Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Data Security @ the personal level
Search
Arnon Rotem-Gal-Oz
PRO
April 20, 2017
Technology
35
0
Share
Data Security @ the personal level
personal security briefing to employees (e.g for ISO 27001 compliance)
Arnon Rotem-Gal-Oz
PRO
April 20, 2017
More Decks by Arnon Rotem-Gal-Oz
See All by Arnon Rotem-Gal-Oz
Coding with AI
arnonrgo
PRO
0
20
Brownfield Architecture transformations
arnonrgo
PRO
0
160
Software architecture 101
arnonrgo
PRO
0
1.8k
Apache Spark - Overview
arnonrgo
PRO
0
54
Taking ML to production - a journey
arnonrgo
PRO
0
130
Topics in Distributed Systems
arnonrgo
PRO
0
44
Docker & Kubernetes
arnonrgo
PRO
0
35
Microservices it's deja vu all over again
arnonrgo
PRO
0
30
Big Data in the Cloud - Welcome to cost oriented design
arnonrgo
PRO
0
32
Other Decks in Technology
See All in Technology
AI時代に、 データアナリストがデータエンジニアに異動して
jackojacko_
0
1.1k
React Compiler導入の効果と運用の工夫
kakehashi
PRO
3
290
AWS WAFの運用を地道に改善し、自社で運用可能にするプラクティス
andpad
1
590
社内RAGの導入で気を付けたポイント
yakumo
1
130
Terragrunt x Snowflake + dbt で作るマルチテナントなデータ基盤構築プラットフォーム
gak_t12
0
500
実例から学ぶ GuardDuty(SSH BruteForce)調査の全体フローと勘所【SecurityJAWS】
cscengineer
PRO
0
150
Oracle AI Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
6
1.7k
可視化から活用へ — Mesh化・Segmentation・アライメントの研究動向
gpuunite_official
0
230
GitHub Copilot CLI で考える複数エージェント設計
tomokusaba
0
130
業務に残された「良くない型」で考える「TypeScriptの難しさ」
sajikix
2
650
10サービス以上のメール到達率改善を地道に継続的に進めている話 / Continue to improve email delivery rates across multiple services
yamaguchitk333
6
2.3k
How to learn AWS Well-Architected with AWS BuilderCards: Security Edition
coosuke
PRO
0
180
Featured
See All Featured
Site-Speed That Sticks
csswizardry
13
1.2k
The Cult of Friendly URLs
andyhume
79
6.9k
30 Presentation Tips
portentint
PRO
1
290
Color Theory Basics | Prateek | Gurzu
gurzu
0
310
A Tale of Four Properties
chriscoyier
163
24k
Optimizing for Happiness
mojombo
378
71k
Art, The Web, and Tiny UX
lynnandtonic
304
21k
Statistics for Hackers
jakevdp
799
230k
Context Engineering - Making Every Token Count
addyosmani
9
890
Chasing Engaging Ingredients in Design
codingconduct
0
190
The Language of Interfaces
destraynor
162
26k
Java REST API Framework Comparison - PWX 2021
mraible
34
9.3k
Transcript
Data Security (@ the personal level) Arnon Rotem-Gal-Oz
So what’s so important about “information security”?
Security is a real problem www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Information security? Not MY problem - IT should figure
it out
We’ve met the enemy and he is us
• Hardware • Software • People • Procedur es •
Data
Formal threat analysis The STRIDE model
Also see • OWASP https://www.owasp.org/ • https://www.owasp.org/index.php/Threat_Risk_Modeling#STRIDE • Common Criteria https://www.commoncriteriaportal.org/
Spoofing (of user identity) Tampering Repudiation Information
disclosure Denial of service Elevation of privilege
None
None
On the other hand…
None
None
Passwords
None
2016 is just as bad
None
None
Physical theft/loss
Protect your assets
Pay attention to email/text recipient address
Malware
It is up to you!
•Be mindful •Be careful who you trust •Secure your devices
•Report problems
arnonrgo
jackojacko_
kakehashi
andpad
yakumo
gak_t12
cscengineer
oracle4engineer
gpuunite_official
tomokusaba
sajikix
yamaguchitk333
coosuke
csswizardry
andyhume
portentint
gurzu
chriscoyier
mojombo
lynnandtonic
jakevdp
addyosmani
codingconduct
destraynor
mraible
