SlideShare a Scribd company logo

Mack Hardy: Five practical things you can do to secure your online self. Policies, 2FA, password managers, and more.

NetSquared Vancouver
NetSquared Vancouver

You have a lot of data! How can you keep your member and client information secure? What legal rules does you nonprofit need to follow when it comes to data hosting? What tools and apps won't get your in trouble? We have four experts who will answer all your questions. * Alejandra Brown: Introduction to privacy and overview of privacy and data residency rules that apply to BC nonprofits. * Mack Hardy: Five practical things you can do to secure your online self. Policies, 2FA, password managers, and more. * Damien Norris: A suite of curated tools that organizations can use to locally/securely replace the US owned cloud services in their lives. * Kris Constable: IDVPN: a VPN for complying with justistional regulations.

Data & Analytics
1 of 25
Download to read offline
5 basic ways to improve the digital security of your organization Presented by Mack Hardy, 
 CEO Affinity Bridge
 October 14th, 2019
#1 Cultivate a Security Mindset
● Identify organizational assets
 ● Who has access or control?
 ● What are the risks?
 ● How do we safeguard? 3 Risk Analysis
● What are the threats to organizational assets? ● Who might unauthorized stakeholders be?
 ● What are mitigation strategies?
 ● Physical security sufficient? 4 Threat Model
● Everyone in the org needs to share the security mindset
 ● Ensure on-boarding includes security training
 ● Make an accessible security policy
 ● Review and reassess regularly as a team 5 Security Mindset and Training
#2 Passwords and 2FA
● Keep passwords secret
 ● Password quality
 ● Use a password keeper
 ● Use 2FA for key access 7 Passwords and 2FA
● Make passwords longer
 12-20+ characters ● Make passwords unique ● Don’t need to be able to remember them
 ● Don’t email or store in plain text 8 Password Quality M@k3
 B3tt3R P@$$w0rd$
● Team management of credentials
 ● Access control management by Vault
 ● Checks for duplicate and weak passwords
 ● Generates strong passwords 9 Password Keepers
● Protect important accounts with 2FA
 ● Shared access possible w Google Authenticator
 ● Might feel like a hassle, but so is losing your domain or email provider
 10 2FA - Two Factor Authentication
#3 Harden your communication
● Signal or Wire for secure messaging
 ● Caution: FaceBook Messenger and WhatsApp - consider the source
 12 Secure Messaging
● On public wifi, use a VPN service to encrypt your communications and hide your location
 ● Use HTTPS everywhere
 
 13 VPN and HTTPS
● SPF - Sender Policy Framework
 ● DMARC - Domain-based Message Authentication, Reporting & Conformance
 ● DKIM - DomainKeys Identified Mail 14 Validate Email Senders
#4 Reduce your attack surface

● Monitor for know viruses and malware with an antivirus
 ● Use one across the organization 16 Anti-Virus
● Pi-Hole - DNS level ad blocking
 ● Privacy Badger - EFF.org ad blocker 17 Ad blocking and Trackers
● Be wary of browser extensions, app installs
 ● Be careful of what data is disclosed to app providers
 ● Double check URLs in email 
 ● Use HTTPS urls
 18 Preventing Phishing
● Keep operating system updates current
 ● Update Firmware on routers
 ● Update website codebase regularly, budget for help with this
 ● Monitor security disclosures for platforms you use 19 Limit Zero-day exploits
#5 
 Protect Organizational Data
● Backup computers
 ● Keep offsite backups 
 ● Automate backup process
 ● Test recovery from backups 21 Backups
● Clean up cloud storage, use less services
 ● Delete old email accounts, email with credentials, or personally identifiable data
 ● CRM - keep active records, archive older records 22 Clean your closet
● Data Liability - think about what data you are storing, and why - where is it stored? - whats your disclosure risk? - who is liable in the event of breach
 - what is the impact on your constituents - delegate some risk
 ● Consider insurance options 23 Liability and Insurance
● Add a proxy / cache like CloudFlare or Varnish
 ● Harden CMS login
 ● Add Captcha on forms
 ● Audit admin accounts
 ● Test your backups
 24 Secure your Website
Questions

Recommended

Web Security Training : Tonex Training
Web Security Training : Tonex TrainingWeb Security Training : Tonex Training
Web Security Training : Tonex TrainingBryan Len
 
Cyber-Leave-Behind-Brochure-Done (1)
Cyber-Leave-Behind-Brochure-Done (1)Cyber-Leave-Behind-Brochure-Done (1)
Cyber-Leave-Behind-Brochure-Done (1)Sam Norallah
 
Using advanced security and data-protection features
Using advanced security and data-protection featuresUsing advanced security and data-protection features
Using advanced security and data-protection featuresMariaDB plc
 
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNet
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNetTecnologías para el Cumplimiento. Alexandre Bento. SafeNet
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNetInternet Security Auditors
 
Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Dave Eilken
 
The Nitty Gritty of Website Security
The Nitty Gritty of Website SecurityThe Nitty Gritty of Website Security
The Nitty Gritty of Website SecurityHTS Hosting
 
Next-Gen Security Solution: Gateway Protection
Next-Gen Security Solution: Gateway ProtectionNext-Gen Security Solution: Gateway Protection
Next-Gen Security Solution: Gateway ProtectionQuick Heal Technologies Ltd.
 
Security Profile
Security ProfileSecurity Profile
Security ProfileAhmed Ismail
 

Recommended

Web Security Training : Tonex Training
Web Security Training : Tonex TrainingWeb Security Training : Tonex Training
Web Security Training : Tonex TrainingBryan Len
 
Cyber-Leave-Behind-Brochure-Done (1)
Cyber-Leave-Behind-Brochure-Done (1)Cyber-Leave-Behind-Brochure-Done (1)
Cyber-Leave-Behind-Brochure-Done (1)Sam Norallah
 
Using advanced security and data-protection features
Using advanced security and data-protection featuresUsing advanced security and data-protection features
Using advanced security and data-protection featuresMariaDB plc
 
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNet
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNetTecnologías para el Cumplimiento. Alexandre Bento. SafeNet
Tecnologías para el Cumplimiento. Alexandre Bento. SafeNetInternet Security Auditors
 
Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Cyber Intelligence Vision Information Sheet 20Nov2013
Cyber Intelligence Vision Information Sheet 20Nov2013Dave Eilken
 
The Nitty Gritty of Website Security
The Nitty Gritty of Website SecurityThe Nitty Gritty of Website Security
The Nitty Gritty of Website SecurityHTS Hosting
 
Next-Gen Security Solution: Gateway Protection
Next-Gen Security Solution: Gateway ProtectionNext-Gen Security Solution: Gateway Protection
Next-Gen Security Solution: Gateway ProtectionQuick Heal Technologies Ltd.
 
Security Profile
Security ProfileSecurity Profile
Security ProfileAhmed Ismail
 
Web Security Training
Web Security Training Web Security Training
Web Security Training Tonex
 
Cyber Security For E-commerce (Infrastructure) development
Cyber Security For E-commerce (Infrastructure) developmentCyber Security For E-commerce (Infrastructure) development
Cyber Security For E-commerce (Infrastructure) developmentMohammad Ashfaqur Rahman
 
Azlan Security Offering
Azlan Security OfferingAzlan Security Offering
Azlan Security OfferingGianandrea Daverio
 
Fidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis Cybersecurity
 
Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.Tonya R. Taylor
 
OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur
 
Mule anypoint enterprise security
Mule anypoint enterprise securityMule anypoint enterprise security
Mule anypoint enterprise securityD.Rajesh Kumar
 
Anypoint enterprise security
Anypoint enterprise securityAnypoint enterprise security
Anypoint enterprise securityD.Rajesh Kumar
 
Encryption 101 for Nonprofits
Encryption 101 for NonprofitsEncryption 101 for Nonprofits
Encryption 101 for NonprofitsCommunity IT Innovators
 
Building a strong security strategy
Building a strong security strategyBuilding a strong security strategy
Building a strong security strategySingtel
 
CloudFlare - The Heartbleed Bug - Webinar
CloudFlare - The Heartbleed Bug - WebinarCloudFlare - The Heartbleed Bug - Webinar
CloudFlare - The Heartbleed Bug - WebinarCloudflare
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure Corporation
 
17 palo alto threat prevention concept
17 palo alto threat prevention concept17 palo alto threat prevention concept
17 palo alto threat prevention conceptMostafa El Lathy
 
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Quick Heal Technologies Ltd.
 
Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements Jamal Soudi
 
Fine-grained policy enforcement for untrusted software
Fine-grained policy enforcement for untrusted softwareFine-grained policy enforcement for untrusted software
Fine-grained policy enforcement for untrusted softwarePhú Phùng
 
What could possibly go wrong? Security in Magento Shops
What could possibly go wrong? Security in Magento ShopsWhat could possibly go wrong? Security in Magento Shops
What could possibly go wrong? Security in Magento ShopsAndreas von Studnitz
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 
Developing Secure Web Apps
Developing Secure Web AppsDeveloping Secure Web Apps
Developing Secure Web AppsMark Garratt
 
Black fogdatasheet feb_2019
Black fogdatasheet feb_2019Black fogdatasheet feb_2019
Black fogdatasheet feb_2019Giovanni Zanasca
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Avni Rajput
 

More Related Content

What's hot

Web Security Training
Web Security Training Web Security Training
Web Security Training Tonex
 
Cyber Security For E-commerce (Infrastructure) development
Cyber Security For E-commerce (Infrastructure) developmentCyber Security For E-commerce (Infrastructure) development
Cyber Security For E-commerce (Infrastructure) developmentMohammad Ashfaqur Rahman
 
Fidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis Cybersecurity
 
Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.Tonya R. Taylor
 
OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur
 
Mule anypoint enterprise security
Mule anypoint enterprise securityMule anypoint enterprise security
Mule anypoint enterprise securityD.Rajesh Kumar
 
Anypoint enterprise security
Anypoint enterprise securityAnypoint enterprise security
Anypoint enterprise securityD.Rajesh Kumar
 
Building a strong security strategy
Building a strong security strategyBuilding a strong security strategy
Building a strong security strategySingtel
 
CloudFlare - The Heartbleed Bug - Webinar
CloudFlare - The Heartbleed Bug - WebinarCloudFlare - The Heartbleed Bug - Webinar
CloudFlare - The Heartbleed Bug - WebinarCloudflare
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure Corporation
 
17 palo alto threat prevention concept
17 palo alto threat prevention concept17 palo alto threat prevention concept
17 palo alto threat prevention conceptMostafa El Lathy
 
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Quick Heal Technologies Ltd.
 
Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements Jamal Soudi
 
Fine-grained policy enforcement for untrusted software
Fine-grained policy enforcement for untrusted softwareFine-grained policy enforcement for untrusted software
Fine-grained policy enforcement for untrusted softwarePhú Phùng
 
What could possibly go wrong? Security in Magento Shops
What could possibly go wrong? Security in Magento ShopsWhat could possibly go wrong? Security in Magento Shops
What could possibly go wrong? Security in Magento ShopsAndreas von Studnitz
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 
Developing Secure Web Apps
Developing Secure Web AppsDeveloping Secure Web Apps
Developing Secure Web AppsMark Garratt
 
Black fogdatasheet feb_2019
Black fogdatasheet feb_2019Black fogdatasheet feb_2019
Black fogdatasheet feb_2019Giovanni Zanasca
 

What's hot (20)

Web Security Training
Web Security Training Web Security Training
Web Security Training
 
Cyber Security For E-commerce (Infrastructure) development
Cyber Security For E-commerce (Infrastructure) developmentCyber Security For E-commerce (Infrastructure) development
Cyber Security For E-commerce (Infrastructure) development
 
Azlan Security Offering
Azlan Security OfferingAzlan Security Offering
Azlan Security Offering
 
Fidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception SolutionFidelis - Live Demonstration of Deception Solution
Fidelis - Live Demonstration of Deception Solution
 
Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.
 
OWASP Nagpur Meet #4
OWASP Nagpur Meet #4 OWASP Nagpur Meet #4
OWASP Nagpur Meet #4
 
Mule anypoint enterprise security
Mule anypoint enterprise securityMule anypoint enterprise security
Mule anypoint enterprise security
 
Anypoint enterprise security
Anypoint enterprise securityAnypoint enterprise security
Anypoint enterprise security
 
Encryption 101 for Nonprofits
Encryption 101 for NonprofitsEncryption 101 for Nonprofits
Encryption 101 for Nonprofits
 
Building a strong security strategy
Building a strong security strategyBuilding a strong security strategy
Building a strong security strategy
 
CloudFlare - The Heartbleed Bug - Webinar
CloudFlare - The Heartbleed Bug - WebinarCloudFlare - The Heartbleed Bug - Webinar
CloudFlare - The Heartbleed Bug - Webinar
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server Security
 
17 palo alto threat prevention concept
17 palo alto threat prevention concept17 palo alto threat prevention concept
17 palo alto threat prevention concept
 
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
 
Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements
 
Fine-grained policy enforcement for untrusted software
Fine-grained policy enforcement for untrusted softwareFine-grained policy enforcement for untrusted software
Fine-grained policy enforcement for untrusted software
 
What could possibly go wrong? Security in Magento Shops
What could possibly go wrong? Security in Magento ShopsWhat could possibly go wrong? Security in Magento Shops
What could possibly go wrong? Security in Magento Shops
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providers
 
Developing Secure Web Apps
Developing Secure Web AppsDeveloping Secure Web Apps
Developing Secure Web Apps
 
Black fogdatasheet feb_2019
Black fogdatasheet feb_2019Black fogdatasheet feb_2019
Black fogdatasheet feb_2019
 

Similar to Mack Hardy: Five practical things you can do to secure your online self. Policies, 2FA, password managers, and more.

GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Avni Rajput
 
Data security in the age of GDPR – most common data security problems
Data security in the age of GDPR – most common data security problemsData security in the age of GDPR – most common data security problems
Data security in the age of GDPR – most common data security problemsExove
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
Don't Diligence Information Security for Lawyers
Don't Diligence Information Security for LawyersDon't Diligence Information Security for Lawyers
Don't Diligence Information Security for Lawyersdarrentthurston
 
Enterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use CasesEnterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use CasesWSO2
 
Security by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecuritySecurity by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecurityTara Arnold
 
Security by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecuritySecurity by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecurityMediacurrent
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezEC-Council
 
Fighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityFighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityDavid Zaizar
 
Data Security for MSME
Data Security for MSMEData Security for MSME
Data Security for MSMEDeepak Gupta
 
Securing Your Remote Access Desktop Connection
Securing Your Remote Access Desktop ConnectionSecuring Your Remote Access Desktop Connection
Securing Your Remote Access Desktop ConnectionSecurityMetrics
 
Hadoop and Financial Services
Hadoop and Financial ServicesHadoop and Financial Services
Hadoop and Financial ServicesCloudera, Inc.
 
Cybersecurity Essentials for Educational Institutions
Cybersecurity Essentials for Educational InstitutionsCybersecurity Essentials for Educational Institutions
Cybersecurity Essentials for Educational InstitutionsMSP360
 
NormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield
 
Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891Risk Crew
 
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...Cloudera, Inc.
 
Prioritizing Your MLM Business's Security with MLM Software
Prioritizing Your MLM Business's Security with MLM SoftwarePrioritizing Your MLM Business's Security with MLM Software
Prioritizing Your MLM Business's Security with MLM SoftwareEpixel MLM Software
 
T3 conference talk nov 2014
T3 conference talk nov 2014T3 conference talk nov 2014
T3 conference talk nov 2014Sid Yenamandra
 

Similar to Mack Hardy: Five practical things you can do to secure your online self. Policies, 2FA, password managers, and more. (20)

GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
 
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data
 
Data security in the age of GDPR – most common data security problems
Data security in the age of GDPR – most common data security problemsData security in the age of GDPR – most common data security problems
Data security in the age of GDPR – most common data security problems
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
Don't Diligence Information Security for Lawyers
Don't Diligence Information Security for LawyersDon't Diligence Information Security for Lawyers
Don't Diligence Information Security for Lawyers
 
Enterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use CasesEnterprise Identity and Access Management Use Cases
Enterprise Identity and Access Management Use Cases
 
Security by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecuritySecurity by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal Security
 
Security by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecuritySecurity by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal Security
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
 
Fighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityFighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud Cybersecurity
 
Data Security for MSME
Data Security for MSMEData Security for MSME
Data Security for MSME
 
Securing Your Remote Access Desktop Connection
Securing Your Remote Access Desktop ConnectionSecuring Your Remote Access Desktop Connection
Securing Your Remote Access Desktop Connection
 
Hadoop and Financial Services
Hadoop and Financial ServicesHadoop and Financial Services
Hadoop and Financial Services
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 
Cybersecurity Essentials for Educational Institutions
Cybersecurity Essentials for Educational InstitutionsCybersecurity Essentials for Educational Institutions
Cybersecurity Essentials for Educational Institutions
 
NormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk BriefNormShield 2018 Cyber Security Risk Brief
NormShield 2018 Cyber Security Risk Brief
 
Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891
 
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
 
Prioritizing Your MLM Business's Security with MLM Software
Prioritizing Your MLM Business's Security with MLM SoftwarePrioritizing Your MLM Business's Security with MLM Software
Prioritizing Your MLM Business's Security with MLM Software
 
T3 conference talk nov 2014
T3 conference talk nov 2014T3 conference talk nov 2014
T3 conference talk nov 2014
 

More from NetSquared Vancouver

TechSoup Connect Western Canada: Data To Action: Making Your Data Visible and...
TechSoup Connect Western Canada: Data To Action: Making Your Data Visible and...TechSoup Connect Western Canada: Data To Action: Making Your Data Visible and...
TechSoup Connect Western Canada: Data To Action: Making Your Data Visible and...NetSquared Vancouver
 
How to Make Your Donors’ Dollars Go Even Further
How to Make Your Donors’ Dollars Go Even FurtherHow to Make Your Donors’ Dollars Go Even Further
How to Make Your Donors’ Dollars Go Even FurtherNetSquared Vancouver
 
Show, Don’t Tell: How Your Data Can Reveal Your Impact Story
Show, Don’t Tell: How Your Data Can Reveal Your Impact StoryShow, Don’t Tell: How Your Data Can Reveal Your Impact Story
Show, Don’t Tell: How Your Data Can Reveal Your Impact StoryNetSquared Vancouver
 
Most Digital Transformations Fail – Make Yours Succeed - with Kevin Christop...
Most Digital Transformations Fail – Make Yours Succeed - with Kevin Christop...Most Digital Transformations Fail – Make Yours Succeed - with Kevin Christop...
Most Digital Transformations Fail – Make Yours Succeed - with Kevin Christop...NetSquared Vancouver
 
What is a New Member Worth? A Guide to Acquisition Costs + Member Lifetime Value
What is a New Member Worth? A Guide to Acquisition Costs + Member Lifetime ValueWhat is a New Member Worth? A Guide to Acquisition Costs + Member Lifetime Value
What is a New Member Worth? A Guide to Acquisition Costs + Member Lifetime ValueNetSquared Vancouver
 
Digital Marketing Diagnostics Part 1
Digital Marketing Diagnostics Part 1Digital Marketing Diagnostics Part 1
Digital Marketing Diagnostics Part 1NetSquared Vancouver
 
Digital Marketing Diagnostics pt. 2.pdf
Digital Marketing Diagnostics pt. 2.pdfDigital Marketing Diagnostics pt. 2.pdf
Digital Marketing Diagnostics pt. 2.pdfNetSquared Vancouver
 
Improve Your Event Marketing Strategies by Leveraging What Already Works
Improve Your Event Marketing Strategies by Leveraging What Already WorksImprove Your Event Marketing Strategies by Leveraging What Already Works
Improve Your Event Marketing Strategies by Leveraging What Already WorksNetSquared Vancouver
 
Sara Hoshooley — Building donor relationships in 2022
Sara Hoshooley — Building donor relationships in 2022Sara Hoshooley — Building donor relationships in 2022
Sara Hoshooley — Building donor relationships in 2022NetSquared Vancouver
 
Shelina Dilgir — Learning the latest trends in individual giving and donor st...
Shelina Dilgir — Learning the latest trends in individual giving and donor st...Shelina Dilgir — Learning the latest trends in individual giving and donor st...
Shelina Dilgir — Learning the latest trends in individual giving and donor st...NetSquared Vancouver
 
Kevin Christopher-George - Quantifying Your Desired Outcomes from Investments...
Kevin Christopher-George - Quantifying Your Desired Outcomes from Investments...Kevin Christopher-George - Quantifying Your Desired Outcomes from Investments...
Kevin Christopher-George - Quantifying Your Desired Outcomes from Investments...NetSquared Vancouver
 
Meaningful Work: Building Resilience and Capacity through Skilled Volunteering
Meaningful Work: Building Resilience and Capacity through Skilled VolunteeringMeaningful Work: Building Resilience and Capacity through Skilled Volunteering
Meaningful Work: Building Resilience and Capacity through Skilled VolunteeringNetSquared Vancouver
 
Demo Event: Four Innovative Apps for Food Pantries and Food Banks
Demo Event: Four Innovative Apps for Food Pantries and Food BanksDemo Event: Four Innovative Apps for Food Pantries and Food Banks
Demo Event: Four Innovative Apps for Food Pantries and Food BanksNetSquared Vancouver
 
Measuring the Impact of Your Nonprofit
Measuring the Impact of Your NonprofitMeasuring the Impact of Your Nonprofit
Measuring the Impact of Your NonprofitNetSquared Vancouver
 
Measuring the Impact of Your Nonprofit
Measuring the Impact of Your NonprofitMeasuring the Impact of Your Nonprofit
Measuring the Impact of Your NonprofitNetSquared Vancouver
 
How Nonprofits Can Create 10x the Content Without More Work
How Nonprofits Can Create 10x the Content Without More WorkHow Nonprofits Can Create 10x the Content Without More Work
How Nonprofits Can Create 10x the Content Without More WorkNetSquared Vancouver
 
Leah Chang — E-tapestry lingo bingo worksheet
Leah Chang — E-tapestry lingo bingo worksheetLeah Chang — E-tapestry lingo bingo worksheet
Leah Chang — E-tapestry lingo bingo worksheetNetSquared Vancouver
 
Leah Chang — CRM naming poll sample
Leah Chang — CRM naming poll sampleLeah Chang — CRM naming poll sample
Leah Chang — CRM naming poll sampleNetSquared Vancouver
 

More from NetSquared Vancouver (20)

TechSoup Connect Western Canada: Data To Action: Making Your Data Visible and...
TechSoup Connect Western Canada: Data To Action: Making Your Data Visible and...TechSoup Connect Western Canada: Data To Action: Making Your Data Visible and...
TechSoup Connect Western Canada: Data To Action: Making Your Data Visible and...
 
How to Make Your Donors’ Dollars Go Even Further
How to Make Your Donors’ Dollars Go Even FurtherHow to Make Your Donors’ Dollars Go Even Further
How to Make Your Donors’ Dollars Go Even Further
 
Show, Don’t Tell: How Your Data Can Reveal Your Impact Story
Show, Don’t Tell: How Your Data Can Reveal Your Impact StoryShow, Don’t Tell: How Your Data Can Reveal Your Impact Story
Show, Don’t Tell: How Your Data Can Reveal Your Impact Story
 
Most Digital Transformations Fail – Make Yours Succeed - with Kevin Christop...
Most Digital Transformations Fail – Make Yours Succeed - with Kevin Christop...Most Digital Transformations Fail – Make Yours Succeed - with Kevin Christop...
Most Digital Transformations Fail – Make Yours Succeed - with Kevin Christop...
 
What is a New Member Worth? A Guide to Acquisition Costs + Member Lifetime Value
What is a New Member Worth? A Guide to Acquisition Costs + Member Lifetime ValueWhat is a New Member Worth? A Guide to Acquisition Costs + Member Lifetime Value
What is a New Member Worth? A Guide to Acquisition Costs + Member Lifetime Value
 
Digital Marketing Diagnostics Part 1
Digital Marketing Diagnostics Part 1Digital Marketing Diagnostics Part 1
Digital Marketing Diagnostics Part 1
 
Digital Marketing Diagnostics pt. 2.pdf
Digital Marketing Diagnostics pt. 2.pdfDigital Marketing Diagnostics pt. 2.pdf
Digital Marketing Diagnostics pt. 2.pdf
 
Improve Your Event Marketing Strategies by Leveraging What Already Works
Improve Your Event Marketing Strategies by Leveraging What Already WorksImprove Your Event Marketing Strategies by Leveraging What Already Works
Improve Your Event Marketing Strategies by Leveraging What Already Works
 
Jai Djwa — User Experience FTW
Jai Djwa — User Experience FTWJai Djwa — User Experience FTW
Jai Djwa — User Experience FTW
 
Sara Hoshooley — Building donor relationships in 2022
Sara Hoshooley — Building donor relationships in 2022Sara Hoshooley — Building donor relationships in 2022
Sara Hoshooley — Building donor relationships in 2022
 
Shelina Dilgir — Learning the latest trends in individual giving and donor st...
Shelina Dilgir — Learning the latest trends in individual giving and donor st...Shelina Dilgir — Learning the latest trends in individual giving and donor st...
Shelina Dilgir — Learning the latest trends in individual giving and donor st...
 
Kevin Christopher-George - Quantifying Your Desired Outcomes from Investments...
Kevin Christopher-George - Quantifying Your Desired Outcomes from Investments...Kevin Christopher-George - Quantifying Your Desired Outcomes from Investments...
Kevin Christopher-George - Quantifying Your Desired Outcomes from Investments...
 
Meaningful Work: Building Resilience and Capacity through Skilled Volunteering
Meaningful Work: Building Resilience and Capacity through Skilled VolunteeringMeaningful Work: Building Resilience and Capacity through Skilled Volunteering
Meaningful Work: Building Resilience and Capacity through Skilled Volunteering
 
Demo Event: Four Innovative Apps for Food Pantries and Food Banks
Demo Event: Four Innovative Apps for Food Pantries and Food BanksDemo Event: Four Innovative Apps for Food Pantries and Food Banks
Demo Event: Four Innovative Apps for Food Pantries and Food Banks
 
Motivating Group Leaders
Motivating Group LeadersMotivating Group Leaders
Motivating Group Leaders
 
Measuring the Impact of Your Nonprofit
Measuring the Impact of Your NonprofitMeasuring the Impact of Your Nonprofit
Measuring the Impact of Your Nonprofit
 
Measuring the Impact of Your Nonprofit
Measuring the Impact of Your NonprofitMeasuring the Impact of Your Nonprofit
Measuring the Impact of Your Nonprofit
 
How Nonprofits Can Create 10x the Content Without More Work
How Nonprofits Can Create 10x the Content Without More WorkHow Nonprofits Can Create 10x the Content Without More Work
How Nonprofits Can Create 10x the Content Without More Work
 
Leah Chang — E-tapestry lingo bingo worksheet
Leah Chang — E-tapestry lingo bingo worksheetLeah Chang — E-tapestry lingo bingo worksheet
Leah Chang — E-tapestry lingo bingo worksheet
 
Leah Chang — CRM naming poll sample
Leah Chang — CRM naming poll sampleLeah Chang — CRM naming poll sample
Leah Chang — CRM naming poll sample
 

Recently uploaded

Heart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis ProjectHeart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis ProjectBoston Institute of Analytics
 
DBA Basics: Getting Started with Performance Tuning.pdf
DBA Basics: Getting Started with Performance Tuning.pdfDBA Basics: Getting Started with Performance Tuning.pdf
DBA Basics: Getting Started with Performance Tuning.pdfJohn Sterrett
 
How we prevented account sharing with MFA
How we prevented account sharing with MFAHow we prevented account sharing with MFA
How we prevented account sharing with MFAAndrei Kaleshka
 
Advanced Machine Learning for Business Professionals
Advanced Machine Learning for Business ProfessionalsAdvanced Machine Learning for Business Professionals
Advanced Machine Learning for Business ProfessionalsVICTOR MAESTRE RAMIREZ
 
RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.natarajan8993
 
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改yuu sss
 
Top 5 Best Data Analytics Courses In Queens
Top 5 Best Data Analytics Courses In QueensTop 5 Best Data Analytics Courses In Queens
Top 5 Best Data Analytics Courses In Queensdataanalyticsqueen03
 
Identifying Appropriate Test Statistics Involving Population Mean
Identifying Appropriate Test Statistics Involving Population MeanIdentifying Appropriate Test Statistics Involving Population Mean
Identifying Appropriate Test Statistics Involving Population MeanMYRABACSAFRA2
 
Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...Seán Kennedy
 
Semantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptxSemantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptxMike Bennett
 
Predicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdfPredicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdfBoston Institute of Analytics
 
20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdf20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdfHuman37
 
GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]📊 Markus Baersch
 
Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)Cathrine Wilhelmsen
 
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort servicejennyeacort
 
Generative AI for Social Good at Open Data Science East 2024
Generative AI for Social Good at Open Data Science East 2024Generative AI for Social Good at Open Data Science East 2024
Generative AI for Social Good at Open Data Science East 2024Colleen Farrelly
 
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degreeyuu sss
 
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhi
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝DelhiRS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhi
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhijennyeacort
 
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...limedy534
 
Multiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdfMultiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdfchwongval
 

Recently uploaded (20)

Heart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis ProjectHeart Disease Classification Report: A Data Analysis Project
Heart Disease Classification Report: A Data Analysis Project
 
DBA Basics: Getting Started with Performance Tuning.pdf
DBA Basics: Getting Started with Performance Tuning.pdfDBA Basics: Getting Started with Performance Tuning.pdf
DBA Basics: Getting Started with Performance Tuning.pdf
 
How we prevented account sharing with MFA
How we prevented account sharing with MFAHow we prevented account sharing with MFA
How we prevented account sharing with MFA
 
Advanced Machine Learning for Business Professionals
Advanced Machine Learning for Business ProfessionalsAdvanced Machine Learning for Business Professionals
Advanced Machine Learning for Business Professionals
 
RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.RABBIT: A CLI tool for identifying bots based on their GitHub events.
RABBIT: A CLI tool for identifying bots based on their GitHub events.
 
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改
专业一比一美国俄亥俄大学毕业证成绩单pdf电子版制作修改
 
Top 5 Best Data Analytics Courses In Queens
Top 5 Best Data Analytics Courses In QueensTop 5 Best Data Analytics Courses In Queens
Top 5 Best Data Analytics Courses In Queens
 
Identifying Appropriate Test Statistics Involving Population Mean
Identifying Appropriate Test Statistics Involving Population MeanIdentifying Appropriate Test Statistics Involving Population Mean
Identifying Appropriate Test Statistics Involving Population Mean
 
Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...
 
Semantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptxSemantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptx
 
Predicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdfPredicting Salary Using Data Science: A Comprehensive Analysis.pdf
Predicting Salary Using Data Science: A Comprehensive Analysis.pdf
 
20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdf20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdf
 
GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]
 
Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)
 
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service
9711147426✨Call In girls Gurgaon Sector 31. SCO 25 escort service
 
Generative AI for Social Good at Open Data Science East 2024
Generative AI for Social Good at Open Data Science East 2024Generative AI for Social Good at Open Data Science East 2024
Generative AI for Social Good at Open Data Science East 2024
 
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
毕业文凭制作#回国入职#diploma#degree澳洲中央昆士兰大学毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#degree
 
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhi
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝DelhiRS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhi
RS 9000 Call In girls Dwarka Mor (DELHI)⇛9711147426🔝Delhi
 
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
Effects of Smartphone Addiction on the Academic Performances of Grades 9 to 1...
 
Multiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdfMultiple time frame trading analysis -brianshannon.pdf
Multiple time frame trading analysis -brianshannon.pdf
 

Mack Hardy: Five practical things you can do to secure your online self. Policies, 2FA, password managers, and more.

  • 1. 5 basic ways to improve the digital security of your organization Presented by Mack Hardy, 
 CEO Affinity Bridge
 October 14th, 2019
  • 3. ● Identify organizational assets
 ● Who has access or control?
 ● What are the risks?
 ● How do we safeguard? 3 Risk Analysis
  • 4. ● What are the threats to organizational assets? ● Who might unauthorized stakeholders be?
 ● What are mitigation strategies?
 ● Physical security sufficient? 4 Threat Model
  • 5. ● Everyone in the org needs to share the security mindset
 ● Ensure on-boarding includes security training
 ● Make an accessible security policy
 ● Review and reassess regularly as a team 5 Security Mindset and Training
  • 7. ● Keep passwords secret
 ● Password quality
 ● Use a password keeper
 ● Use 2FA for key access 7 Passwords and 2FA
  • 8. ● Make passwords longer
 12-20+ characters ● Make passwords unique ● Don’t need to be able to remember them
 ● Don’t email or store in plain text 8 Password Quality M@k3
 B3tt3R P@$$w0rd$
  • 9. ● Team management of credentials
 ● Access control management by Vault
 ● Checks for duplicate and weak passwords
 ● Generates strong passwords 9 Password Keepers
  • 10. ● Protect important accounts with 2FA
 ● Shared access possible w Google Authenticator
 ● Might feel like a hassle, but so is losing your domain or email provider
 10 2FA - Two Factor Authentication
  • 12. ● Signal or Wire for secure messaging
 ● Caution: FaceBook Messenger and WhatsApp - consider the source
 12 Secure Messaging
  • 13. ● On public wifi, use a VPN service to encrypt your communications and hide your location
 ● Use HTTPS everywhere
 
 13 VPN and HTTPS
  • 14. ● SPF - Sender Policy Framework
 ● DMARC - Domain-based Message Authentication, Reporting & Conformance
 ● DKIM - DomainKeys Identified Mail 14 Validate Email Senders
  • 15. #4 Reduce your attack surface

  • 16. ● Monitor for know viruses and malware with an antivirus
 ● Use one across the organization 16 Anti-Virus
  • 17. ● Pi-Hole - DNS level ad blocking
 ● Privacy Badger - EFF.org ad blocker 17 Ad blocking and Trackers
  • 18. ● Be wary of browser extensions, app installs
 ● Be careful of what data is disclosed to app providers
 ● Double check URLs in email 
 ● Use HTTPS urls
 18 Preventing Phishing
  • 19. ● Keep operating system updates current
 ● Update Firmware on routers
 ● Update website codebase regularly, budget for help with this
 ● Monitor security disclosures for platforms you use 19 Limit Zero-day exploits
  • 21. ● Backup computers
 ● Keep offsite backups 
 ● Automate backup process
 ● Test recovery from backups 21 Backups
  • 22. ● Clean up cloud storage, use less services
 ● Delete old email accounts, email with credentials, or personally identifiable data
 ● CRM - keep active records, archive older records 22 Clean your closet
  • 23. ● Data Liability - think about what data you are storing, and why - where is it stored? - whats your disclosure risk? - who is liable in the event of breach
 - what is the impact on your constituents - delegate some risk
 ● Consider insurance options 23 Liability and Insurance
  • 24. ● Add a proxy / cache like CloudFlare or Varnish
 ● Harden CMS login
 ● Add Captcha on forms
 ● Audit admin accounts
 ● Test your backups
 24 Secure your Website