Nobody Gives A Shit About Cyber Security Transcript nobody gives a shit about cyber security honestly nobody care I think partly it’s cause the messaging is terrible but cyber security experts tell us what to do but they don’t really explain why and what they tell us to do is hard to do it’s cumbersome and time consuming hopefully I can fix that the No. 1 thing everyone tells us to do is to enable multi factor authentication now every time you sign in having to get an SMS code or use your authenticator app to get a code slows you down it’s just annoying introducing the hardware security key so not many people speak about or use these devices I plug this into my laptop and every time I log in I simply touch it it takes a second this means that anyone trying to hack me would need my password and would need to get this now that’s not impossible hackers could come to my house and take it but we have the police for that and that’s much more difficult and time consuming than sending out a fishing email this one thing will protect you against most cyber attacks if you click the link in a fishing email they might get your password but they’re not gonna get this very very simple security effortless to employ and it doesn’t take any extra time the next one is using a password manager so everyone wants to have 1 password for everything so if you use that password for everything that’s great super simple but let’s say you use your password to book a haircut at your hairdresser and my barber’s okay with cutting hair he’s probably terrible with cybersecurity if he gets hacked the hackers are gonna have my email address and my password that’s used everywhere they’re gonna go from there directly into my email and then probably try to get into my bank using a password manager means that I have one password that unlocks my password manager and then it types all of my passwords for me so all of my passwords apart from the one that I need to remember a super complex 20 something characters streams of numbers letters and characters on my phone and my computer I have my password manager installed half the time I log into that and it types all my passwords for me so actually saves me time these two things are pretty much the main point that will stop you from getting hacked if you do want any other help especially if you want a cloud security order for your business on your cloud reach out to Aviato Consulting will happily help you with that one but try these as well this one’s called a UBQ you can Google it it costs about $100 and will save you a ton of headache thanks
Video Posts
A collection of our video posts with transcripts where available, talking about all things Google Cloud, Cyber Security, App Development, and AI.
Video Post: Getting Started With Google Cloud
Getting Started With Google Cloud Transcript getting started with Google Cloud can seem overwhelming at first as with any cloud there are a lot of services that you can use and each has configuration options that can get you into trouble when I worked at Google Cloud I helped some of the biggest brands in Australia set up their cloud environments and I’ll give you a few tips that I learnt from doing that the first thing you wanna do is enable some structure trading an organisation and then creating folders in the organisation to keep projects organised and allow to give groups of users permissions to do things to those projects for example putting all the development projects in a folder called development and giving developers access to those and then having all of the production projects in a production folder maybe without access for developers or for other groups of people once you have the folder set up you need to set up identity and access management so as I kind of touched on that’s creating a group putting developers in the group and then giving that group access to the folder that contains the projects that developers need to work on to do their jobs we may not wanna give them access to the production folder at all or maybe we only give them read only access this is a super simple example and we can nest folders and get much more complex with it and any environment that we’re talking about is gonna have more complexity than that this is a simple explanation now we wanna start talking about organisational policies we’ve got a group of developers that got access to their projects and development folder that we still don’t wanna do anything silly like putting a cloud storage bucket on the internet so that anyone can see what our files are even if those are development mocked data having a data breach is not gonna be good in the headlines there’s a ton of all policies and each one of them needs to be configured and this one example appear for the cloud storage bucket we may need an exception for the public facing internet to be on the internet once we have all this set up we kinda wanna make sure that we’re managing with code if a developer does request that a cloud storage bucket be put on the internet we wanna see who requested that and why and track those changes the logical step here is using infrastructure as code we use Terraform the same as the best practice at Google Cloud that Google had professional services used when I was there and we can do the same for your business in 5 days excluding any complex networking some people are spending much longer on this and it’s really not that complex if this sounds too complex do reach out we’ve done this when working at Google so we know the best practices and we know how to set you up securely so that your business can scale on Google Cloud thank you