Session Descriptions
| 9:00 - 9:20 am | Opening Address: Dr. Marc Hoit, Vice Chancellor of IT | Talley Ballroom |
| 11:45 - 12:45 pm | Afternoon Keynote Address: Secure Thinking - Jeff Crume, IBM | Talley Ballroom |
|
“Secure Thinking” looks at how to design a strong defense for a computer system by envisioning its failures from an attacker’s point of view. This session will prompt attendees to think critically, ask lots of questions and challenge all assumptions. Participants will learn what makes systems vulnerable time and time again. |
||
| Time | General Track | Presentation Room |
| 9:40 - 10:30 am | E-mail Retention - John Baines, NC State | Walnut Room |
| With university employees receiving hundreds of e-mails a day, maintaining these e-mails effectively and according to the university Public Records Schedule has become a nightmare. E-mail becomes a public record - property of the people of the state of North Carolina - when it involves information regarding university business. The university employee handling the e-mail is generally legally responsible for producing it to fulfill requests from the media for public records and from the courts for e-mail evidence. Come to this presentation to hear how a new authoritative OIT archival repository of e-mail will assist NC State employees, units and the Office of Legal Affairs in responding to requests for e-mail including public records requests, subpoenas and university litigation discovery requests. | ||
| 10:40 - 11:30 am | Identity & Access Management - What's in it for Me? - Mark Scheible, NC State | Walnut Room |
| The university needs to manage access to online information and services. This presentation highlights the many benefits of Identity and Access Management (IAM) by providing examples or “use cases” that show how a robust campus IAM infrastructure can help protect your identity data or enable Web-based applications to make appropriate authorization decisions on who should be allowed access. | ||
| 12:55 - 1:45 pm | Social Networking Survival Course - Tim Gurganus, NC State | Walnut Room |
| Social networks are great fun and can be advantageous to use, but individuals need to understand their complexities in order to protect their privacy and to prevent unauthorized access to their posted information. This presentation examines the security and privacy issues associated with using social networking sites like MySpace, Facebook and Twitter. Topics such as privacy management, malware, cyberstalking prevention, identity theft and social networking best practices will be covered. | ||
| 1:55 - 2:45 pm | Evolving Threats and Security Environment Challenges - Kevin Dean, Microsoft | Walnut Room |
| Do you chuckle when you see a Microsoft presentation on security? If you think Microsoft and security are mutually exclusive, then you will be surprised by what you will hear at this session. Much has changed since Windows XP was released in 2001. Come and learn why the Microsoft platform is the most secure environment on the market today. Kevin Dean will discuss the evolving threat landscape and today's increasingly challenging security environment. He will also discuss the Microsoft portfolio for security, including security products, solutions and resources to help you protect your computing environment. | ||
| Time | Technical Track | Presentation Room |
| 9:40 - 10:30 am | Security Features for Windows 7 & Server 2008 R2 - Kevin Dean, Microsoft | Blue Room |
| During this session, Kevin Dean will review the security portfolio and drill down specifically on the security features that are included in Windows 7 and Windows Server 2008 R2. He'll also discuss the many (free!) security tools and resources available to IT pros to support other users and protect the overall computing environment. | ||
| 10:40 - 11:30 am | Why there is no Assurance of Security on the Web- Michael Menefee, WireHead Security - (Session Canceled) | Blue Room |
| This session discusses critical Web application vulnerabilities tied to authentication and session management flaws as well as sound mitigation strategies. During this session, there will be a demonstration of some of the new man-in-the-middle attacks against authentication and session management, including an SSL man-in-the-middle demonstration. | ||
| 12:55 - 1:45 pm | Paradigm Shift - It's all about the Data - Who has it? Where is it? Who is using it? - Sean Lyons, McAfee | Blue Room |
| A comprehensive security plan must include measures to ensure data protection and mitigate data loss while also validating compliance. Come learn about the market trends, solutions and various approaches available in the marketplace. Learn more about the revolutionary hardware and software solutions available today that may alter your current approach to data protection and data loss prevention. Using just one tactic is not enough - it takes a combination of technologies, processes and procedures. This session looks at the latest technologies and approaches as well as their strengths and shortcomings. | ||
| 1:55 - 2:45 pm | eDiscovery - James Shook, EMC2 | Blue Room |
| The cost and risks associated with electronic discovery and open records requests are forcing enterprises to grapple with a critical challenge: effectively managing the explosion of electronic information. In this session, James Shook will discuss various requirements that impact an enterprise's electronic information; share best practices and projects for effectively managing that information; and review effective processes for finding, collecting and processing information to meet legal e-discovery and open records requirements. | ||
| Time | Mixed Track (General and Technical Presentations) | Presentation Room |
| 9:40 - 10:30 am | Enterprise Security - Tim Bock, Dell | Brown Room |
| Many organizations have confidential data leakage due to stolen, lost, failed or decommissioned hard disk drives (HDDs), storage subsystems and servers. Tim Block will discuss how these threats have increased regulations compliance in the PCI - Payment Card Industry (PCI), Sarbanes Oxley (SOX) Act, and the Health Insurance Portability and Accountability Act (HIPPA). | ||
| 10:40 - 11:30 am | Understanding and Managing Privacy - Dr. Julie Earp, NC State | Brown Room |
| Computer networks, such as the Internet, have become an integral part of our lives today, and these networked resources introduce numerous threats to information security and privacy. Ignoring these issues can endanger data integrity and expose critical information to damage or theft. This session will provide information crucial to surviving the privacy landscape of today’s digital world. The goal of the session will be to provide information necessary to assess and manage information privacy. Recent incidents will provide insight to help address the challenges of user safety and privacy in our networked world. | ||
| 12:55 - 1:45 pm | Emerging Security Technologies - Tim Bock, Dell | Brown Room |
| Dell strives to be an industry leader in the area of information security by participating in industry forums, partnering with other industry leaders to develop innovative programs and sharing its experience and techniques developed to secure one of the largest infrastructures in the world. During this session, Tim Bock will discuss the security of Dell's hardware platforms, Security Development Lifecycle (SDL), Supply Chain Security, Physical Systems Protection and Dell Partners. | ||
| 1:55 - 2:45 pm | What is Information Rights Management? - Scott Thobe, Oracle | Brown Room |
| Oracle Information Rights Management (IRM) is a new form of information security technology that secures and tracks sensitive digital information everywhere it is stored and used. Conventional information management products only manage documents, e-mail and Web pages while they remain stored within server-side repositories. Oracle Information Rights Management uses encryption to extend the management of information beyond the repository – to every copy of an organization’s most sensitive information, everywhere it is stored and used – on end user desktops, laptops and mobile wireless devices, in other repositories, and inside and outside the firewall. Come learn about Oracle IRM! | ||