The Business Continuity Big Three

name: inverse
class: center, middle, inverse
layout: true
.header[.floatleft[.teal[Christopher Biggs] — BC Big 3].floatright[.teal[@unixbigot] .logo[@accelerando_au]]] .footer[.floatleft[.hashtag[EBN] Apr 2018]]

---
name: callout
class: center, middle, italic, bulletul
layout: true
.header[.floatleft[.teal[Christopher Biggs] — BC Big 3].floatright[.teal[@unixbigot] .logo[@accelerando_au]]] .footer[.floatleft[.hashtag[EBN] Apr 2018]]

---
layout: true
template: callout
.header[.floatleft[.teal[Christopher Biggs] — BC Big 3].floatright[.teal[@unixbigot] .logo[@accelerando_au]]] .footer[.floatleft[.hashtag[EBN] Apr 2018]]

---
class: center, middle
template: inverse

# Business Continuity

## The Big Three
### (things you can do today)

.bottom.right[
Christopher Biggs, .logo[Accelerando Consulting]
<br>.logo[@accelerando_au]
]

---
layout: true
template: callout
.crumb[
# Risks
]
---

# Risks?

* All my data is gone
* Netflix got hacked and now my Facebook is deleted
* They took over my bank account and drained it

---
layout: true
template: callout
.crumb[
# Risks
# Data
]

---
template:inverse

# Data continuity

## Backups, Duh

---

# There are two kinds of hard drives

* Dead ones
* Ones that haven't died...yet

---

# Ransomware

.left[
* "Oops, your files have been encrypted.  Pay to unlock".
* Small time shakedowns, now a nation-state weapon
* Maersk lost over $200 million from "WannaCry".   TNT similar.
* Boeing hit last week
]

---

# Automated backups

* Macs - Turn on "Time Machine" (hourly, daily, weekly)
* Windows - google "windows 10 backup" (weekly by default)

---

# Fire, Flood, Stupidity

.fig20[
![](ssd.jpg)]

.fig20[
![](sata_dock.jpg)]

.left[
* Spend $500 on 3 solid-state drives 
* A in your computer
* B in your dock for automatic local backups
* C offsite (swap with B monthly)
]

---

# Network backups

* CrashPlan.com - The Three Drives, on someone else's drive
* DropBox.com - Sync files between all your computers (and the cloud)
* Evernote.com - Clip your insurance policies, contracts, receipts, everything

---
layout: true
template: callout
.crumb[
# Risks
# Data
# Access
]

---
template:inverse

# Access continuity

## Passwords are awful

---

# Get a password manager

## Any password you can remember is too short

---

.center[
.fig70[
![Correct Horse Battery Staple](password_strength.png)]
]
---

# 1password.com

* Synchronises between your phone, laptop and PC
* Generates nice long passwords
* Plugs into your web-browsers
* Team subscription - share (some) passwords with colleagues
* Family subscription - you're in a coma, what now?

---

# HaveIBeenPwned.com

* Were you in a data leak three years ago?
* Ongoing notifications of new leaks
* If you've reused passwords, subscribe today

---

# Don't email passwords

## Every data breach ever:

.left[
1. Alan's yahoo mail got hacked when he fell for a scam email
1. They found the password to his work account in his old messages
1. They found some more passwords in his work email
1. They got onto the webserver and stole all the customer passswords and credit cards
]

---
layout: true
template: callout
.crumb[
# Risks
# Data
# Access
# Control
]

---

template:inverse

# Control continuity

## Multi-factor authentication

---

# Authentication factors

* Something you know (password, PIN)
* Something you have (access token, phone)
* Something you are (fingerprint, face, iris)

---

# Multi-factor with Gmail

* Go to gmail now and turn on multi-factor auth
* Install google app on your phone
* When you try to log in with a new computer, you'll get a
confirmation on your phone

---

# Multi-factor at the bank

![](securid.jpg)

* Ask your bank for an authentication token
* To log in, username, password, token value
* Token changes every 15 seconds

---

# Multi-factor with amazon

* Install google authenticator app (or another token app)
* To log in, username, password, authenticator value
* Value changes every 15 seconds

---

# Recap

.fig30[
![](keep-calm.jpg)
]

.nolm[
* Your data is your business
* Disk Drives Die
* Use a password manager, not Password123
* Don't let a stolen password mean stolen business
]

---

# Resources, Questions

.left.vtight[
* [1Password](https://1password.com)
* [Have I been Pwned](https://haveibeenpwned.com)
* [Apple Time Machine](https://support.apple.com/en-us/HT201250)
* [CrashPlan](https://crashplan.com)
]

### Related talks - [http://christopher.biggs.id.au/#talks](http://christopher.biggs.id.au/#talks)

.left.vtight[
- Twitter: .blue[@accelerando_au]
- Email: .blue[christopher@biggs.id.au]
- Slides, and getting my advice: http://christopher.biggs.id.au/
- Accelerando Consulting - IoT, DevOps, Big Data - https://accelerando.com.au/
]