SlideShare a Scribd company logo

Introduction to Security (Hardware, Software, Data & Policies)

Amr Salah
Amr Salah

This is a 40 minutes about introduction to Security. In this session we will learn about security types (Hardware, Software, Data & Policies). We will learn by examples how to apply security in our work and how to secure our daily transactions like emails and phone calls.  Youtube Video by the end of the presentation https://www.youtube.com/watch?v=3aALFfu348U Link https://wp.me/p8BMmp-mA

Education
1 of 38
15 MINUTES TECHNOLOGY CATCH-UP Amr Salah Middleware & Cloud Expert
AMR SALAH MIDDLEWARE & CLOUD EXPERT • Computer Science, Mansoura University 2009 (CS) • 8+ years of experience in Middleware technologies • Middleware & Cloud Expert • Worked for (EG: Sumerge, Asset, Giza Systems, Egabi, SG: Pactera, NZ: Deloitte) • My Clients: Govt (SFD – Saudi, TEData – EG, CIB – EG, MOH – SG, etc.) • Certificates • Oracle SOA/ADF/BPM • AWS Solution Architect • Professional Scrum Master • Mulesoft Developer • More of experience in Security, Full stack development & CI/CD
People burn not because they do the same thing everyday, but because they forget WHY they do the same thing everyday!
SOFTWARE ENGINEERING PROCESSPost Questions http://sli.do - #T182 #Agile – Ask your question!
WE ALL ARE SOFTWARE ENGINEERS
SOFTWARE ENGINEERING PROCESS Software Engineering is the application of engineering to the development of software in a systematic method!
Integration & Microservices Agile Method Frameworks, Scrum & Roles Cloud Platforms, Services & Vendors Security Types, Policies & importance CryptoCurrency Blockchain, Trading
Security Hardware, Software, Data
SECURITY • Know as cyber security or IT security, is the protection of computer systems from the theft and damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide. It’s all about DATA DAMAGE BREACHCorruption
SECURITY • Know as cyber security or IT security, is the protection of computer systems from the theft and damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide. Hardware Security Software Security Data Security
DATA SECURITY - DATA
DATA SECURITY - DATA • Data is distinct pieces of information, usually formatted in a special way. All software is divided into two general categories: data and programs. Programs are collections of instructions for manipulating data. • Data can exist in a variety of forms
WHY DATA IS IMPORTANT
WHY DATA IS IMPORTANT
DATA SECURITY • protecting digital data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users, such as a cyberattack or a data breach.
DATA PROTECTION • Disk encryption • Software-based security solutions encrypt the data to protect it from theft. However, a malicious program or a hacker could corrupt the data in order to make it unrecoverable, making the system unusable. • Hardware-based security solutions can prevent read and write access to data and hence offer very strong protection against tampering and unauthorized access. (e.g. MFA) • Backups • Data masking • Data erasure • Data Encryption (Server/Client Side)
DATA PROTECTION DISK ENCRYPTION • Disk encryption: is a technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage.
DATA PROTECTION BACKUPS • Backup: the process of backing up, refers to the copying and archiving of computer data so it may be used to restore the original after a data loss event. The verb form is to back up in two words, whereas the noun is backup.
DATA PROTECTION DATA MASKING • Data masking: is the process of hiding original data with random characters or data.
DATA PROTECTION DATA ERASURE • Data erasure: (data clearing or data wiping) is a software-based method of overwriting the data that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by using zeros and ones to overwrite data onto all sectors of the device
DATA PROTECTION DATA ENCRYPTION • Server Side Encryption • HTTP/HTTPS – ex.sni. • End-to-End Client Side Encryption Encrypt-Decrypt Symmetric Private key HSM KMS
SYMMETRIC PRIVATE KEY Key: *.pem
HSM/KMS OPTIONAL Key: *.pem
DATA SECURITY QUESTIONS? http://sli.do - #T182
SOFTWARE SECURITY Computer security software or cybersecurity software is any computer program designed to enhance information security. The defense of computers against intrusion and unauthorized use of resources is called computer security. Similarly, the defense of computer networks is called network security.
A MALICIOUS ATTACK • A malicious attack is an attempt to forcefully abuse or take advantage of someone's computer, whether through computer viruses, social engineering, phishing, or other types of social engineering. Email - Web Content – Legitimate/reward Sites - File Downloads • Malware (Adware, Spyware, Trojan Horse, Crimeware, Viruses, Worms) • Social Engineering (Phishing, Baiting, Spam)
EMAIL PHISHING is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.
VULNERABILITIES By NIST
SOFTWARE SECURITY QUESTIONS? http://sli.do - #T182
HARDWARE SECURITY Thieves HW Damage 1. Hardware Protection: Cloud IAAS has to be protected from DAMAGE. security solutions can prevent read and write access to data and hence offer very strong protection against tampering and unauthorized access. (e.g. MFA). Data Corruption/Loss
HARDWARE SECURITY 2. Hardware Security Module (HSM): is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. • intrusion-resistant, tamper-evident, FIPS Validated • Self destruction • AWS CloudHSM • Microsoft KeyVault • Google Cloud Key management
SECURITY POLICIES COMPLIANCES Security Policies: is a definition of what it means to be secure for a system, organization or other entity. For an organization, it addresses the constraints on behaviour of its members as well as constraints imposed on adversaries by mechanisms such as doors, locks, keys and walls. Health Insurance Portability and Accountability Act Payment Card Industry Data Security Standard
SECURITY POLICIES COMPLIANCES PCI DSS (Payment Card Industry Data Security Standard) • Firewall at each internet Connection • Components protected from security vulnerabilities • Review Logs & Security Events • Protect Card Holder Data • Retain Audit history for at least 1 Year • Security Group, NACL • etc.
SECURITY- WHAT ELSE?
SECURITY Security Engineer • Network Security Engineer • Information Assurance Engineer • Information Security Engineer • Information Systems Security Engineer Digital Forensics
SECURITY QUESTIONS? http://sli.do - #T182
KEEP IN TOUCHKeep in touch Join slack.com & subscribe to our channel (#fciteam) https://dirtyhandsws.slack.com/ Send your email to Amr.salah.2010@gmail.com to add you to the list with the following pattern: Subject: #fciteam-Please Add Me

Recommended

Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud ComputingCloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud ComputingOpSource
 
Data security
Data securityData security
Data securitySoumen Mondal
 
Cyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCharles Cline
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Practical SME Security on a Shoestring
Practical SME Security on a ShoestringPractical SME Security on a Shoestring
Practical SME Security on a ShoestringNCC Group
 
06. security concept
06. security concept06. security concept
06. security conceptMuhammad Ahad
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 

Recommended

Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud ComputingCloud Security & Control: A Multi-Layer Approach to Secure Cloud Computing
Cloud Security & Control: A Multi-Layer Approach to Secure Cloud ComputingOpSource
 
Data security
Data securityData security
Data securitySoumen Mondal
 
Cyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCharles Cline
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Practical SME Security on a Shoestring
Practical SME Security on a ShoestringPractical SME Security on a Shoestring
Practical SME Security on a ShoestringNCC Group
 
06. security concept
06. security concept06. security concept
06. security conceptMuhammad Ahad
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Residency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiResidency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiSHIVA101531
 
Security architecture principles isys 0575general att
Security architecture principles isys 0575general attSecurity architecture principles isys 0575general att
Security architecture principles isys 0575general attSHIVA101531
 
Data protection and security
Data protection and securityData protection and security
Data protection and securitynazar60
 
Unit4 next
Unit4 nextUnit4 next
Unit4 nextIntegral university, India
 
Database Security
Database SecurityDatabase Security
Database SecurityRabiaIftikhar10
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDr. Loganathan R
 
Access control Week 1
Access control Week 1Access control Week 1
Access control Week 1jemtallon
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsNCC Group
 
Basic Security Concepts of Computer
Basic Security Concepts of ComputerBasic Security Concepts of Computer
Basic Security Concepts of ComputerFaizan Janjua
 
Information Security Overview
Information Security OverviewInformation Security Overview
Information Security OverviewSupriyaGaikwad28
 
Vaultize corp three-pager v14
Vaultize corp three-pager v14Vaultize corp three-pager v14
Vaultize corp three-pager v14Sameer (Sam) Vitkar
 
Brochure Imperva Vormetric
Brochure Imperva VormetricBrochure Imperva Vormetric
Brochure Imperva VormetricMichelle Guerrero Montalvo
 
U nit 4
U nit 4U nit 4
U nit 4Integral university, India
 
Advanced Data Center Security
Advanced Data Center SecurityAdvanced Data Center Security
Advanced Data Center Securitymanoharparakh
 
access-control-week-2
access-control-week-2access-control-week-2
access-control-week-2jemtallon
 
Unit4
Unit4Unit4
Unit4Integral university, India
 
Database security
Database securityDatabase security
Database securityMaryamAsghar9
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsGanbayar Sukhbaatar
 
Presentation1.pptx
Presentation1.pptxPresentation1.pptx
Presentation1.pptxchWaqasZahid
 
Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptxSofiyaKhan49
 

More Related Content

What's hot

Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Residency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiResidency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiSHIVA101531
 
Security architecture principles isys 0575general att
Security architecture principles isys 0575general attSecurity architecture principles isys 0575general att
Security architecture principles isys 0575general attSHIVA101531
 
Data protection and security
Data protection and securityData protection and security
Data protection and securitynazar60
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDr. Loganathan R
 
Access control Week 1
Access control Week 1Access control Week 1
Access control Week 1jemtallon
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsNCC Group
 
Basic Security Concepts of Computer
Basic Security Concepts of ComputerBasic Security Concepts of Computer
Basic Security Concepts of ComputerFaizan Janjua
 
Information Security Overview
Information Security OverviewInformation Security Overview
Information Security OverviewSupriyaGaikwad28
 
Advanced Data Center Security
Advanced Data Center SecurityAdvanced Data Center Security
Advanced Data Center Securitymanoharparakh
 
access-control-week-2
access-control-week-2access-control-week-2
access-control-week-2jemtallon
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsGanbayar Sukhbaatar
 

What's hot (20)

Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Residency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resiResidency research makeup project acme enterprise scenario resi
Residency research makeup project acme enterprise scenario resi
 
Security architecture principles isys 0575general att
Security architecture principles isys 0575general attSecurity architecture principles isys 0575general att
Security architecture principles isys 0575general att
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
 
Unit4 next
Unit4 nextUnit4 next
Unit4 next
 
Database Security
Database SecurityDatabase Security
Database Security
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Access control Week 1
Access control Week 1Access control Week 1
Access control Week 1
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security Threats
 
Basic Security Concepts of Computer
Basic Security Concepts of ComputerBasic Security Concepts of Computer
Basic Security Concepts of Computer
 
Information Security Overview
Information Security OverviewInformation Security Overview
Information Security Overview
 
Vaultize corp three-pager v14
Vaultize corp three-pager v14Vaultize corp three-pager v14
Vaultize corp three-pager v14
 
Brochure Imperva Vormetric
Brochure Imperva VormetricBrochure Imperva Vormetric
Brochure Imperva Vormetric
 
U nit 4
U nit 4U nit 4
U nit 4
 
Advanced Data Center Security
Advanced Data Center SecurityAdvanced Data Center Security
Advanced Data Center Security
 
access-control-week-2
access-control-week-2access-control-week-2
access-control-week-2
 
Unit4
Unit4Unit4
Unit4
 
Database security
Database securityDatabase security
Database security
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
CompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentalsCompTIA Security+ Module1: Security fundamentals
CompTIA Security+ Module1: Security fundamentals
 

Similar to Introduction to Security (Hardware, Software, Data & Policies)

Presentation1.pptx
Presentation1.pptxPresentation1.pptx
Presentation1.pptxchWaqasZahid
 
Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptxSofiyaKhan49
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3CCG
 
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024Michael Noel
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentityFredBrandonAuthorMCP
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyClickSSL
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1bora.gungoren
 
It security
It securityIt security
It securityavi2607
 
iaetsd Using encryption to increase the security of network storage
iaetsd Using encryption to increase the security of network storageiaetsd Using encryption to increase the security of network storage
iaetsd Using encryption to increase the security of network storageIaetsd Iaetsd
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptxTranVu383073
 
Cyber security event
Cyber security eventCyber security event
Cyber security eventTryzens
 
Top reasons why Endpoint Security should move to Cloud | Sysfore
Top reasons why Endpoint Security should move to Cloud | SysforeTop reasons why Endpoint Security should move to Cloud | Sysfore
Top reasons why Endpoint Security should move to Cloud | SysforeSysfore Technologies
 
Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreJoel Oleson
 
WHAT_IS_DATA_SECURITY_-_TYPES_STRATEGY_COMPLIANCE_AND_REGULATIONS.pdf
WHAT_IS_DATA_SECURITY_-_TYPES_STRATEGY_COMPLIANCE_AND_REGULATIONS.pdfWHAT_IS_DATA_SECURITY_-_TYPES_STRATEGY_COMPLIANCE_AND_REGULATIONS.pdf
WHAT_IS_DATA_SECURITY_-_TYPES_STRATEGY_COMPLIANCE_AND_REGULATIONS.pdfSprintzeal
 

Similar to Introduction to Security (Hardware, Software, Data & Policies) (20)

Presentation1.pptx
Presentation1.pptxPresentation1.pptx
Presentation1.pptx
 
Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptx
 
cscnapd.ppt
cscnapd.pptcscnapd.ppt
cscnapd.ppt
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3
 
Cyber tooth briefing
Cyber tooth briefingCyber tooth briefing
Cyber tooth briefing
 
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
IT Insecurity - Understanding the Threat of Modern Cyberattacks - DWCNZ 2024
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and Identity
 
Cyber tooth
Cyber toothCyber tooth
Cyber tooth
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1
 
It security
It securityIt security
It security
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
 
iaetsd Using encryption to increase the security of network storage
iaetsd Using encryption to increase the security of network storageiaetsd Using encryption to increase the security of network storage
iaetsd Using encryption to increase the security of network storage
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptx
 
Cyber security event
Cyber security eventCyber security event
Cyber security event
 
Top reasons why Endpoint Security should move to Cloud | Sysfore
Top reasons why Endpoint Security should move to Cloud | SysforeTop reasons why Endpoint Security should move to Cloud | Sysfore
Top reasons why Endpoint Security should move to Cloud | Sysfore
 
Encryption in the Cloud
Encryption in the CloudEncryption in the Cloud
Encryption in the Cloud
 
Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure Score
 
WHAT_IS_DATA_SECURITY_-_TYPES_STRATEGY_COMPLIANCE_AND_REGULATIONS.pdf
WHAT_IS_DATA_SECURITY_-_TYPES_STRATEGY_COMPLIANCE_AND_REGULATIONS.pdfWHAT_IS_DATA_SECURITY_-_TYPES_STRATEGY_COMPLIANCE_AND_REGULATIONS.pdf
WHAT_IS_DATA_SECURITY_-_TYPES_STRATEGY_COMPLIANCE_AND_REGULATIONS.pdf
 

More from Amr Salah

Integration & Microservices
Integration & Microservices Integration & Microservices
Integration & Microservices Amr Salah
 
Cryotocurrency & blockchain
Cryotocurrency & blockchainCryotocurrency & blockchain
Cryotocurrency & blockchainAmr Salah
 
ADF - eCertificate
ADF - eCertificateADF - eCertificate
ADF - eCertificateAmr Salah
 
Amr Salah - Senior Oracle FMW
Amr Salah - Senior Oracle FMWAmr Salah - Senior Oracle FMW
Amr Salah - Senior Oracle FMWAmr Salah
 
BPM_eCertificate
BPM_eCertificateBPM_eCertificate
BPM_eCertificateAmr Salah
 
Java enterprise paradise
Java enterprise paradiseJava enterprise paradise
Java enterprise paradiseAmr Salah
 
Journey to the center of the software industry world
Journey to the center of the software industry worldJourney to the center of the software industry world
Journey to the center of the software industry worldAmr Salah
 
Get That Job
Get That JobGet That Job
Get That JobAmr Salah
 
Java Presentation
Java PresentationJava Presentation
Java PresentationAmr Salah
 

More from Amr Salah (11)

Session
SessionSession
Session
 
Integration & Microservices
Integration & Microservices Integration & Microservices
Integration & Microservices
 
Cryotocurrency & blockchain
Cryotocurrency & blockchainCryotocurrency & blockchain
Cryotocurrency & blockchain
 
Agile
AgileAgile
Agile
 
ADF - eCertificate
ADF - eCertificateADF - eCertificate
ADF - eCertificate
 
Amr Salah - Senior Oracle FMW
Amr Salah - Senior Oracle FMWAmr Salah - Senior Oracle FMW
Amr Salah - Senior Oracle FMW
 
BPM_eCertificate
BPM_eCertificateBPM_eCertificate
BPM_eCertificate
 
Java enterprise paradise
Java enterprise paradiseJava enterprise paradise
Java enterprise paradise
 
Journey to the center of the software industry world
Journey to the center of the software industry worldJourney to the center of the software industry world
Journey to the center of the software industry world
 
Get That Job
Get That JobGet That Job
Get That Job
 
Java Presentation
Java PresentationJava Presentation
Java Presentation
 

Recently uploaded

CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 

Recently uploaded (20)

CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 

Introduction to Security (Hardware, Software, Data & Policies)

  • 1. 15 MINUTES TECHNOLOGY CATCH-UP Amr Salah Middleware & Cloud Expert
  • 2. AMR SALAH MIDDLEWARE & CLOUD EXPERT • Computer Science, Mansoura University 2009 (CS) • 8+ years of experience in Middleware technologies • Middleware & Cloud Expert • Worked for (EG: Sumerge, Asset, Giza Systems, Egabi, SG: Pactera, NZ: Deloitte) • My Clients: Govt (SFD – Saudi, TEData – EG, CIB – EG, MOH – SG, etc.) • Certificates • Oracle SOA/ADF/BPM • AWS Solution Architect • Professional Scrum Master • Mulesoft Developer • More of experience in Security, Full stack development & CI/CD
  • 3. People burn not because they do the same thing everyday, but because they forget WHY they do the same thing everyday!
  • 4. SOFTWARE ENGINEERING PROCESSPost Questions http://sli.do - #T182 #Agile – Ask your question!
  • 5.
  • 7. SOFTWARE ENGINEERING PROCESS Software Engineering is the application of engineering to the development of software in a systematic method!
  • 8. Integration & Microservices Agile Method Frameworks, Scrum & Roles Cloud Platforms, Services & Vendors Security Types, Policies & importance CryptoCurrency Blockchain, Trading
  • 10. SECURITY • Know as cyber security or IT security, is the protection of computer systems from the theft and damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide. It’s all about DATA DAMAGE BREACHCorruption
  • 11. SECURITY • Know as cyber security or IT security, is the protection of computer systems from the theft and damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide. Hardware Security Software Security Data Security
  • 13. DATA SECURITY - DATA • Data is distinct pieces of information, usually formatted in a special way. All software is divided into two general categories: data and programs. Programs are collections of instructions for manipulating data. • Data can exist in a variety of forms
  • 14. WHY DATA IS IMPORTANT
  • 15. WHY DATA IS IMPORTANT
  • 16. DATA SECURITY • protecting digital data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users, such as a cyberattack or a data breach.
  • 17. DATA PROTECTION • Disk encryption • Software-based security solutions encrypt the data to protect it from theft. However, a malicious program or a hacker could corrupt the data in order to make it unrecoverable, making the system unusable. • Hardware-based security solutions can prevent read and write access to data and hence offer very strong protection against tampering and unauthorized access. (e.g. MFA) • Backups • Data masking • Data erasure • Data Encryption (Server/Client Side)
  • 18. DATA PROTECTION DISK ENCRYPTION • Disk encryption: is a technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. It is used to prevent unauthorized access to data storage.
  • 19. DATA PROTECTION BACKUPS • Backup: the process of backing up, refers to the copying and archiving of computer data so it may be used to restore the original after a data loss event. The verb form is to back up in two words, whereas the noun is backup.
  • 20. DATA PROTECTION DATA MASKING • Data masking: is the process of hiding original data with random characters or data.
  • 21. DATA PROTECTION DATA ERASURE • Data erasure: (data clearing or data wiping) is a software-based method of overwriting the data that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by using zeros and ones to overwrite data onto all sectors of the device
  • 22. DATA PROTECTION DATA ENCRYPTION • Server Side Encryption • HTTP/HTTPS – ex.sni. • End-to-End Client Side Encryption Encrypt-Decrypt Symmetric Private key HSM KMS
  • 26. SOFTWARE SECURITY Computer security software or cybersecurity software is any computer program designed to enhance information security. The defense of computers against intrusion and unauthorized use of resources is called computer security. Similarly, the defense of computer networks is called network security.
  • 27. A MALICIOUS ATTACK • A malicious attack is an attempt to forcefully abuse or take advantage of someone's computer, whether through computer viruses, social engineering, phishing, or other types of social engineering. Email - Web Content – Legitimate/reward Sites - File Downloads • Malware (Adware, Spyware, Trojan Horse, Crimeware, Viruses, Worms) • Social Engineering (Phishing, Baiting, Spam)
  • 28. EMAIL PHISHING is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.
  • 31. HARDWARE SECURITY Thieves HW Damage 1. Hardware Protection: Cloud IAAS has to be protected from DAMAGE. security solutions can prevent read and write access to data and hence offer very strong protection against tampering and unauthorized access. (e.g. MFA). Data Corruption/Loss
  • 32. HARDWARE SECURITY 2. Hardware Security Module (HSM): is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. • intrusion-resistant, tamper-evident, FIPS Validated • Self destruction • AWS CloudHSM • Microsoft KeyVault • Google Cloud Key management
  • 33. SECURITY POLICIES COMPLIANCES Security Policies: is a definition of what it means to be secure for a system, organization or other entity. For an organization, it addresses the constraints on behaviour of its members as well as constraints imposed on adversaries by mechanisms such as doors, locks, keys and walls. Health Insurance Portability and Accountability Act Payment Card Industry Data Security Standard
  • 34. SECURITY POLICIES COMPLIANCES PCI DSS (Payment Card Industry Data Security Standard) • Firewall at each internet Connection • Components protected from security vulnerabilities • Review Logs & Security Events • Protect Card Holder Data • Retain Audit history for at least 1 Year • Security Group, NACL • etc.
  • 36. SECURITY Security Engineer • Network Security Engineer • Information Assurance Engineer • Information Security Engineer • Information Systems Security Engineer Digital Forensics
  • 38. KEEP IN TOUCHKeep in touch Join slack.com & subscribe to our channel (#fciteam) https://dirtyhandsws.slack.com/ Send your email to Amr.salah.2010@gmail.com to add you to the list with the following pattern: Subject: #fciteam-Please Add Me

Editor's Notes

  1. What is important is data storage and data sensitivity
  2. What is important is data storage and data sensitivity
  3. security solutions encrypt the data to protect it from theft. However, a malicious program or a hacker could corrupt the data in order to make it unrecoverable, making the system unusable.