Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Data Security @ the personal level
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Arnon Rotem-Gal-Oz
PRO
April 20, 2017
Technology
0
28
Data Security @ the personal level
personal security briefing to employees (e.g for ISO 27001 compliance)
Arnon Rotem-Gal-Oz
PRO
April 20, 2017
Tweet
Share
More Decks by Arnon Rotem-Gal-Oz
See All by Arnon Rotem-Gal-Oz
Coding with AI
arnonrgo
PRO
0
3
Brownfield Architecture transformations
arnonrgo
PRO
0
140
Software architecture 101
arnonrgo
PRO
0
1.7k
Apache Spark - Overview
arnonrgo
PRO
0
46
Taking ML to production - a journey
arnonrgo
PRO
0
120
Topics in Distributed Systems
arnonrgo
PRO
0
33
Docker & Kubernetes
arnonrgo
PRO
0
27
Microservices it's deja vu all over again
arnonrgo
PRO
0
26
Big Data in the Cloud - Welcome to cost oriented design
arnonrgo
PRO
0
23
Other Decks in Technology
See All in Technology
Frontier Agents (Kiro autonomous agent / AWS Security Agent / AWS DevOps Agent) の紹介
msysh
3
170
データの整合性を保ちたいだけなんだ
shoheimitani
8
3.1k
今日から始める Amazon Bedrock AgentCore
har1101
4
410
超初心者からでも大丈夫!オープンソース半導体の楽しみ方〜今こそ!オレオレチップをつくろう〜
keropiyo
0
110
AIエージェントを開発しよう!-AgentCore活用の勘所-
yukiogawa
0
170
配列に見る bash と zsh の違い
kazzpapa3
1
150
Sansan Engineering Unit 紹介資料
sansan33
PRO
1
3.9k
セキュリティについて学ぶ会 / 2026 01 25 Takamatsu WordPress Meetup
rocketmartue
1
300
外部キー制約の知っておいて欲しいこと - RDBMSを正しく使うために必要なこと / FOREIGN KEY Night
soudai
PRO
12
5.5k
制約が導く迷わない設計 〜 信頼性と運用性を両立するマイナンバー管理システムの実践 〜
bwkw
3
940
Bill One急成長の舞台裏 開発組織が直面した失敗と教訓
sansantech
PRO
2
380
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
3k
Featured
See All Featured
What’s in a name? Adding method to the madness
productmarketing
PRO
24
3.9k
End of SEO as We Know It (SMX Advanced Version)
ipullrank
3
3.9k
Ethics towards AI in product and experience design
skipperchong
2
190
The Curse of the Amulet
leimatthew05
1
8.6k
Principles of Awesome APIs and How to Build Them.
keavy
128
17k
My Coaching Mixtape
mlcsv
0
48
エンジニアに許された特別な時間の終わり
watany
106
230k
Designing Experiences People Love
moore
144
24k
Large-scale JavaScript Application Architecture
addyosmani
515
110k
For a Future-Friendly Web
brad_frost
182
10k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
7.9k
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
livdayseo
0
66
Transcript
Data Security (@ the personal level) Arnon Rotem-Gal-Oz
So what’s so important about “information security”?
Security is a real problem www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Information security? Not MY problem - IT should figure
it out
We’ve met the enemy and he is us
• Hardware • Software • People • Procedur es •
Data
Formal threat analysis The STRIDE model
Also see • OWASP https://www.owasp.org/ • https://www.owasp.org/index.php/Threat_Risk_Modeling#STRIDE • Common Criteria https://www.commoncriteriaportal.org/
Spoofing (of user identity) Tampering Repudiation Information
disclosure Denial of service Elevation of privilege
None
None
On the other hand…
None
None
Passwords
None
2016 is just as bad
None
None
Physical theft/loss
Protect your assets
Pay attention to email/text recipient address
Malware
It is up to you!
•Be mindful •Be careful who you trust •Secure your devices
•Report problems
arnonrgo
msysh
shoheimitani
har1101
keropiyo
yukiogawa
kazzpapa3
sansan33
rocketmartue
soudai
bwkw
sansantech
productmarketing
ipullrank
skipperchong
leimatthew05
keavy
mlcsv
watany
moore
addyosmani
brad_frost
eileencodes
livdayseo
