Mobile security data encryption - apcert yogyakarta 24 sept 2013

01011000011001010110010110000110010101100011011101010111001000110111010101110010011001010101100110010101011010011010011011110110111001100101111101101110011001010101100001100101011001011000011001010110001101110101011100100011011101010111001001100101010110100110011001010101101001101111011011100110010111110110111001100101XecureIT © PT IMAN Teknologi Informasi

National Cyber Security WorkshopAPCERT-TWS, Yogyakarta, 24 September 2013

Mobile SecurityMobile SecurityData EncryptionData Encryption

XecureIT

© P

T IM

AN T

ekno

logi

Info

rmas

i

Mobile Security – Data Encryption, APCERT-TWS 2013

Gildas Deograt Lumy, CISA, CISSP, ISO 27001 LAhttps://www.xecureit.com/gildasdeograt

● CTO & Senior Information Security Consultant in XecureIT as Consultant, Auditor,

Penetration PenTester, Researcher, Incident Handler and Expert Witness● Experiences

– 21 years in IT, 16 years direct experiences in Information Security– 25 years as social worker to take care homeless people and street children

● Speaker at various national and international events● Source for the press, such as Kompas, BBC Radio & MetroTV● Community Founder and Leader

– Komunitas Keamanan Informasi (KKI)– (ISC)2 Indonesia Chapter– Forum Keamanan Informasi (FORMASI)– Cyber Security Certified Professional (CSCP) Association

● Trainer of CISA, CISM, CISSP, Hacking Techniques & Defense Strategy

ISO27001 Implementation, etc.● Writer

– Information Systems Security Management Handbook (contributor)– CHIP, Infokom, etc

© PT IMAN Teknologi Informasi XecureITMobile Security – Data Encryption, APCERT-TWS 2013

Agenda

1

2

3

4

5

6

Password Management

Disk Encryption

R U Sure U R Secure?

Instant Messaging Encryption

Email Encryption

The Information Security Weakest Link


R U Sure U R Secure?

Security is Like a Chain...as Strong as The Weakest link

90% cyber security implementation is inconsistent... :’(


The Biggest Challenge is To Change The Mindset

“I feel convenience if... I use the good safety belt and helmet properly and

the car has the effective breaking system to go fast !”


Disk Encryption: TrueCrypt

● Install TrueCrypt● Create Container● Mount Volume● Change Volume Password and Key Files


Password Management: KeePass

● Install KeePass● Create Password Database● Secure The Database and The Key File


IM Encryption: OTR

● Install OTR● Generate Key● Initiate Encrypted Conversation● Verify Finger Print


Email Encryption: GPG

● Install Enigmail and GPG● Generate Key● Verify and Sign Key● Send Encrypted and Signed Email

01011000011001010110010110000110010101100011011101010111001000110111010101110010011001010101100110010101011010011010011011110110111001100101111101101110011001010101100001100101011001011000011001010110001101110101011100100011011101010111001001100101010110100110011001010101101001101111011011100110010111110110111001100101XecureIT © PT IMAN Teknologi Informasi

THANK YOU !

PT. IMAN Teknologi Informasi"Security CARE, Our PASSION"

Consultancy.Assurance.Research.EducationCertified ISO 27001:2005 #IS586350

https://www.xecureit.com

XecureIT

Mobile security data encryption - apcert yogyakarta 24 sept 2013

Education

Transcript of Mobile security data encryption - apcert yogyakarta 24 sept 2013