Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Better Connected
Search
Laura Bell
September 02, 2015
Technology
0
71
Better Connected
Lightning talk presented at Microsoft Ignite NZ 2015 by Laura Bell
Laura Bell
September 02, 2015
Tweet
Share
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
270
Hackcon 11 - Protecting our people
ladynerd
0
240
Security in a container based world
ladynerd
0
150
Securing Microservice Architectures
ladynerd
2
360
Continuous Security
ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
110
Practical tools for privacy audit
ladynerd
0
200
For the greater good? Open sourcing weaponisable code
ladynerd
1
320
Other Decks in Technology
See All in Technology
Green Tea Garbage Collector の今
zchee
PRO
2
390
DataOpsNight#8_Terragruntを用いたスケーラブルなSnowflakeインフラ管理
roki18d
1
340
関係性が駆動するアジャイル──GPTに人格を与えたら、対話を通してふりかえりを 習慣化できた話
mhlyc
0
130
GA technologiesでのAI-Readyの取り組み@DataOps Night
yuto16
0
270
多野優介
tanoyusuke
1
430
SoccerNet GSRの紹介と技術応用:選手視点映像を提供するサッカー作戦盤ツール
mixi_engineers
PRO
1
170
リーダーになったら未来を語れるようになろう/Speak the Future
sanogemaru
0
280
生成AI_その前_に_マルチクラウド時代の信頼できるデータを支えるSnowflakeメタデータ活用術.pdf
cm_mikami
0
120
成長自己責任時代のあるきかた/How to navigate the era of personal responsibility for growth
kwappa
3
270
ZOZOのAI活用実践〜社内基盤からサービス応用まで〜
zozotech
PRO
0
170
pprof vs runtime/trace (FlightRecorder)
task4233
0
170
研究開発部メンバーの働き⽅ / Sansan R&D Profile
sansan33
PRO
3
20k
Featured
See All Featured
Automating Front-end Workflow
addyosmani
1371
200k
A Modern Web Designer's Workflow
chriscoyier
697
190k
Balancing Empowerment & Direction
lara
4
680
Producing Creativity
orderedlist
PRO
347
40k
Reflections from 52 weeks, 52 projects
jeffersonlam
352
21k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.6k
Bash Introduction
62gerente
615
210k
RailsConf 2023
tenderlove
30
1.2k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
114
20k
It's Worth the Effort
3n
187
28k
Testing 201, or: Great Expectations
jmmastey
45
7.7k
Transcript
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Better connected
this is a story about security
PEOPLE TECHNOLOGY PROCESS CULTURE ORGANISATION
None
None
87 ac=ve usernames and passwords • 7 Twi6er accounts • 1 Facebook
28 second factor authorisa=on tokens • 22 applica=on based • 6 SMS code based • 280 backup codes Mul=ple encryp=on keys & certs • PGP, S/Mime, SSL Mul=ple financial iden==es • 7 taxa=on accounts • 6 na=onal banking iden=fiers • 3 payment processors
None
None
PART OF THE PROBLEM
93% organiza=ons use poor quality, shared passwords and do
not change them when people leave
80% organiza=ons use produc=on data in test environments
We don’t understand our own environments and technology suites
None
PART OF THE SOLUTION
SORT OUT THE BASICS. NO EXCUSES PASSWORD MANAGEMENT BACKUPS
ROLES PERMISSIONS LANGUAGE PROTECTING PRODUCTION DATA
DATA IS A PRIVILEGE … store less
WORDS ARE EXPENSIVE say less, communicate more
YOU CANNOT REMOVE RISK by making things more complex
EXPOSE YOUR VULNERABILITY focus on visibility and survival
EVERYBODY EDUCATED EMPOWERED ACCOUNTABLE
we live in a connected world
None
go protect it together
Laura Bell Founder and Lead Consultant -‐ SafeStack @lady_nerd
[email protected]
h6p:/ /safestack.io Questions?
ladynerd
zchee
roki18d
mhlyc
yuto16
tanoyusuke
mixi_engineers
sanogemaru
cm_mikami
kwappa
zozotech
task4233
sansan33
addyosmani
chriscoyier
lara
orderedlist
jeffersonlam
reverentgeek
62gerente
tenderlove
tanoku
panda_program
3n
jmmastey
