Data you don't store cannot be hacked!

BSidesDE 2015

Presented by: Michael Spurgeon
Date: Friday November 13, 2015
Time: 17:00 - 17:50
Location: Track 2

In this talk we will discuss how organizations can increase the security of their information and drastically reduce the risk of data breaches. These methods work in conjunction with encryption.

PII • Limit PII to a minimal amount of servers • Limit access to PII • Utilize unique IDs • No PII in transit • No PII as primary keys • Check those backups for PII

Payment Processing • Apple pay leads way • No servers with stored card numbers or banking info • No card numbers or banking info in transit • EMV is a joke

Know the LAW • What data requires breach disclosure in your HQ state • Are driver’s license numbers included • Educate leadership

Executive Support • Properly document an explain data manipulation • Security for 10 servers is cheaper than securing 100 • Don’t be a sitting duck

Michael Spurgeon

Michael Spurgeon, CISSP, CCNA, MCITP 11 years of experience in the following industries: Education Higher Ed Banking Manufacturing Industrial Restaurant Small Business Fortune 500 Dedicated to spreading awareness, helping organizations be more secure and changing the future of internet defense...


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats