Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Mack Hardy: Five practical things you can do to secure your online self. Policies, 2FA, password managers, and more.


Published on

You have a lot of data! How can you keep your member and client information secure? What legal rules does you nonprofit need to follow when it comes to data hosting? What tools and apps won't get your in trouble?

We have four experts who will answer all your questions.

* Alejandra Brown: Introduction to privacy and overview of privacy and data residency rules that apply to BC nonprofits.

* Mack Hardy: Five practical things you can do to secure your online self. Policies, 2FA, password managers, and more.

* Damien Norris: A suite of curated tools that organizations can use to locally/securely replace the US owned cloud services in their lives.

* Kris Constable: IDVPN: a VPN for complying with justistional regulations.

Published in: Data & Analytics
  • Be the first to comment

  • Be the first to like this

Mack Hardy: Five practical things you can do to secure your online self. Policies, 2FA, password managers, and more.

  1. 1. 5 basic ways to improve the digital security of your organization Presented by Mack Hardy, 
 CEO Affinity Bridge
 October 14th, 2019
  2. 2. #1 Cultivate a Security Mindset
  3. 3. ● Identify organizational assets
 ● Who has access or control?
 ● What are the risks?
 ● How do we safeguard? 3 Risk Analysis
  4. 4. ● What are the threats to organizational assets? ● Who might unauthorized stakeholders be?
 ● What are mitigation strategies?
 ● Physical security sufficient? 4 Threat Model
  5. 5. ● Everyone in the org needs to share the security mindset
 ● Ensure on-boarding includes security training
 ● Make an accessible security policy
 ● Review and reassess regularly as a team 5 Security Mindset and Training
  6. 6. #2 Passwords and 2FA
  7. 7. ● Keep passwords secret
 ● Password quality
 ● Use a password keeper
 ● Use 2FA for key access 7 Passwords and 2FA
  8. 8. ● Make passwords longer
 12-20+ characters ● Make passwords unique ● Don’t need to be able to remember them
 ● Don’t email or store in plain text 8 Password Quality M@k3
 B3tt3R P@$$w0rd$
  9. 9. ● Team management of credentials
 ● Access control management by Vault
 ● Checks for duplicate and weak passwords
 ● Generates strong passwords 9 Password Keepers
  10. 10. ● Protect important accounts with 2FA
 ● Shared access possible w Google Authenticator
 ● Might feel like a hassle, but so is losing your domain or email provider
 10 2FA - Two Factor Authentication
  11. 11. #3 Harden your communication
  12. 12. ● Signal or Wire for secure messaging
 ● Caution: FaceBook Messenger and WhatsApp - consider the source
 12 Secure Messaging
  13. 13. ● On public wifi, use a VPN service to encrypt your communications and hide your location
 ● Use HTTPS everywhere
 13 VPN and HTTPS
  14. 14. ● SPF - Sender Policy Framework
 ● DMARC - Domain-based Message Authentication, Reporting & Conformance
 ● DKIM - DomainKeys Identified Mail 14 Validate Email Senders
  15. 15. #4 Reduce your attack surface

  16. 16. ● Monitor for know viruses and malware with an antivirus
 ● Use one across the organization 16 Anti-Virus
  17. 17. ● Pi-Hole - DNS level ad blocking
 ● Privacy Badger - ad blocker 17 Ad blocking and Trackers
  18. 18. ● Be wary of browser extensions, app installs
 ● Be careful of what data is disclosed to app providers
 ● Double check URLs in email 
 ● Use HTTPS urls
 18 Preventing Phishing
  19. 19. ● Keep operating system updates current
 ● Update Firmware on routers
 ● Update website codebase regularly, budget for help with this
 ● Monitor security disclosures for platforms you use 19 Limit Zero-day exploits
  20. 20. #5 
 Protect Organizational Data
  21. 21. ● Backup computers
 ● Keep offsite backups 
 ● Automate backup process
 ● Test recovery from backups 21 Backups
  22. 22. ● Clean up cloud storage, use less services
 ● Delete old email accounts, email with credentials, or personally identifiable data
 ● CRM - keep active records, archive older records 22 Clean your closet
  23. 23. ● Data Liability - think about what data you are storing, and why - where is it stored? - whats your disclosure risk? - who is liable in the event of breach
 - what is the impact on your constituents - delegate some risk
 ● Consider insurance options 23 Liability and Insurance
  24. 24. ● Add a proxy / cache like CloudFlare or Varnish
 ● Harden CMS login
 ● Add Captcha on forms
 ● Audit admin accounts
 ● Test your backups
 24 Secure your Website
  25. 25. Questions