Notes on one of the SQLBits sessions titled “Stop Doing Stupid $%^- How NOT to Secure Your Environment”
One of the highlights of SQLBits for us was a session that spelt out (in no uncertain terms) the things we politely tell customers all the time. Unfortunately there are many common examples that we see of “How NOT to Secure Your Environment.” For that reason we thought it was worth playing this back in order to help re-enforce the message.
These things still happen, despite readily available documentation on security best practices. Many companies spend far more on security than they need to. This is usually out of necessity and AFTER a breach rather than spending a lot less upfront. It is better to take simple steps to prevent the data breach in the first place. Take a look at the slide below to see the session info.
Visit excellent speakers site here : https://joeydantoni.com/
STOP doing any of these things now before it is too late
A few Top Tips
- Use a password manager and enable MFA wherever possible
- We use Dashlane as it is setup up for groups of people to easily store and share credentials and more. It also provides recommendations, scores and detects if any accounts have been breached and are available on the dark web ! It’s also very cost-effective, easy to use and setup. More details on this can be found here – https://www.dashlane.com/
- Update your Operating Systems and applications
- Stop opening internet ports to your data ! One of the most common causes of a data breach
- Take your keys and secrets out of your code in public repos
Review the slide below showing the “Data Breach Game”. How many of these is your organisation guilty of !?
There are many reasons for data breaches. Most of them can be easily prevented by securing your data and infrastructure using well-documented best practices. Follow the steps above for How NOT to Secure Your Environment!
If you have concerns about your data protection, follow some of the above simple best practices. Get in touch (in confidence) to speak to a real person : – https://lanet.co.uk/contact/
Visit these useful links for more !
SQLBits Session info
End-To-end Security in Azure
LA NET can support you with data and cloud infrastructure security if you have any questions. That is essentially all we do ! contact us here.