Microsoft is giving away a copy of Windows 7 Ultimate to the ten (10) best Windows stories from IT Professionals. Stories can be related to how Windows 7 saved your company money, solving your application compatibility issues, deployment, management of your installations, and virtually anything else. The more compelling your story, the better chance you have to win.
Go HERE to learn more
INTRODUCTION
With the introduction of Windows 7 and Server 2008 r2 there are new security features that an auditor or IT professional should be aware of. As you roll out the new operating system, what are the issues and benefits that your company will see? What are the risks, benefits and issues that need to be planned for?
In this session I will be covering these important issues with the use of lecture, demos and group discussions.
If these are questions that you and your organization are asking, then we invite you to attend our session, “Windows 7 and Server 2008r2 New Security Features.”
OUTLINE
The educational session will introduce attendees to the key issues surrounding deploying these new operating systems and using features that help reduce risk for enterprises and organizations.
SEMINAR TOPICS
· Windows 7 new features
o Demo of new features
o Tricks and demos
o Hard drive encryption
o Bitlocker to go
· Server 2008 R2
o New group polices
o New Audit and logging features
o NAP – Network Access Protection
o Direct Access
o Hyper-v (Server virtualization)
· Deployment Issues
o XP to Windows 7
o Discussion
o MDT 2010
o XP Mode
· Analysis of Windows Event Logs
WHO SHOULD ATTEND
● Audit and risk professionals whose organizations are considering Windows 7 and Server 2008 r2 Security Risks.
● Information Security professionals interested in learning about Windows 7, and Server 2008 r2 deployment issues, new features and benefits.
This Session is being offered to the
ISACA- Connecticut Chapter on January 31 from 8:30 AM – 4:30 PM
To register for this event click here
and again for the
ISACA – New England Chapter
February 18 from 8:30 AM – 4:30 PM
2 Financial Center
60 South Street
Boston, MA 02111
To register for this event click Here
In this session, I will cover the following topics by applying what you have learned in the first of three-part webinar series devoted to the subject of Protecting Your Network by using Cryptography to solve some IT issues.
Outline:
To attend this session on February 23, 2011 Time – Noon – 1 PM ET
Click Here
Part Three: will be Disaster Recovery – April 27, 2011
On Wednesday Jan 26 I will be presenting 3 sessions, they are;
Presentation Title: Security for the Network Administrator
Date and Time: 01/26/2011, 0830-1020
Location: Great Hall D
Track: Information Assurance
Description: You are a new system administrator and have been trained to maintain that system. But have you been trained to secure it? Many network administrators are assigned the task of securing a network, but they have no idea how to do that.
Do you understand the “Big Picture” and how your actions could compromise the security of your vital data and systems? Most administrators are living in a silo of information and don’t have a real view of the big picture. This results from network administrators thinking “It’s Not My Job”. While true from an evaluation point of view, this can lead to major security issues.
During this presentation, we will help you break out of the silo and get the big picture. We’ll help you identify security issues and how and where to report them.
———————–
Presentation Title: Securing the Weakest Link
Date and Time: 01/26/2011, 1320-1420
Location: Great Hall D
Track: Information Assurance
Description: Network security issues are something organizations are faced with everyday. You can implement technologies such as IDS/IPS and firewalls to help lock down your network. However, have you considered how to protect your networks against non-technical intrusions such as social engineering?
This session will explore 10 things you can do now to help protect and defend your data, network, and personnel against social engineering attacks.
During this presentation, we’ll discuss the following topics:
-How Easy It is to Gain Information That Can Put You at Risk
-How Social Engineering Can Also Be Done via Technology
-Case Studies and Examples of Techniques That Work to Social Engineer Users
———————–
Presentation Title: Understand the Security Concerns Associated with Virtualization
Date and Time: 01/26/2011, 1500-1600
Location: Great Hall D
Track: Information Assurance
Description: Many organizations realize the benefits of implementing virtualization. In fact, by implementing virtualization, you can reduce the physical number of host computers. But does it reduce or add risk to your infrastructure?
The goal of this session is to take a look at all of the issues and identify areas of concern as a cyber specialist.
Here is a link to a great article on network security.
Threat Area
Worst Case Scenarios
1. Insider Threat
Enterprise data including backups destroyed, valuable secrets lost, and users locked out of systems for days or even weeks.
2. Tool Bloat Backlash
Decision-makers become fed up with endless requests for security products and put a freeze on any further security tools.
3. Mobile Device Security
A key user’s phone containing a password management application is lost. The application itself is not password-protected.
4. Low Tech Threats
A sandbox containing a company’s plan for its next generation of cell phone chips is inadvertently exposed to the public Internet.
5. Risk Management
A firm dedicates considerable resources to successfully defend its brochure-like, ecommerce-less web site from attack, but allows malware to creep into the software of its medical device product.
6. SLA Litigation
Although the network administrator expressed reservations, a major customer was promised an unattainable service level for streaming content. The customer has defected to the competition and filed a lawsuit.
7. Treacheries of Scale
A firm moves from a decentralized server model to a private cloud. When the cloud’s server farm goes offline, all users are affected instead of users in a single region.
To read the full article go here
Brief Overview:
I will be presenting a session on "Authentication and Cryptography," I will examine the following topics:
In our webinar session on February 23, 2011, we will discuss Using Encryption to Protect Your Data. In the last webinar of this series entitled Disaster Recovery, we will take this information from theory and show you how to use this technology.
Outline:
In this session we will cover:
To attend this session on 2/9/2011 at Time: 12:00 PM ET
Click Here
Then on February 23, 2011, I will discuss Using Encryption to Protect Your Data. In the last webinar of this series entitled Disaster Recovery, we will take this information from theory and show you how to use this technology.
Other session that you may want to look at include
Cyber Security Part One: Identity Theft
Understanding Cyber Security Physical Security
Understanding Cyber Security Risk Management
Active Directory Federation Services 2.0 helps IT enable users to collaborate across organizational boundaries and easily access applications on-premises and in the cloud, while maintaining application security. Through a claims-based infrastructure, IT can enable a single sign-on experience for end-users to applications without requiring a separate account or password, whether applications are located in partner organizations or hosted in the cloud.
The Windows Server 2008 R2 setup package for AD FS 2.0 was updated on 1/5/2011. This updated package contains hotfixes that will prevent the errors described in the following support articles from occurring whenever AD FS 2.0 is installed on a server running the Windows Server 2008 R2 operating system:
Get the update here
The current deal is if you buy a netbook with starter you can upgrade to Home Premium for only 19.95 ! You just need to purchase Windows anytime upgrade at the same time !
Windows Anytime Upgrade?
With Windows Anytime Upgrade: Windows 7 Starter to Home Premium, your customers can upgrade their new netbook PC safely, quickly, and easily. Then they can customize it with themes and photos and enjoy entertainment anywhere. By taking advantage of this offer, customers get everything in Windows 7 Starter, plus more:
* For Internet TV, you’ll need Internet access. Free Internet TV content varies by geography. Some content may require additional fees. Internet TV is not available in all countries.
Offer is good Nov 7 to April 2 while supplies last
Is a cell a phone was just a phone?
The current cells phone today is smart phones with more power that you desktop that 7 years old. Think of what you keep on your phone, Mail Contact, Schedules, and other data what would happen if that device was lost or stolen or compromised and theft or you competing got that information
Here are some simple things to do.
Don’t Lose Your Phone – Know where you phone is at all times and do not leave it out at bars and public places, Keep it with you. Do not leave it in you parked car.
Lock you phone and set a password (a strong one not 1111, 1234 etc.)
Here’s how to find time-out settings on various smartphone OSs:
Remote wipe means that if your phone is lost or stolen, you can remotely clear all of your data–including e-mail, contacts, texts, and documents–off of the handset, thus keeping that information out of the wrong hands. Check with you Company or Phone provide about this service
Trojan Horses, Malware, and Viruses and Third-Party Apps
I found this resource list, it show the State Breach Disclosure Laws, you can search this site for your state and what you need to do or what your legal responsibilities are.
Click Here