Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Better Connected
Search
Laura Bell
September 02, 2015
Technology
0
69
Better Connected
Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 02, 2015
Tweet
Share
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
260
Hackcon 11 - Protecting our people
ladynerd
0
230
Security in a container based world
ladynerd
0
150
Securing Microservice Architectures
ladynerd
2
350
Continuous Security
ladynerd
3
1.1k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
97
Practical tools for privacy audit
ladynerd
0
190
For the greater good? Open sourcing weaponisable code
ladynerd
1
320
Other Decks in Technology
See All in Technology
Grafana MCP serverでなんかし隊 / Try Grafana MCP server
kohbis
0
310
Snowflake Intelligenceで実現できるノーコードAI活用
takumimukaiyama
1
170
基調講演: 生成AIを活用したアプリケーションの開発手法とは?
asei
1
110
Contract One Engineering Unit 紹介資料
sansan33
PRO
0
6.3k
Monorepo Error Management: Automated Runbooks and Team-Targeted Alert Distribution
biwashi
1
150
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
7.1k
Introduction to Sansan Meishi Maker Development Engineer
sansan33
PRO
0
280
Drawing with LLMs
rist
0
250
Agent Development Kit によるエージェント開発入門
enakai00
19
3k
AI Engineering Summit Pre Event LT #10
okaru
2
560
本部長の代わりに提案書レビュー! KDDI営業が毎日使うAIエージェント「A-BOSS」開発秘話
minorun365
PRO
9
1.2k
Test Smarter, Not Harder: Achieving Confidence in Complex Distributed Systems
eliasnogueira
1
150
Featured
See All Featured
Typedesign – Prime Four
hannesfritz
42
2.7k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3k
It's Worth the Effort
3n
184
28k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
770
Why You Should Never Use an ORM
jnunemaker
PRO
56
9.4k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.5k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Writing Fast Ruby
sferik
628
61k
What's in a price? How to price your products and services
michaelherold
245
12k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
16
910
Transcript
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs • PGP, S/Mime, SSL Mul=ple financial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=fiers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Questions?