Data Connectors | St. Louis e-Security/HIPAA Security and Privacy Conference

2003 St. Louis e-Security/HIPAA Security and Privacy Conference

-- in conjunction with the --

2003 AITP National and Region 5 Conference and Vendor Show

Agenda

Sponsors

Sponsorship Information

Who should
attend?

Thursday, October 23, 2003
-- and --
Friday, October 24, 2003

How secure is your Business?
Millenium Hotel
200 South 4th Street
St. Louis, MO

Click here for directions

Overview

Data Connectors has partnered with the Association of Information Technology Professionals (AITP) for the fourth annual St. Louis e-Security Expo & Conference. This two day show will feature a traditional seminar and vendor show which will be presented live and simultaneously delivered via web cast to IT professionals across the United States and individuals anywhere in the world! The vendor show, which will be open Thursday, October 23 from 10:00 a.m. to 7:00 p.m. and Friday, October 24 from 9:00 a.m. to 5:00 p.m., is open free to IT professionals and IT students. To attend the three conference tracks- management track, technical track and security track, as well as the keynote lunch addresses offered on Thursday, October 23rd and Friday, October 24th, there are different admission packages that can be purchased.

Data Connectors and the AITP are proud to present to following keynote speaker sessions which will be open to paid conference attendees. Data Connectors will be hosting the vendor show as well as the e-Security conference portion of this national show. For more info on sponsorship/vendor packages, click here.

Thursday, October 23, 2003
9:30-10:00	Check-in/Registration Opening Introductions
	Data Connectors is proud to host the 2003 e-Security/HIPAA Security and Privacy Conference
10:30-11:20	Portable Emergency Network (PEN)-- Emergency Preparedness for Today's Business
Paul E. Woolverton Federal Government Business Manager	Recent terrorist activities and natural disasters have caused a heightened awareness of our business vulnerability. All prudent IT executives are now thinking seriously about reasonable access security and business continuity protection. In response to the Office of Emergency Management Continuity of Operations Planning (COOP) and Executive Order 12656, Vector ESP has designed a Portable Emergency Network (PEN) that allows rapid, affordable business continuity protection. Come and hear how the PEN solution, combined with our Secure Connected Access security infrastructure, can provide the ideal security and business continuity solution for your company.
11:30-12:50	Keynote Lunch - E-Commerce and the Four Generations at Work
Kevin Jetton Owner of GeniSys Consulting Services and 2002 AITP Association President	In today's world, there are four generations working together in the workplace. Each generation has its characteristics that must be satisfied in the emerging e-Commerce work. What needs to be considered with establishing an e-Commerce website?
1:00-1:50	Web Services and Identity Management
Jason A. Hollander Identity Web Access Management Architect
2:00-2:50	Web Application Security - The Forgotten Layer
Paul Klahn, CISSP Director of Assessment Services	Network engineers have spent a great deal of time securing the perimeter - firewalls, intrusion detection, and strong authentication. Little attention was given to public traffic to our Web servers. With today's Web applications and increased interoperability with data bases, attackers have moved from the hard perimeter to the softer application for exploit. By utilizing simple exploits against vulnerable Web applications, all the work spent on perimeter security is easily negated. This presentation will offer a discussion of common Web application attacks along with strategies to detect and mitigate attacks.
3:00-3:50	Securing Against Hostile Code by Building In Security Policy - A Practical Example
Louis A. Jurgens, CISSP Executive VP for Sales and Marketing	To secure against non-reproducing hostile code like trojans, sniffers, spyware and keyboard loggers, one needs to keep this malware out in the first place. Can this be done with firewalls or intrusion prevention schemes? Perhaps, but a locked-down O/S, coupled with strong policy enforcement gets at the core of hostile code protection. Of the three elements to data protection, physical security, network security, and policy enforcement, it is policy enforcement that is scrutinized least by vendors, thus causing a dearth of vendor solutions in this area. Even the most skilled administrators are prone to error, so why not use technology to reduce or eliminate human-induced errors, specifically by applying this concept to web server administration? This talk will discuss a practical example of the application of a rigorously enforced security policy to a secure web server. Mandatory access controls and rules of least privilege are strictly enforced from the factory through the use of a hardened O/S along with specially tailored applications for http, POP3, SMTP, and ftp services. By hard-coding security policy into the overall system, system administrator errors are eliminated, thus preventing malware execution, or exploits allowed by human error. A side benefit is the complete elimination of continual updating and patching of the web server.
4:00-4:50	Identity-Based Access: The Business Imperative
Dale DeLoy Chief Technology Officer-Business & Portals Integration (BPI)	Dewpoint “architects for change” so that our clients have integrateable access management and a future-proofed approach to their identity management and provisioning goals. Our success stories in directory, single sign-on, profiling and entitlement include: Motorola, Mellon Bank, Lucent, Cablevision and other Fortune 200 clients throughout the mid-west.
5:00-5:50	Integrateable Identity Infrastructure
Eric Clelland Vice President of Sales	Enterprises have a business imperative to provide access to their enterprise data and applications for Extranet business partners, Remote and mobile employees, and Internal LAN users. As enterprises become more extended, they become increasingly vulnerable to both internal and external security threats. Perimeter security solutions alone are inadequate as they only parse anonymous bad traffic. Identity-Based security is required to address both bad users and bad behavior and to provide fine grained auditing for regulatory and legal compliance (e.g., HIPAA). This presentation will discuss the new concept of Identity-Based Security Appliances as a radically economical, easy to deploy, and high performance approach to Extranets, Remote Access, and Internal LAN access control.
5:30-7:00	Vendor Hospitality
	See Exhibitors List
Friday, October 24, 2003 (HIPAA Track 9:00-2:20)
8:45-9:00	Check-in/Registration
9:00-9:50	Dispelling the Myths of HIPAA Security
Gretchen Hellman Senior Product Line Manager	What HIPAA is and isn't What HIPAA Security Means Reaching Compliance through Effective security Technologies and services to consider Summary
10:00-10:50	Security Technology Solutions Health Care Industry and HIPAA Regulations
Raleigh Burns Senior Systems Engineer
11:00-11:50	Protecting Your Privacy
Jarrett Kolthoff Senior Manager Mick Coady Director
12:00-1:20	Formal Lunch - Increase the Velocity of Your Business and Your Career
Dan Coughlin President of The Coughlin Company, Inc.	Corporate and career velocity relate to the speed and direction in which your business and career are moving. Accelerators influence your velocity. Among the accelerators discussed are: Clarity, Simplicity and Consistency. Do you have the right tools to accelerate your most important professional objectives?
1:30-2:20	PHI Discover in Semi-Structured & UnStructured Content
Casey Piket Regional Systems Engineer
2:30-3:20	Training Solutions

3:30-4:20	Policy Enforcement

Event Sponsors/Exhibitors