2:45pmKEYNOTE: "Worst. Security. Ever. - Avoid These Mistakes & Become an IT Superhero"

Presented by: Andrew Plato, President of Anitian Enterprise Security

Misguided efforts, poor prioritization, obsessive paranoia and outright lies from self proclaimed "experts" can create a toxic soup of trouble derailing your information security and compliance efforts. In this presentation, 15-year information security veteran Andrew Plato will discuss common mistakes, missteps and myths that can lead to bad decisions, insecure systems and unintended consequences. Plato will also show how to do things the right way, and become a Superhero for your IT team.

Topics include

• Immature technologies to avoid
• Compliance myths
• Lies vendors tell
• Which battles are worth fighting
• Why exotic threats and complex attacks present little practical risk

SPEAKER BIO:

Andrew M. Plato is the founder and President of Anitian Enterprise Security and its parent company Anitian Corporation. Mr. Plato founded Anitian in 1995 after a successful career as a software engineer, database developer, and technical writer.

Anitian is one of the oldest information security consultancies in the nation, serving over 1500 private and public organizations of all sizes. Mr. Plato has guided Anitian into this dominant position with a focused philosophy providing high-value expertise to customers.

Mr. Plato is known for his involvement developing the BlackICE Intrusion Prevention System from NetworkICE. From 1997-2000, Mr. Plato helped develop this revolutionary product, until Internet Security Systems (ISS) purchased NetworkICE in 2000. In 1999, Mr. Plato deployed one of the first in-line, line-speed IPSs in Seattle, WA.

Mr. Plato has overseen and actively participated in thousands of security projects. This includes organizational compliance and security assessments as well as the deployment and optimization of security and networking technologies. Mr. Plato routinely advises CIOs, CISOs, and other executives on matters of IT security and governance.

Mr. Plato is a highly sought speaker and trainer on information security issues, particularly on matters of infrastructure protection and IT governance. Mr. Plato has also authored dozens white papers, articles, and manuals on information security including “A Practical Guide to Intrusion Prevention Systems” and “Debunking 10 Myths of Information Security” and “The Perfect Worm: Human Risk Factors in Information Security” “10 Steps to PCI Compliance” and “Dwindling Resources: Maintaining IT Security in the Face of Downsizing.” Mr. Plato’s articles have appeared in Information Security magazine, TechTarget, CIO magazine and others. Mr. Plato has been quoted as an industry expert on MSNBC, CNBC, Fox News, TechTarget, Channel Insider and many other media outlets.

Mr. Plato regularly key notes at industry trade shows and information security events. Mr. Plato’s presentations are renowned for being both educational and highly entertaining. Since 2004, Mr. Plato has been a key note speaker at over 50 trade shows and events.

Mr. Plato is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Qualified Security Assessor (QSA) for PCI compliance and holds numerous other technical and industry certifications.

Mr. Plato serves as a member of numerous local and international security groups, including the Information Systems Security Association (ISSA).

Mr. Plato holds a Bachelor of Arts degree from the University of Arizona in English and resides in Portland, Oregon.

Please see the tabs below for additional seminars.

9:30am Maintaining Control & Compliance in Cloud Computing

The success of Software-as-a-service (SaaS) Cloud-based processes have fast become the next-generation SOA solutions for a number of today’s applications. Corporate acceptances of Cloud-based processes have moved beyond CRMs and Web Portals toward more traditional core business applications.

The introduction of these approaches into the traditional enterprise has definite business advantages, but also some serious governance, compliance and security implications. The "virtual" nature of Cloud removes many of the physical work-flow and control points to contain sensitive information. This session will provide details on the impact of Cloud on information security and the data-centric solutions for specific use-cases.

Takeaway Points:

·         What are the information risks in moving to the Cloud?

·         How can sensitive information be used within the Cloud?

·         What are the data-centric solutions for isolation of information in a Cloud?


Presented by: SafeNet

10:20am Optimize Virtual Machine Recovery

Virtual machine technology provides opportunities to optimize data and application recovery operations, but there are little known pitfalls every administrator should know about as they plan their backup and DR strategies.  This presentation will review those pitfalls and discuss solution options.

Presented by: InMage Systems

11:10am Next-Generation Data Center Efficiency

• Implement a secure multi-tenancy infrastructure across server, network, and storage.
• Lower your data center costs by as much as 50%.
• Centrally manage your network, servers, storage, and cloud through a unified architecture.
• Leverage cooperative services and support from Cisco, NetApp, VMware, and our open ecosystem of partners.

Presented by: Leverage Information Systems

1:00pm Stop Losing Sleep. How We Deal with Our Trickiest Availability Problems

104 systems, 900 users, 750 mobile devices, 250 servers, 5 TB of Data…0 Downtime!
One of the most challenging aspects of managing Alaskan Information Technology is maintaining continuous availability inside Alaska and connectivity with the outside. Using ACS as a case study, this session will provide an overview of best practices on how to design your IT operations from the ground up for speed, availability, reliability and continuity. Participants will understand:

• How multiple sites and components in Alaska are used for continuity
• How multiple network technologies and segments are used to drive business continuity
• How sites, applications and networks are managed to deliver continuity.
• Practical, actionable concepts that Alaskan IT managers can adopt TODAY to improve the reliability and availability of the services they offer to their users.

Presenter: Russell Girten, Vice President, Process Transformation & Information Technology


Presented by: Alaska Communication Systems

1:50pmRight SizingData De-Duplication

The next evolutionary step in backup technology has widely been regarded to be deduplication. The benefits are tangible and extremely practical: eliminating duplicate data in secondary storage archives can slash costs, streamline management tasks and minimize the bandwidth required to replicate data. In short, deduplication improves efficiency and saves money.

Each vendor lays claim to having the best approach to data deduplication, leaving customers to determine which factors are most important to their business. Companies must consider a number of key factors in order to select a data deduplication solution that actually delivers cost-effective, high-performance and scalable long-term data storage.

In this technical session we hope to assist customers with this task by showing them how to:

1.            Address the Principal Issue
2.            Assimilation with current environments
3.            Capacity planning
4.            Assess vendor capabilities
5.            Impacts on performance and scalability

Presented by: Xiologix