Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

of

WordCamp for Publishers: Security for Newsrooms Slide 1 WordCamp for Publishers: Security for Newsrooms Slide 2 WordCamp for Publishers: Security for Newsrooms Slide 3 WordCamp for Publishers: Security for Newsrooms Slide 4 WordCamp for Publishers: Security for Newsrooms Slide 5 WordCamp for Publishers: Security for Newsrooms Slide 6 WordCamp for Publishers: Security for Newsrooms Slide 7 WordCamp for Publishers: Security for Newsrooms Slide 8 WordCamp for Publishers: Security for Newsrooms Slide 9 WordCamp for Publishers: Security for Newsrooms Slide 10 WordCamp for Publishers: Security for Newsrooms Slide 11 WordCamp for Publishers: Security for Newsrooms Slide 12 WordCamp for Publishers: Security for Newsrooms Slide 13 WordCamp for Publishers: Security for Newsrooms Slide 14 WordCamp for Publishers: Security for Newsrooms Slide 15 WordCamp for Publishers: Security for Newsrooms Slide 16 WordCamp for Publishers: Security for Newsrooms Slide 17 WordCamp for Publishers: Security for Newsrooms Slide 18 WordCamp for Publishers: Security for Newsrooms Slide 19 WordCamp for Publishers: Security for Newsrooms Slide 20 WordCamp for Publishers: Security for Newsrooms Slide 21 WordCamp for Publishers: Security for Newsrooms Slide 22 WordCamp for Publishers: Security for Newsrooms Slide 23 WordCamp for Publishers: Security for Newsrooms Slide 24 WordCamp for Publishers: Security for Newsrooms Slide 25 WordCamp for Publishers: Security for Newsrooms Slide 26 WordCamp for Publishers: Security for Newsrooms Slide 27 WordCamp for Publishers: Security for Newsrooms Slide 28 WordCamp for Publishers: Security for Newsrooms Slide 29 WordCamp for Publishers: Security for Newsrooms Slide 30 WordCamp for Publishers: Security for Newsrooms Slide 31 WordCamp for Publishers: Security for Newsrooms Slide 32 WordCamp for Publishers: Security for Newsrooms Slide 33 WordCamp for Publishers: Security for Newsrooms Slide 34 WordCamp for Publishers: Security for Newsrooms Slide 35 WordCamp for Publishers: Security for Newsrooms Slide 36 WordCamp for Publishers: Security for Newsrooms Slide 37 WordCamp for Publishers: Security for Newsrooms Slide 38 WordCamp for Publishers: Security for Newsrooms Slide 39 WordCamp for Publishers: Security for Newsrooms Slide 40 WordCamp for Publishers: Security for Newsrooms Slide 41 WordCamp for Publishers: Security for Newsrooms Slide 42 WordCamp for Publishers: Security for Newsrooms Slide 43 WordCamp for Publishers: Security for Newsrooms Slide 44 WordCamp for Publishers: Security for Newsrooms Slide 45 WordCamp for Publishers: Security for Newsrooms Slide 46 WordCamp for Publishers: Security for Newsrooms Slide 47 WordCamp for Publishers: Security for Newsrooms Slide 48 WordCamp for Publishers: Security for Newsrooms Slide 49 WordCamp for Publishers: Security for Newsrooms Slide 50 WordCamp for Publishers: Security for Newsrooms Slide 51 WordCamp for Publishers: Security for Newsrooms Slide 52 WordCamp for Publishers: Security for Newsrooms Slide 53 WordCamp for Publishers: Security for Newsrooms Slide 54 WordCamp for Publishers: Security for Newsrooms Slide 55 WordCamp for Publishers: Security for Newsrooms Slide 56 WordCamp for Publishers: Security for Newsrooms Slide 57 WordCamp for Publishers: Security for Newsrooms Slide 58 WordCamp for Publishers: Security for Newsrooms Slide 59 WordCamp for Publishers: Security for Newsrooms Slide 60 WordCamp for Publishers: Security for Newsrooms Slide 61 WordCamp for Publishers: Security for Newsrooms Slide 62 WordCamp for Publishers: Security for Newsrooms Slide 63 WordCamp for Publishers: Security for Newsrooms Slide 64 WordCamp for Publishers: Security for Newsrooms Slide 65 WordCamp for Publishers: Security for Newsrooms Slide 66 WordCamp for Publishers: Security for Newsrooms Slide 67 WordCamp for Publishers: Security for Newsrooms Slide 68 WordCamp for Publishers: Security for Newsrooms Slide 69 WordCamp for Publishers: Security for Newsrooms Slide 70 WordCamp for Publishers: Security for Newsrooms Slide 71 WordCamp for Publishers: Security for Newsrooms Slide 72 WordCamp for Publishers: Security for Newsrooms Slide 73 WordCamp for Publishers: Security for Newsrooms Slide 74 WordCamp for Publishers: Security for Newsrooms Slide 75 WordCamp for Publishers: Security for Newsrooms Slide 76 WordCamp for Publishers: Security for Newsrooms Slide 77 WordCamp for Publishers: Security for Newsrooms Slide 78 WordCamp for Publishers: Security for Newsrooms Slide 79 WordCamp for Publishers: Security for Newsrooms Slide 80 WordCamp for Publishers: Security for Newsrooms Slide 81 WordCamp for Publishers: Security for Newsrooms Slide 82 WordCamp for Publishers: Security for Newsrooms Slide 83 WordCamp for Publishers: Security for Newsrooms Slide 84 WordCamp for Publishers: Security for Newsrooms Slide 85 WordCamp for Publishers: Security for Newsrooms Slide 86 WordCamp for Publishers: Security for Newsrooms Slide 87 WordCamp for Publishers: Security for Newsrooms Slide 88 WordCamp for Publishers: Security for Newsrooms Slide 89 WordCamp for Publishers: Security for Newsrooms Slide 90 WordCamp for Publishers: Security for Newsrooms Slide 91 WordCamp for Publishers: Security for Newsrooms Slide 92 WordCamp for Publishers: Security for Newsrooms Slide 93
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

0 Likes

Share

Download to read offline

WordCamp for Publishers: Security for Newsrooms

Download to read offline

Hands-on workshop on information security basics:
- how to think about security
- threat modelling / risk assessment
- authentication
- device security

Handouts:
https://drive.google.com/file/d/13FZBhEY2kSsThkq7-5fTXf8eqGaSI5pg/view?usp=sharing

Related Books

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

WordCamp for Publishers: Security for Newsrooms

  1. 1. information SECURITY for publishers
  2. 2. Paul Schreiberpaulschreiber@gmail.com @paulschreiber
  3. 3. tradeoffs
  4. 4. continuum
  5. 5. average people✔
  6. 6. under government surveillance whistleblowers political campaigners activists celebrities victims of stalking and violence
  7. 7. encrypted email (PGP, GPG) messaging (Signal) SecureDrop Physical security VPNs Tor
  8. 8. Tails Social media Airgap Firmware passwords On-premises vs cloud
  9. 9. corporate espionage criminal gangs zero-day exploits Mossad, CIA, MI6, NSA
  10. 10. password reuse✔ password guessing✔ lost and stolen devices✔ phishing✔
  11. 11. threat model
  12. 12. how much they want to know howmuchyoucare $$$$$$ 0 $
  13. 13. assets
  14. 14. adversaries
  15. 15. capabilities
  16. 16. consequences
  17. 17. defenses
  18. 18. memorizing passwords
  19. 19. password managers
  20. 20. Create View Edit Delete Web Sync 2FA Mac Windows Linux iOS Android Chrome ✔ ✔ ✘ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ Firefox ✘ ✔ ✔ ✔ ✘ ✔ ✘ ✔ ✔ ✔ ✔ ✔ Safari ✔ ✔ ✔ ✔ ✘ ✔ ✔ ✔ ✘ ✘ ✔ ✘ browser password management
  21. 21. Preferences > Passwords
  22. 22. chrome://flags
  23. 23. chrome://settings/passwords
  24. 24. about:preferences#privacy
  25. 25. security questions
  26. 26. “security” questions
  27. 27. password policies
  28. 28. NIST Special Publication 800-63BDigital Identity Guidelines Authentication and Lifecycle Management
  29. 29. § 5.1.1.2 Verifiers SHALL require subscriber-chosen memorized secrets to be at least 8 characters in length. Verifiers SHOULD permit subscriber-chosen memorized secrets at least 64 characters in length. length
  30. 30. composition § 5.1.1.2 All printing ASCII [RFC 20] characters as well as the space character SHOULD be acceptable in memorized secrets. Unicode [ISO/ISC 10646] characters SHOULD be accepted as well. Verifiers SHOULD NOT impose other composition rules (e.g., requiring mixtures of different character types or prohibiting consecutively repeated characters) for memorized secrets.
  31. 31. § 5.1.1.2 Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). rotation
  32. 32. password sharing
  33. 33. password resets
  34. 34. know
  35. 35. are
  36. 36. have
  37. 37. backup codes
  38. 38. device migration
  39. 39. WordPress VIP
  40. 40. Many graphics from The Noun Project Bear by Gan Khoon Lay; Computer Fire by Ian Ransley; Computer by Azis; Credit card Gonzalo Bravo; Fingerprint by Ben Davis; Lock with keyhole by Brennan Novak; Marker by Jeff Seevers; Nokia 3310 by Stan Fisher; Notification by vijay sekhar; Shield by Wayne Thayer; Spy by Alen Krummenacher; iPhone by Ross Sokolovski.

Hands-on workshop on information security basics: - how to think about security - threat modelling / risk assessment - authentication - device security Handouts: https://drive.google.com/file/d/13FZBhEY2kSsThkq7-5fTXf8eqGaSI5pg/view?usp=sharing

Views

Total views

158

On Slideshare

0

From embeds

0

Number of embeds

2

Actions

Downloads

1

Shares

0

Comments

0

Likes

0

×