Security Seminar At UniForum '96

Preconference program on open systems security

An introductory, two-day seminar on corporate security issues will be offered at UniForum '96, San Francisco, CA, on February 12-13, 1996. The preconference program is entitled "What Every Manager Should Know About Computer Security But Was Afraid to Ask!" Sessions will offer a comprehensive overview of critical security issues from a manager's perspective.

The seminar is chaired by Jim Schindler, Information Security Program Manager at Hewlett-Packard. He states that the seminar is designed for upper management, department managers, or anyone else wanting a complete introduction to the major security issues facing today's corporations.

Program overview

Day one of the seminar will concentrate on building a model of a successful security infrastructure. Step-by-step guidelines will be provided for evaluating the security needs of corporate sites and deciding upon the elements of a successful security framework.

Procedures will include six major areas:

The first day's instructors will be John Smith, senior investigator, County of Santa Clara, and Michelle Crabb, primary computer analyst at NASA.

The second day will highlight important security components within a business environment. Various security experts will lead four sessions addressing the following points.

Integrity: One of the important Unix security issues is maintaining the integrity of system binaries and data files. Unauthorized changes to either can be extremely disruptive to operations, causing considerable effort to be expended on reestablishing integrity. How should an organization approach the issue of integrity in Unix systems? What tools are available and what procedures should be established? What are organizations doing to ensure the integrity of their Unix systems and data? The session will be chaired by Dr. Eugene Schultz, senior consultant, SRI International.

Security Policies, Procedures, and Practices: This session will provide valuable insight into crucial security elements including Internet security, company policies, procedures, practices, and incident reporting. The session chair will be John Wack, computer scientist, from the National Institute of Standards and Technology (NIST)

Disaster Recovery Planning and Practices: Planning for a disaster recovery in a mainframe environment is familiar to many MIS managers. However, planning how to recover from major events that affect distributed client/server computing in wide-area networks is a much more difficult task, and one that is much more difficult to address. This session will address the needs to be considered when planning for recovery and business continuation of computing spread across many sites. The session will be chaired by Moira West-Brown, manager, Incident Response Team, Internet Computer Emergency Response Team (CERT).

Confidentiality: This is one of the essential components of any information security policy. It must be carefully considered in the design and implementation of every information system component, including encryption and firewalls. This session will address all aspects of confidentiality from advanced network security measures to the latest thinking of confidentiality policy enforcement in host systems and workstations. The session chair will be Dr. Peter Neumann, principal scientist, SRI International.

Special bonus

Schindler also announced that all attendees will receive a free copy of a white paper entitled, "In The Days After....Lessons Learned From A Large-Scale Intruder Attack."