Data Security @ the personal level

Arnon Rotem-Gal-Oz PRO

April 20, 2017

28

Data Security @ the personal level

personal security briefing to employees (e.g for ISO 27001 compliance)

Arnon Rotem-Gal-Oz PRO

April 20, 2017

Tweet

More Decks by Arnon Rotem-Gal-Oz

See All by Arnon Rotem-Gal-Oz

PRO

0

3

Brownfield Architecture transformations

PRO

0

140

Software architecture 101

PRO

0

1.7k

Apache Spark - Overview

PRO

0

46

Taking ML to production - a journey

PRO

0

120

Topics in Distributed Systems

PRO

0

33

Docker & Kubernetes

PRO

0

27

Microservices it's deja vu all over again

PRO

0

26

Big Data in the Cloud - Welcome to cost oriented design

PRO

0

23

Other Decks in Technology

See All in Technology

OCI Database Management サービス詳細

oracle4engineer

PRO

1

7.4k

【Oracle Cloud ウェビナー】[Oracle AI Database + AWS] Oracle Database@AWSで広がるクラウドの新たな選択肢とAI時代のデータ戦略

oracle4engineer

PRO

2

150

変化するコーディングエージェントとの現実的な付き合い方〜Cursor安定択説と、ツールに依存しない「資産」〜

4

1.4k

フルカイテン株式会社エンジニア向け採用資料

0

10k

クレジットカード決済基盤を支えるSRE - 厳格な監査とSRE運用の両立 (SRE Kaigi 2026)

6

2.8k

データの整合性を保ちたいだけなんだ

8

3.1k

10Xにおける品質保証活動の全体像と改善 #no_more_wait_for_test

PRO

2

290

レガシー共有バッチ基盤への挑戦 - SREドリブンなリアーキテクチャリングの取り組み

0

220

Sansan Engineering Unit 紹介資料

PRO

1

3.9k

登壇駆動学習のすすめ — CfPのネタの見つけ方と書くときに意識していること

3

110

SREチームをどう作り、どう育てるか ― Findy横断SREのマネジメント

0

270

Frontier Agents (Kiro autonomous agent / AWS Security Agent / AWS DevOps Agent) の紹介

3

170

Featured

See All Featured

The Curious Case for Waylosing

0

240

Leveraging Curiosity to Care for An Aging Population

1

160

How to Ace a Technical Interview

281

24k

Building Applications with DynamoDB

96

6.9k

Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI

0

66

The B2B funnel & how to create a winning content strategy

PRO

1

270

41

3.8k

ピンチをチャンスに：未来をつくるプロダクトロードマップ #pmconf2020

128

55k

Intergalactic Javascript Robots from Outer Space

273

27k

Reflections from 52 weeks, 52 projects

356

21k

From Legacy to Launchpad: Building Startup-Ready Communities

0

140

Game over? The fight for quality and originality in the time of robots

1

120

Transcript

Data Security   (@ the personal level) Arnon Rotem-Gal-Oz
So what’s so important about “information security”?
Security is a real problem www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Information security?   Not MY problem - IT should figure
it out
We’ve met the enemy and he is us
• Hardware • Software • People • Procedur es •
Data
Formal threat analysis   The STRIDE model      
Also see • OWASP https://www.owasp.org/ • https://www.owasp.org/index.php/Threat_Risk_Modeling#STRIDE • Common Criteria https://www.commoncriteriaportal.org/
Spoofing (of user identity)   Tampering   Repudiation   Information
disclosure   Denial of service   Elevation of privilege
None
None
On the other hand…
None
None
Passwords
None
2016 is just     as bad
None
None
Physical theft/loss
Protect your assets
Pay attention to email/text recipient address
Malware
It is up to   you!
•Be mindful •Be careful who you trust •Secure your devices
•Report problems