mobile security data encryption - apcert yogyakarta 24 sept 2013
DESCRIPTION
TRANSCRIPT
![Page 1: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/1.jpg)
01011000011001010110010110000110010101100011011101010111001000110111010101110010011001010101100110010101011010011010011011110110111001100101111101101110011001010101100001100101011001011000011001010110001101110101011100100011011101010111001001100101010110100110011001010101101001101111011011100110010111110110111001100101XecureIT © PT IMAN Teknologi Informasi
National Cyber Security WorkshopAPCERT-TWS, Yogyakarta, 24 September 2013
Mobile SecurityMobile SecurityData EncryptionData Encryption
![Page 2: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/2.jpg)
XecureIT
© P
T IM
AN T
ekno
logi
Info
rmas
i
Mobile Security – Data Encryption, APCERT-TWS 2013
Gildas Deograt Lumy, CISA, CISSP, ISO 27001 LAhttps://www.xecureit.com/gildasdeograt
● CTO & Senior Information Security Consultant in XecureIT as Consultant, Auditor,
Penetration PenTester, Researcher, Incident Handler and Expert Witness● Experiences
– 21 years in IT, 16 years direct experiences in Information Security– 25 years as social worker to take care homeless people and street children
● Speaker at various national and international events● Source for the press, such as Kompas, BBC Radio & MetroTV● Community Founder and Leader
– Komunitas Keamanan Informasi (KKI)– (ISC)2 Indonesia Chapter– Forum Keamanan Informasi (FORMASI)– Cyber Security Certified Professional (CSCP) Association
● Trainer of CISA, CISM, CISSP, Hacking Techniques & Defense Strategy
ISO27001 Implementation, etc.● Writer
– Information Systems Security Management Handbook (contributor)– CHIP, Infokom, etc
![Page 3: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/3.jpg)
© PT IMAN Teknologi Informasi XecureITMobile Security – Data Encryption, APCERT-TWS 2013
Agenda
1
2
3
4
5
6
Password Management
Disk Encryption
R U Sure U R Secure?
Instant Messaging Encryption
Email Encryption
The Information Security Weakest Link
![Page 4: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/4.jpg)
© PT IMAN Teknologi Informasi XecureITMobile Security – Data Encryption, APCERT-TWS 2013
R U Sure U R Secure?
![Page 5: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/5.jpg)
Security is Like a Chain...as Strong as The Weakest link
90% cyber security implementation is inconsistent... :’(
![Page 6: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/6.jpg)
© PT IMAN Teknologi Informasi XecureITMobile Security – Data Encryption, APCERT-TWS 2013
The Biggest Challenge is To Change The Mindset
“I feel convenience if... I use the good safety belt and helmet properly and
the car has the effective breaking system to go fast !”
![Page 7: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/7.jpg)
© PT IMAN Teknologi Informasi XecureITMobile Security – Data Encryption, APCERT-TWS 2013
Disk Encryption: TrueCrypt
● Install TrueCrypt● Create Container● Mount Volume● Change Volume Password and Key Files
![Page 8: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/8.jpg)
© PT IMAN Teknologi Informasi XecureITMobile Security – Data Encryption, APCERT-TWS 2013
Password Management: KeePass
● Install KeePass● Create Password Database● Secure The Database and The Key File
![Page 9: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/9.jpg)
© PT IMAN Teknologi Informasi XecureITMobile Security – Data Encryption, APCERT-TWS 2013
IM Encryption: OTR
● Install OTR● Generate Key● Initiate Encrypted Conversation● Verify Finger Print
![Page 10: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/10.jpg)
© PT IMAN Teknologi Informasi XecureITMobile Security – Data Encryption, APCERT-TWS 2013
Email Encryption: GPG
● Install Enigmail and GPG● Generate Key● Verify and Sign Key● Send Encrypted and Signed Email
![Page 11: Mobile security data encryption - apcert yogyakarta 24 sept 2013](https://reader034.vdocuments.net/reader034/viewer/2022042521/54b701c24a79595c3f8b456d/html5/thumbnails/11.jpg)
01011000011001010110010110000110010101100011011101010111001000110111010101110010011001010101100110010101011010011010011011110110111001100101111101101110011001010101100001100101011001011000011001010110001101110101011100100011011101010111001001100101010110100110011001010101101001101111011011100110010111110110111001100101XecureIT © PT IMAN Teknologi Informasi
THANK YOU !
PT. IMAN Teknologi Informasi"Security CARE, Our PASSION"
Consultancy.Assurance.Research.EducationCertified ISO 27001:2005 #IS586350
https://www.xecureit.com
XecureIT