Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Better Connected
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Laura Bell
September 02, 2015
Technology
84
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Better Connected
Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 02, 2015
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
300
Hackcon 11 - Protecting our people
ladynerd
0
250
Security in a container based world
ladynerd
0
170
Securing Microservice Architectures
ladynerd
2
370
Continuous Security
ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
150
Practical tools for privacy audit
ladynerd
0
230
For the greater good? Open sourcing weaponisable code
ladynerd
1
350
Other Decks in Technology
See All in Technology
DevOps Agentで始めるAWS運用 〜フロンティアエージェントが変える運用の現場〜
nyankotaro
1
400
【NRUG vol.18】KubernetesにおけるNew Relicデータ取得量削減の考え方
nrug_member
0
110
EventBridge Connection
_kensh
5
700
AIのReact習熟度を測る
uhyo
2
290
Claude Code×Terraform IaC テンプレート駆動開発
itouhi
1
510
2026TECHFRESH畢業分享會 - 葬送的通靈師:化系統與用戶雜訊成行動訊號
line_developers_tw
PRO
0
920
Oracle AI Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
6
1.5k
連合学習と機密コンピューティング
lycorptech_jp
PRO
0
110
脆弱性対応、どこで線を引くか
rymiyamoto
1
380
AIソロプレナー時代に2ヶ月で20人増員した事業創造会社の開発組織の話
miyatakoji
0
640
Claude Codeをどのように キャッチアップしているか
oikon48
12
7.4k
あなたの AI ワークスペースに、 専門コーダーを連れてくる - Amazon Quick Desktop 最新情報
kawaji_scratch
1
130
Featured
See All Featured
What's in a price? How to price your products and services
michaelherold
247
13k
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
1
610
Visualization
eitanlees
152
17k
How to Grow Your eCommerce with AI & Automation
katarinadahlin
PRO
1
200
Google's AI Overviews - The New Search
badams
0
1k
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
2
850
HDC tutorial
michielstock
2
710
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
360
30k
The Power of CSS Pseudo Elements
geoffreycrofte
82
6.3k
Scaling GitHub
holman
464
140k
Exploring anti-patterns in Rails
aemeredith
3
400
How to build a perfect <img>
jonoalderson
1
5.6k
Transcript
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs • PGP, S/Mime, SSL Mul=ple financial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=fiers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Questions?
ladynerd
nyankotaro
nrug_member
_kensh
uhyo
itouhi
line_developers_tw
oracle4engineer
lycorptech_jp
rymiyamoto
miyatakoji
oikon48
kawaji_scratch
michaelherold
katarinadahlin
eitanlees
badams
tomoyanonymous
michielstock
bermonpainter
geoffreycrofte
holman
aemeredith
jonoalderson
