Detailed Program Information

E-Mail Room Open - sponsored by Gateway, An EDUCAUSE Gold Partner

Session Details

Breakfast
Sponsored by Citadel Security Software

Session Details

Registration Desk Open

Session Details

Welcome and Introductions

Session Details

Speaker(s)

• Kenneth J. Klingenstein, Director, Internet2 Middleware and Security, Internet2
• Mark Luker, Telecommunications Policy Specialist-NTIA, United States Department of Commerce
• Connie J. Sadler, Information Technology Security Officer, Lucile Packard Children's Hospital
• John J. Suess, Vice President of Information Technology/CIO, University of Maryland, Baltimore County

Winning the Battle Against Cyber Criminals

Session Details

Speaker(s)

• Dan Larkin, Unit Chief, Internet Crime Complaint Center, Federal Bureau of Investigation

Abstract

The federal government’s Internet Crime Complaint Center (I3C) tackles a range of criminal schemes on the Internet, including spam, phishing, spoofed or hijacked bank accounts, cyber extortion, computer intrusions, and economic espionage. To address the rapidly changing face of crime on the Internet, however, the I3C needs the cooperation of industry and partnerships with academia.

• View Session Resources

Refreshment Break and Corporate Displays

Session Details

Aladdin Knowledge Systems

Session Details

Abstract

Aladdin is a global leader in digital security, providing solutions for enterprise security since 1985. Aladdin eToken provides cost-effective strong user authentication and password management solutions. It provides enhanced security and ensures safe information access, improved password and ID management, and secure mobility of digital credentials/certificates and keys. For more information, visit www.Aladdin.com/eToken.

Caymas Systems and The Upper Canada District School Board - Expanding Online Access While Improving Security

Session Details

Speaker(s)

• Rob Barnett, Regional Manager, Caymas Systems
• Steve Schall, Director, Caymas Systems

Abstract

The Upper Canada District School Board's new Web-centric infrastructure supports all services, communication, and collaboration among its one hundred schools. Hear how thousands of teachers, principals, students, and parents are accessing UCDSB's portal, content management, and e-mail systems, data warehouse, and management dashboard—from any location, affordably—without compromising network security.

Citadel Security Software - Vulnerability Management and Policy Enforcement Solutions

Session Details

Speaker(s)

• Constantin Adiaconitei, Senior Security Engineer, Citadel Security Software

Abstract

Citadel Security Software delivers security solutions that enable organizations to manage risk, reduce threats, and enforce compliance with security policies and regulations. Citadel solutions are used across the Department of Defense, at the Veterans Administration, and within other government, commercial, and educational organizations.

Cybertrust

Session Details

Speaker(s)

• Mark Shapiro, Business Development, Cybertrust

EDUCAUSE/Internet2 Computer and Network Security Task Force

Session Details

Speaker(s)

• Joy R. Hughes, CIO & Vice President, Information Technology, George Mason University
• John J. Suess, Vice President of Information Technology/CIO, University of Maryland, Baltimore County

Abstract

Stop by the Security Task Force table to learn more about task force initiatives, resources, and how you can get involved.

Elemental Security

Session Details

Abstract

Elemental is an award-winning pioneer in the enterprise information security market. Elemental’s products address the need to centrally manage the security risks of all computers in the enterprise. Elemental provides unified visibility and control to manage dynamic computing environments, enabling enterprises to manage their security policies and risk and measurably improve their security.

Force10 Networks

Session Details

Speaker(s)

• Kevin Tso, Security Product Manager, Force10 Networks

Abstract

Force10 Networks is a pioneer in building and securing high-performance Gigabit and 10 Gigabit Ethernet networks. Leveraging a unique hybrid architecture, the Force10 P-Series is the first intrusion prevention system in the industry to deliver inline protection without compromising network performance, even at speeds up to 10 Gbps.

GeoTrust, Inc. - Online Security, Privacy, and Identity Management in a Networked Campus Environment

Session Details

Abstract

This display will demonstrate how GeoTrust solutions can help institutions of higher education maintain reliable, redundant, and highly secure network environments to protect sensitive data, share intellectual property, and promote business efficiencies. GeoTrust will demonstrate its specific solutions for higher education, including managed SSL certificates, two-factor authentication, S/MIME, and Certified Transcript Services.

Guidance Software

Session Details

Abstract

Guidance Software EnCase(r) solutions enable educational institutions, corporations and government agencies to conduct effective investigations of all types and take decisive action in response to external attacks. Considered the leader in computer forensics, EnCase has been validated by numerous courts, and has received many top security awards from major publications.

Impulse Point, LLC, An EDUCAUSE Bronze Partner - IT Security Preventative Measures Protect Your Network

Session Details

Speaker(s)

• Jennifer Ireland, Business Development Manager, Impulse Point
• Dennis A. Muley, President, Impulse Point

Abstract

The best defense against security threats and outbreaks is to maintain up-to-date IT security preventative measures. Safe.Connect automates authentication of student computing devices and enforces antivirus, antispyware, and Microsoft security patch policies. The result is an easily integrated, reliable, secure, and affordable infrastructure.

iPolicy Networks

Session Details

Speaker(s)

• Don Woodlief, Sr. Corporate Account Manager, iPolicy Networks

Abstract

An integrated network security product company, iPolicy Networks empowers customers to address constantly emerging threats through its intrusion prevention firewall appliances that use a deep-packet, single-pass architecture for real-time security at extremely high speeds without impacting performance. Its scalable management provides consistent security enforcement across the network.

Lancope

Session Details

Speaker(s)

• Rob Dragon, Account Manager, Lancope
• Kevin Sparks, Security Engineer, Lancope

Abstract

Lancope is a pioneer and market leader in network behavior analysis (NBA) and response solutions that defeat zero-day worms, internal network misuse, and other anomalies that threaten network integrity. Lancope’s award-winning StealthWatch cost-effectively protects 200+ enterprise customers by integrating security and network management to secure internal networks.

Mirapoint, An EDUCAUSE Silver Partner - Strategies for a Secure University Messaging Infrastructure

Session Details

Speaker(s)

• Mark Johnson, Regional Sales Manager, Mirapoint
• Brian McDevitt, Vice President, Western Area, Mirapoint
• Tyler Olson, Systems Engineer, Mirapoint

Abstract

Long-term e-mail growth and security are becoming common university problems. How does your university handle these issues? This session will address both issues, highlighting Wayne State University's strategy for consolidating messaging and security investments that emphasizes scalability and productivity, keeping security top of mind.

thawte - Reduce the Red Tape and Cost of SSL Certificate Issuance

Session Details

Speaker(s)

• Kevin Brown, Partner Account and Research Manager, thawte
• Roland Williams, Account Manager, SPKI Business Solutions, thawte

Abstract

The Starter PKI Program from thawte enables companies both small and large that require multiple security certificates to manage their certificate needs without the red tape usually associated with this process. It helps organizations improve their IT and business process by centralizing the management of their certificates in a cost-effective and less time-consuming manner.

Automated Network Isolation at Indiana University

Session Details

Speaker(s)

• David Greenberg, Security Engineer, Indiana University
• Session convener: Richard H. Gadsden, Information Security Officer, Medical University of South Carolina

Abstract

This presentation will describe the recent network isolation mechanism put in place at Indiana University. The project provides a means of automatically or manually isolating a device by IP address on the university network by propagating null routes for the device via the Border Gateway Protocol.

• View Session Resources

Effective Implementations of a Security Program and Security Plan

Session Details

Speaker(s)

• Gary DeClute, Information Technology Policy Consultant, University of Wisconsin-Madison
• Tim Flynn, IT Security Manager, Illinois State University
• Scott A. Genung, Director of Telecommunications and Networking, Illinois State University
• Stefan Wahe, IT Security Officer, University of Wisconsin-Madison
• Session convener: Merri Beth Lavagnino, Chief Information Policy Officer, Indiana University System

Abstract

The University of Wisconsin-Madison is implementing a prototype Information Technology Security Program focusing initially on governance, procedures, and training. Illinois State University is in the midst of implementing a campus-wide security plan and has learned much from these experiences. Although these programs focus on different aspects of security management, they greatly complement each other.

• View Session Resources

Forensic Overview

Session Details

Speaker(s)

• Jeffrey Savoy, Information Security Officer, University of Wisconsin-Madison
• Session convener: Blake Penn, Senior Security Consultant, Trustwave

Abstract

The development of a computer forensic response capability can be a useful campus resource. This session will discuss the proper way to preserve fragile digital evidence and common evidence analysis techniques and tools, all framed with real-life incidents where possible.

• View Session Resources

Defining the Security Domain

Session Details

Speaker(s)

• Marilu Goodyear, ECAR Fellow and Chair, Department of Public Administration, University of Kansas
• John H. Louis, Assistant Vice Provost for Information Services, University of Kansas
• Session convener: Carmen R. Cintron-Ferrer, MIS Director, Universidad del Sagrado Corazón

Abstract

An important part of writing a security policy is defining who and what it applies to. In a campus environment, it is difficult to define which users and devices are part of the institution and take into account how they are connected. An outline for defining security domains for institutions will be presented.

• View Session Resources

Information Security Strategy for Higher Education

Session Details

Speaker(s)

• David C. Kovarik, Director of Information and Systems Security/Compliance, Northwestern University
• Session convener: Robert J. Kalal, Retired Director, Information Technology Policy & Services, The Ohio State University

Abstract

Northwestern University adopted a strategy that enables it to conduct its business in a secure manner. Key to its success is the effective use of existing resources, leveraging the knowledge and experience of senior administration, faculty, and staff, coupled with a cross-forum network of individuals with security administration responsibilities.

• View Session Resources

Eliminating Spam, Viruses, and Outbound Compliance Risks in the Collegiate IT Environment

Session Details

Speaker(s)

• Sean Wilcox, Senior Product Marketing Manager, Proofpoint, Inc.
• Sallie Wright, Assistant Vice President for Information Technology, University of Alabama at Birmingham
• Session convener: Bradford Ridley, Director, IT Policy, Planning &Risk Management, University of Massachusetts Central Office

Abstract

The session will discuss the issues Oklahoma State University faced regarding unsolicited and other inbound e-mail threats and the process undertaken to solve the problem, as well as best practices in determining institutional needs, vendor selection, and solution deployment.

• View Session Resources

Lunch and Roundtable Discussions
Sponsored by Sendmail, Inc.

Session Details

Awareness and Training

Session Details

Botnets

Session Details

Data Classification and Confidentiality

Session Details

Data Incident Disclosure Laws

Session Details

Identity Management

Session Details

Incident Response

Session Details

Instant Messaging

Session Details

Mentoring and Professional Development

Session Details

Network Access Control

Session Details

Policy and Legal Issues

Session Details

ResNets

Session Details

Return on Investment

Session Details

Risk Management

Session Details

Security Product Evaluation

Session Details

Social Networking (facebook.com)

Session Details

VOIP Security

Session Details

Wireless Security

Session Details

RINGS: Open Source Device Registration and Security

Session Details

Speaker(s)

• Dustin Brown, Software Engineer, University of Kansas
• Session convener: Christopher Misra, Information Security Officer, University of Massachusetts Amherst

Abstract

RINGS provides a complete open source system that scales to the entire campus. This system includes layered security, DHCP services, device registration, account management, security notifications, device security, and an administrator interface that provides tools to technicians, management, and IT security they need to get their job done effectively.

• View Session Resources

Wireless Security Strategies and Challenges

Session Details

Speaker(s)

• David R. Morton, Director, Mobile Communications, University of Washington
• Session convener: Andrea Di Fabio, Information Security Officer, Norfolk State University

Abstract

This session will explore issues related to wireless LAN security, from a brief overview of existing techniques (WEP/WPA) to a more in-depth look at the use of 802.1x for access control and encryption. We'll also explore the opportunities and challenges presented by voice over WLAN, Mesh, and other issues.

• View Session Resources

Kick-Starting Forensics at Your School

Session Details

Speaker(s)

• Joseph Bazeley, Information Security Officer, Miami University
• David J. Bowie, Senior Security Analyst, Boston College
• Session convener: Carmen R. Cintron-Ferrer, MIS Director, Universidad del Sagrado Corazón

Abstract

Learn the basics of what you should consider while putting together a forensics capability when funds are limited and how to apply forensic methodologies to rapidly correlate multiple simultaneous incidents via the “forensics in fifteen minutes” procedures.

• View Session Resources

Two Approaches to PCI DSS Compliance

Session Details

Speaker(s)

• Michael Chapple, Information Security Program Manager, University of Notre Dame
• Jane Drews, Information Technology Security Officer, The University of Iowa
• Session convener: Kimberly A. Milford, Special Projects Assistant, Indiana University

Abstract

The Payment Card Industry Data Security Standard (PCI DSS) poses a unique challenge to institutions of higher education, which often host many diverse credit/debit card merchants on our campuses. Learn about merchant levels and the 12 security requirements, as well as two different approaches to compliance: the design and implementation of a central framework to bring your institution into PCI DSS compliance, and a risk-assessment and remediation process to assist distributed merchants with individual PCI DSS compliance efforts.

• View Session Resources

Security Assessments in an Academic Environment

Session Details

Speaker(s)

• Jon Allen, Information Security Officer, Baylor University
• Robert Paul Hartland, Assistant Vice President - Security, IT Servers & Networking Systems, Baylor University
• Session convener: Al Arboleda, Information Security Officer, California State Polytechnic University, Pomona

Abstract

Baylor University recently conducted a campus-wide IT security assessment. This session presents the process from choosing a consultant to remediation of the assessments discoveries. The result is a long-term strategy and metrics for IT security within the university.

• View Session Resources

PKI Implementation at the University of Wisconsin-Madison

Session Details

Speaker(s)

• Nicholas Davis, PKI Project Manager, University of Wisconsin-Madison
• Thomas McDonnell, Director, Sales Engineering, GeoTrust, a Verisign Company
• Session convener: Tammy L. Clark, Chief Information Security Officer, Georgia State University

Abstract

This session will provide a practical example of how University of Wisconsin–Madison deployed a managed PKI solution to issue digital certificates to encrypt and digitally sign e-mail and other sensitive information, to authenticate online identities and to control access to intranets/extranets.

• View Session Resources

SafetyNet: An Open Source, Self-Service, Proactive Security Scanner

Session Details

Speaker(s)

• Marc DeBonis, Systems Architect, Sr., Virginia Tech
• Session convener: Carmen R. Cintron-Ferrer, MIS Director, Universidad del Sagrado Corazón

Abstract

SafetyNet, an open source, Web-based application framework, allows authorized users to proactively scan individual and groups of computer systems for security vulnerabilities. Learn how Virginia Tech has used this tool to increase security awareness and customer satisfaction and lower desktop total cost of ownership and security incidents.

• View Session Resources

The Challenge: Securing a Large Multicampus Network

Session Details

Speaker(s)

• Scott N. Ferguson, Director - IT Network Services, Pima County Community College District
• Kirk Kelly, Vice Chancellor/CIO - Information Technology, Pima County Community College District
• Session convener: Al Arboleda, Information Security Officer, California State Polytechnic University, Pomona

Abstract

Community colleges and smaller universities face unique security challenges due to limited staff. Learn how Pima Community College handled increased security challenges through the implementation of multiple demilitarized zones, intrusion prevention systems, firewalls, split DNS, and a rearchitected gigabit network covering 6 campuses and 11 centers.

• View Session Resources

Detection and Investigation of Compromised Hosts on Campus Networks

Session Details

Speaker(s)

• Daniel Adinolfi, Senior Security Engineer, Cornell University
• Session convener: Richard H. Gadsden, Information Security Officer, Medical University of South Carolina

Abstract

Cornell University developed a successful methodology to locate, contain, and investigate compromised systems on our networks. We recently extended this methodology to more effectively respond to compromises that can potentially result in sensitive data loss.

• View Session Resources

Bagels and Schmear: Cybersecurity Planning and Statutory Compliance for Homeland Security Research Initiatives

Session Details

Speaker(s)

• Bradley R. Barnes, Manager, Technology Resources, Oklahoma State University
• Sallie Wright, Assistant Vice President for Information Technology, University of Alabama at Birmingham
• Session convener: Carol Myers, Director, College Technology, Paradise Valley Community College

Abstract

Positioning a research organization for statutory compliance where select agents are the primary component requires extensive planning and partnering between academic research areas and enterprise administration. This presentation will highlight the three phases required to enable sensitive research, protect the university and its resources, and meet legal compliance requirements.

• View Session Resources

How Secure Is the University? Assessing Institutional IT Risk with Limited Resources

Session Details

Speaker(s)

• Ian D. Waters, IT Governance Consultant, University of Technology, Sydney
• Session convener: Christopher A. Bennett, Director of Information Security & Data Center Services, Lansing Community College

Abstract

The University of Technology, Sydney, has assessed the risk of its 211 major IT systems and resources. The presentation will describe our experience with performing this institutionally inclusive risk assessment, the limited resources employed and their sourcing, the outcome, the lessons learned from the exercise, and the work still remaining.

• View Session Resources

The Phishing Ecosystem: Analyzing the Dynamics for Maximum Defense

Session Details

Speaker(s)

• Tracy S. Holt, Manager, Enterprise Messaging, George Mason University
• Cathy Hubbs, Chief Information Security Officer, American University
• Andrew Klein, E-mail Threat Research Manager, SonicWALL
• Session convener: Tammy L. Clark, Chief Information Security Officer, Georgia State University

Abstract

While phishing attacks increase, it is just the tip of the iceberg—a complex ecosystem lurks, supported by threats like spyware, viruses, zombies, and pharming. This panel will discuss the phishing ecosystem, the impact on educational institutions, and review defense strategies.

• View Session Resources

Refreshment Break and Corporate Displays

Session Details

Aladdin Knowledge Systems

Session Details

Abstract

Aladdin is a global leader in digital security, providing solutions for enterprise security since 1985. Aladdin eToken provides cost-effective strong user authentication and password management solutions. It provides enhanced security and ensures safe information access, improved password and ID management, and secure mobility of digital credentials/certificates and keys. For more information, visit www.Aladdin.com/eToken.

Caymas Systems and The Upper Canada District School Board - Expanding Online Access While Improving Security

Session Details

Speaker(s)

• Rob Barnett, Regional Manager, Caymas Systems
• Steve Schall, Director, Caymas Systems

Abstract

The Upper Canada District School Board's new Web-centric infrastructure supports all services, communication, and collaboration among its one hundred schools. Hear how thousands of teachers, principals, students, and parents are accessing UCDSB's portal, content management, and e-mail systems, data warehouse, and management dashboard—from any location, affordably—without compromising network security.

Citadel Security Software - Vulnerability Management and Policy Enforcement Solutions

Session Details

Speaker(s)

• Constantin Adiaconitei, Senior Security Engineer, Citadel Security Software

Abstract

Citadel Security Software delivers security solutions that enable organizations to manage risk, reduce threats, and enforce compliance with security policies and regulations. Citadel solutions are used across the Department of Defense, at the Veterans Administration, and within other government, commercial, and educational organizations.

Cybertrust

Session Details

Speaker(s)

• Mark Shapiro, Business Development, Cybertrust

EDUCAUSE/Internet2 Computer and Network Security Task Force

Session Details

Speaker(s)

• Joy R. Hughes, CIO & Vice President, Information Technology, George Mason University
• John J. Suess, Vice President of Information Technology/CIO, University of Maryland, Baltimore County

Abstract

Stop by the Security Task Force table to learn more about task force initiatives, resources, and how you can get involved.

Elemental Security

Session Details

Abstract

Elemental is an award-winning pioneer in the enterprise information security market. Elemental’s products address the need to centrally manage the security risks of all computers in the enterprise. Elemental provides unified visibility and control to manage dynamic computing environments, enabling enterprises to manage their security policies and risk and measurably improve their security.

Force10 Networks

Session Details

Speaker(s)

• Kevin Tso, Security Product Manager, Force10 Networks

Abstract

Force10 Networks is a pioneer in building and securing high-performance Gigabit and 10 Gigabit Ethernet networks. Leveraging a unique hybrid architecture, the Force10 P-Series is the first intrusion prevention system in the industry to deliver inline protection without compromising network performance, even at speeds up to 10 Gbps.

GeoTrust, Inc. - Online Security, Privacy, and Identity Management in a Networked Campus Environment

Session Details

Abstract

This display will demonstrate how GeoTrust solutions can help institutions of higher education maintain reliable, redundant, and highly secure network environments to protect sensitive data, share intellectual property, and promote business efficiencies. GeoTrust will demonstrate its specific solutions for higher education, including managed SSL certificates, two-factor authentication, S/MIME, and Certified Transcript Services.

Guidance Software

Session Details

Abstract

Guidance Software EnCase(r) solutions enable educational institutions, corporations and government agencies to conduct effective investigations of all types and take decisive action in response to external attacks. Considered the leader in computer forensics, EnCase has been validated by numerous courts, and has received many top security awards from major publications.

Impulse Point, LLC, An EDUCAUSE Bronze Partner - IT Security Preventative Measures Protect Your Network

Session Details

Speaker(s)

• Jennifer Ireland, Business Development Manager, Impulse Point
• Dennis A. Muley, President, Impulse Point

Abstract

The best defense against security threats and outbreaks is to maintain up-to-date IT security preventative measures. Safe.Connect automates authentication of student computing devices and enforces antivirus, antispyware, and Microsoft security patch policies. The result is an easily integrated, reliable, secure, and affordable infrastructure.

iPolicy Networks

Session Details

Speaker(s)

• Don Woodlief, Sr. Corporate Account Manager, iPolicy Networks

Abstract

An integrated network security product company, iPolicy Networks empowers customers to address constantly emerging threats through its intrusion prevention firewall appliances that use a deep-packet, single-pass architecture for real-time security at extremely high speeds without impacting performance. Its scalable management provides consistent security enforcement across the network.

Lancope

Session Details

Speaker(s)

• Rob Dragon, Account Manager, Lancope
• Kevin Sparks, Security Engineer, Lancope

Abstract

Lancope is a pioneer and market leader in network behavior analysis (NBA) and response solutions that defeat zero-day worms, internal network misuse, and other anomalies that threaten network integrity. Lancope’s award-winning StealthWatch cost-effectively protects 200+ enterprise customers by integrating security and network management to secure internal networks.

Mirapoint, An EDUCAUSE Silver Partner - Strategies for a Secure University Messaging Infrastructure

Session Details

Speaker(s)

• Mark Johnson, Regional Sales Manager, Mirapoint
• Brian McDevitt, Vice President, Western Area, Mirapoint
• Tyler Olson, Systems Engineer, Mirapoint

Abstract

Long-term e-mail growth and security are becoming common university problems. How does your university handle these issues? This session will address both issues, highlighting Wayne State University's strategy for consolidating messaging and security investments that emphasizes scalability and productivity, keeping security top of mind.

thawte - Reduce the Red Tape and Cost of SSL Certificate Issuance

Session Details

Speaker(s)

• Kevin Brown, Partner Account and Research Manager, thawte
• Roland Williams, Account Manager, SPKI Business Solutions, thawte

Abstract

The Starter PKI Program from thawte enables companies both small and large that require multiple security certificates to manage their certificate needs without the red tape usually associated with this process. It helps organizations improve their IT and business process by centralizing the management of their certificates in a cost-effective and less time-consuming manner.

Building a Campus DShield

Session Details

Speaker(s)

• Randy Marchany, Director, IT Security Lab, Virginia Tech
• Session convener: Christopher Misra, Information Security Officer, University of Massachusetts Amherst

Abstract

The DShield project is a component of the Internet Storm Center: host systems submit copies of their firewall logs to a central facility database. This presentation describes how to create a local DShield server that can be used to handle campus intrusion detection information. IT staff can use the data to evaluate IT threats to their network.

• View Session Resources

The Botherd is Coming! How Education and Technology Can Stop the Stampede

Session Details

Speaker(s)

• Justin Azoff, Network Performance & Security Analyst, University at Albany, SUNY
• Martin Manjak, Information Security Officer, University at Albany, SUNY
• Session convener: Jeffrey C. McCabe, Associate Director, Computing & Information Services, Texas A&M University

Abstract

High-speed connections and lots of personal computers make campus networks target-rich environments for botnet recruitment. UAlbany has neither a campus firewall nor pre-connection policy enforcement, yet we've managed to reduce the number of bot infections and respond quickly and effectively to new outbreaks through user education and a creative combination of open source tools.

• View Session Resources

Mining Flows for Intrusion Data

Session Details

Speaker(s)

• Phillip Deneault, Network Security Officer, Worcester Polytechnic Institute
• Session convener: Gary Dobbins, Director, Information Security, University of Notre Dame

Abstract

Most IP flow collectors are used as evidence lockers, quietly storing records until needed for a forensic investigation, or used for billing and accounting purposes. Much of this data can be mined for problems at regular intervals without extensive computing overhead and can find many technical and security violations.

• View Session Resources

Federated Identity Management: Addressing the Risky Business

Session Details

Speaker(s)

• Kenneth J. Klingenstein, Director, Internet2 Middleware and Security, Internet2
• Session convener: Joanna Lyn Grama, Information Security Policy and Compliance Director, Purdue University

Abstract

Accessing restricted resources held by a partner can be risky for both parties. This presentation will include a discussion of national and international federations, what the policy dimensions are for campuses, and how federations can be used as a basis for real-time security exchange.

• View Session Resources

System-Wide Strategies for Achieving IT Security at the University of California

Session Details

Speaker(s)

• Jacqueline Craig, Director of Policy, University of California Office of the President
• David H. Walker, Campus IT Architect, University of California, Davis
• Session convener: Thomas Siu, Chief Information Security Officer, Case Western Reserve University

Abstract

The University of California embarked on an initiative to achieve effective stewardship of personal and restricted information accessed and used in the university's academic, business, and health-care operations. This session will focus on recommendations for strategies to protect information, including an emphasis on encryption and forensic analysis.

• View Session Resources

Microsoft Windows Vista: Securing the Desktop

Session Details

Speaker(s)

• Cam Beasley, Chief Information Security Officer, University of Texas at Austin
• Craig Blaha, Assistant Director of User Services, University of Texas at Austin
• Barbara Chung, Chief Security Advisor, Education, Microsoft Corporation
• Session convener: Elliott Franklin, Information Security, Texas State University-San Marcos

Abstract

This session will provide a close-up look at the new security features in Windows Vista, with a perspective on how the changes will affect security management for desktops in education. Learn about the significant new capabilities, such as User Account Protection, firewall egress filtering, protected-mode IE, and data protection.

• View Session Resources

Reception

Session Details

Abstract

One of the most valuable aspects of this conference is the opportunity to connect face-to-face with fellow attendees. Join us for the reception, where you can relax over food and drink and get to know your colleagues. NOTE: Please wear your name badge for admittance.

Birds-of-a-Feather Sessions

Session Details

Abstract

We invite you to join colleagues for birds-of-a-feather discussions. During this discussion session you can network with those who share similar interests or responsibilities and discuss topics of particular interest to you. These sessions are designed to encourage you to exchange experiences and insights with colleagues. You can also establish a new topic by notifying us in advance (security-task-force@educause.edu) or signing up at the bulletin board near the registration desk.

Topics include:

Banner (ERP) Security
Regional Security Teams and the REN-ISAC

Other Topics: Sign up at the bulletin board near the registration desk.