Data Security @ the personal level

Arnon Rotem-Gal-Oz

April 20, 2017

27

Data Security @ the personal level

personal security briefing to employees (e.g for ISO 27001 compliance)

Arnon Rotem-Gal-Oz

April 20, 2017

Tweet

More Decks by Arnon Rotem-Gal-Oz

See All by Arnon Rotem-Gal-Oz

0

23

Brownfield Architecture transformations

0

120

Software architecture 101

0

1.5k

Apache Spark - Overview

0

44

Taking ML to production - a journey

0

120

Topics in Distributed Systems

0

31

Docker & Kubernetes

0

24

Microservices it's deja vu all over again

0

25

Big Data in the Cloud - Welcome to cost oriented design

0

20

Other Decks in Technology

See All in Technology

マーケットプレイス版Oracle WebCenter Content For OCI

oracle4engineer

3

910

GitHub Copilot の概要

1

140

rubygem開発で鍛える設計力

2

220

Snowflake Summit 2025 データエンジニアリング関連新機能紹介 / Snowflake Summit 2025 What's New about Data Engineering

0

330

SpringBoot x TestContainerで実現するポータブル自動結合テスト

0

100

解析の定理証明実践＠Lean 4

0

180

Javaで作る RAGを活用した Q＆Aアプリケーション

recruitengineers

1

120

使いたいMCPサーバーはWeb APIをラップして自分で作る #QiitaBash

0

960

Should Our Project Join the CNCF? (Japanese Recap)

0

130

mrubyと micro-ROSが繋ぐロボットの世界

2

360

【TiDB GAME DAY 2025】Shadowverse: Worlds Beyond にみる TiDB 活用術

0

1.1k

Github Copilot エージェントモードで試してみた

0

110

Featured

See All Featured

30

14k

Faster Mobile Websites

307

31k

Code Review Best Practice

68

18k

10 Git Anti Patterns You Should be Aware of

657

60k

Writing Fast Ruby

628

62k

37

3.5k

Adopting Sorbet at Scale

77

9.4k

How to Think Like a Performance Engineer

24

1.7k

Improving Core Web Vitals using Speculation Rules API

sergeychernyshev

17

950

[RailsConf 2023] Rails as a piece of cake

55

5.6k

Sharpening the Axe: The Primacy of Toolmaking

44

2.4k

CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again

161

15k

Transcript

Data Security   (@ the personal level) Arnon Rotem-Gal-Oz
So what’s so important about “information security”?
Security is a real problem www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Information security?   Not MY problem - IT should figure
it out
We’ve met the enemy and he is us
• Hardware • Software • People • Procedur es •
Data
Formal threat analysis   The STRIDE model      
Also see • OWASP https://www.owasp.org/ • https://www.owasp.org/index.php/Threat_Risk_Modeling#STRIDE • Common Criteria https://www.commoncriteriaportal.org/
Spoofing (of user identity)   Tampering   Repudiation   Information
disclosure   Denial of service   Elevation of privilege
None
None
On the other hand…
None
None
Passwords
None
2016 is just     as bad
None
None
Physical theft/loss
Protect your assets
Pay attention to email/text recipient address
Malware
It is up to   you!
•Be mindful •Be careful who you trust •Secure your devices
•Report problems