Webinar topic: Cloud Security Introduction
Presenter: Achmad Mardiansyah
In this webinar series, We are discussing Cloud Security Introduction
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram
4. What is Cyber security
Cybersecurity is the art of protecting networks, devices, and data from
unauthorized access or criminal use and the practice of ensuring confidentiality,
integrity, and availability of information.
Security is a very subjective terms.
Every person has their own definition of security, that’s why there are many
standards in security
4
5. Types of Security
● Computer Security - generic name for the collection of tools designed to
protect data and to thwart hackers
● Network Security - measures to protect data during their transmission
● Internet Security - measures to protect data during their transmission over a
collec)on of interconnected networks
5
6. Goals of Information Security (CIA)
● Confidentiality. prevents
unauthorized use or
disclosure of information
● Integrity. safeguards the
accuracy and
completeness of
information
● Availability. authorized
users have reliable and
timely access to information
6
7. Access Control
● Ability to permit or deny the use of an object by a
subject.
● It provides 3 essential services (AAA):
○ Authentication and Identification (who can login)
■ What you know
■ What you have
■ What you are
○ Authorization (what authorized users can do)
○ Accountability (keep track what a user did)
7
8. Vulnerability
A weakness in security procedures,
network design, or implementation that can
be exploited to violate a corporate security
policy
● Software bugs
● Configuration mistakes
● Network design flaw
Exploit
● Taking advantage of a vulnerability
CVE: Common Vulnerability and Exposure
(https://cve.mitre.org)
8
9. Threat
Any circumstance or event with the potential to cause harm to a networked system
● Denial of service (DOS): make computer resources (e.g., bandwidth, disk
space, or CPU ) unavailable to its intended users
● Unauthorised access: Access without of permission issued by a rightul
owner of devices or networks
● Impersonation
○ Identity theft
● Worms
● Viruses
● Malware
9
10. The possibility that a particular vulnerability will be
exploited
Risk analysis is the process of identifying:
● security risks
● determining their impact
● and identifying areas require protection
Risk
10
19. Cloud computing (CC) is...
A concept of using the internet/network to provide Everything as a service (EaaS)
● New paradigm: sell services instead of products
● IaaS, Infrastructure as a Service (RAM, CPU, Storage)
● PaaS, Platform as a Service (frameworks)
● SaaS, Software as a Service (eg. Text editor, cpu, storage)
19
20. How to achieve cloud computing
● Distributed computing
● Grid computing
● virtualisation
20
26. Use HTTPS
● Dont use HTTP based website
● Always use https when accessing
website
● HTTPS will encrypt traffic from
browser to web server
●
26
27. Use DNS redirector/filter
● Nawala (www.nawala.org)
● Opendns (https://www.opendns.com)
● Local DNS filter:
○ Can be embeded onto your network devices
○ Can be external: example: pi hole
(https://pi-hole.net)
27
28. Use script blocker (more control)
● This plugin will block scripts until
you allow it to be executed
● More control
28
29. Activate Multi Factor authentication (MFA / 2FA)
● Similar to math:
○ What is the factor of 18?
■ 1 and 18
■ 2 and 9
■ 3 and 6
● How many factors to authenticate yourself to website?
29
Single factor 2 factor
31. Vendor support
● Security incident
● Security updates
● Always communicate with vendor to make sure always get support for
security
●
31
32. summary
● The strength of security depends on the weakest link of the chains
● Always upgrade skill and knowledge
● Be humble when speak about security. Do not attract attention
32