The document provides an introduction to cloud security, covering key aspects of cybersecurity such as types of security, goals of information security, and access control. It discusses vulnerabilities, threats, and risk analysis while emphasizing the importance of securing customer data and using cloud computing. The document concludes with best practices for cloud security, including using HTTPS, DNS filter, and multi-factor authentication.

1. Cloud security
Introduction
Achmad Mardiansyah

2. Agenda
● Cyber security
● Security incidents
● Cloud Computing
● Cloud Security
● Q & A
2

3. Cyber Security introduction
3

4. What is Cyber security
Cybersecurity is the art of protecting networks, devices, and data from
unauthorized access or criminal use and the practice of ensuring confidentiality,
integrity, and availability of information.
Security is a very subjective terms.
Every person has their own definition of security, that’s why there are many
standards in security
4

5. Types of Security
● Computer Security - generic name for the collection of tools designed to
protect data and to thwart hackers
● Network Security - measures to protect data during their transmission
● Internet Security - measures to protect data during their transmission over a
collec)on of interconnected networks
5

6. Goals of Information Security (CIA)
● Confidentiality. prevents
unauthorized use or
disclosure of information
● Integrity. safeguards the
accuracy and
completeness of
information
● Availability. authorized
users have reliable and
timely access to information
6

7. Access Control
● Ability to permit or deny the use of an object by a
subject.
● It provides 3 essential services (AAA):
○ Authentication and Identification (who can login)
■ What you know
■ What you have
■ What you are
○ Authorization (what authorized users can do)
○ Accountability (keep track what a user did)
7

8. Vulnerability
A weakness in security procedures,
network design, or implementation that can
be exploited to violate a corporate security
policy
● Software bugs
● Configuration mistakes
● Network design flaw
Exploit
● Taking advantage of a vulnerability
CVE: Common Vulnerability and Exposure
(https://cve.mitre.org)
8

9. Threat
Any circumstance or event with the potential to cause harm to a networked system
● Denial of service (DOS): make computer resources (e.g., bandwidth, disk
space, or CPU ) unavailable to its intended users
● Unauthorised access: Access without of permission issued by a rightul
owner of devices or networks
● Impersonation
○ Identity theft
● Worms
● Viruses
● Malware
9

10. The possibility that a particular vulnerability will be
exploited
Risk analysis is the process of identifying:
● security risks
● determining their impact
● and identifying areas require protection
Risk
10

11. Security incidents
11

12. Customer data security breach
● https://en.wikipedia.org/wiki/Data_breach
● Is your account safe?
12

13. CIA espionage (vault7)
● https://wikileaks.org/ciav7p1/cms/index.html
● https://techcrunch.com/2017/03/09/names-and-d
efinitions-of-leaked-cia-hacking-tools/
● https://wikileaks.org/ciav7p1/cms/files/2014%20
10%2023%20--%20EDG%20Testing%20White
%20Paper%20--%20Rev%20Draft%20B.docx
●
13

14. Telkom as ads injector
● Telkom injects ads on every http
request from customer
● Around 2013 - ?
● script
14

15. Cloud computing
15

16. Can you live without them?
16

17. So, everything is connected?
17

18. New paradigm: human netwwork
From computer network -> human network
18

19. Cloud computing (CC) is...
A concept of using the internet/network to provide Everything as a service (EaaS)
● New paradigm: sell services instead of products
● IaaS, Infrastructure as a Service (RAM, CPU, Storage)
● PaaS, Platform as a Service (frameworks)
● SaaS, Software as a Service (eg. Text editor, cpu, storage)
19

20. How to achieve cloud computing
● Distributed computing
● Grid computing
● virtualisation
20

21. Cloud computing type
21

22. CC in short...
● If want you need is a milk, why do you buy a cow?
● There is no cloud, it’s just someone else’s computer
22

23. Cloud Security
23

24. Put security on your cloud
● See previous slide…
●
24

25. Some examples
25

26. Use HTTPS
● Dont use HTTP based website
● Always use https when accessing
website
● HTTPS will encrypt traffic from
browser to web server
●
26

27. Use DNS redirector/filter
● Nawala (www.nawala.org)
● Opendns (https://www.opendns.com)
● Local DNS filter:
○ Can be embeded onto your network devices
○ Can be external: example: pi hole
(https://pi-hole.net)
27

28. Use script blocker (more control)
● This plugin will block scripts until
you allow it to be executed
● More control
28

29. Activate Multi Factor authentication (MFA / 2FA)
● Similar to math:
○ What is the factor of 18?
■ 1 and 18
■ 2 and 9
■ 3 and 6
● How many factors to authenticate yourself to website?
29
Single factor 2 factor

30. Check if your account has been breached
30

31. Vendor support
● Security incident
● Security updates
● Always communicate with vendor to make sure always get support for
security
●
31

32. summary
● The strength of security depends on the weakest link of the chains
● Always upgrade skill and knowledge
● Be humble when speak about security. Do not attract attention
32

33. QA
33

34. End of slides
● Thank you for your attention
●
34