0
270
checker.tsにチキンレースを仕掛けてみた:型エラー(TS2589)が発生する境界線を求めて
hal_spidernight
1
210
layerx-fde-practices
cipepser
6
2.8k
RubyでRuby拡張を書いたらRubyより35倍速になったってどういうこと??
kazuho
3
650
最低限これだけ押さえれ大丈夫_Claude Enterprise/Team企業展開ガバナンス入門
tkikuchi
1
270
Featured
See All Featured
The Impact of AI in SEO - AI Overviews June 2024 Edition
aleyda
5
1.1k
For a Future-Friendly Web
brad_frost
183
10k
KATA
mclloyd
PRO
35
15k
Side Projects
sachag
455
43k
What’s in a name? Adding method to the madness
productmarketing
PRO
24
4k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
37
6.4k
Stewardship and Sustainability of Urban and Community Forests
pwiseman
0
210
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
55k
Everyday Curiosity
cassininazir
0
210
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
370
Leveraging Curiosity to Care for An Aging Population
cassininazir
1
250
How to Think Like a Performance Engineer
csswizardry
28
2.6k
Transcript
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs • PGP, S/Mime, SSL Mul=ple financial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=fiers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Questions?
ladynerd
knishioka
stefafafan
hiramax
takeuchi_132917
kintotechdev
.jpg){kind=avatar}
aoi1
ido_kara_deru
sakiengineer
hal_spidernight
cipepser
kazuho
tkikuchi
aleyda
brad_frost
mclloyd
sachag
productmarketing
kevinliebholz
pwiseman
aki_iinuma
cassininazir
skipperchong
csswizardry
