- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
select a course
Mclean, VA - December 6 - 7, 2006
- Hotel & Travel Info
- General Info
- Faculty
- Vendor Expo
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
Valuable information to take back to work with me, as well as hands-on testing examples.
-Carol Jones, Office of Court Administration
Special Offer: Register for CDI East 2006 and receive 10% discount on Secure Storage & Encryption Summit. Send your CDIEAST2006 invoice number to tuition@sans.org and request your discount.
Hotel Information
Sheraton Premiere at Tysons Corner
8661 Leesburg Pike
Vienna, Virginia 22182
Phone: 703-448-1234
www.starwoodhotels.com
The guest room rate of $219 S/D includes high speed internet access*. Make your reservation now, this special rate is only available through Wednesday, November 15, 2006. To make online reservations, go to: www.starwoodmeeting.com/
* High speed internet access is complimentary in all guest rooms only for attendees who have registered under the SANS Institute group rate.
SANS Secure Storage and Encryption Summit
Securing Sensitive Data on Mobile Devices, Backups, Servers, and in Databases
- Dates:
- Summit: December 6-7, 2006
- Post Summit Courses at SANS Cyber Defense Initiative: December 9-16, 2006
SANS CDI East 2006 will be held at the Washington Hilton
- Summit Venue:
- Sheraton Premiere Hotel, Washington DC Area (Mclean, VA)
Organizing Committee:
- Contributors
- Dr. Eric Cole, SANS Institute
- Jason Fossen, Enclave Consulting LLC
- Steve Fried, Metavante
- T.J. Klevinsky, JP Morgan
- Mark Lichtenberger, Northwestern Mutual
- Alan Paller, SANS
- James Summers, Vesta Corporation
- Mark Weatherford, State of Colorado
- Ben Wright, Attorney
- Vendor Contributors
- Michael Willett, Seagate
- Jon Callas, PGP Corporation
- Catherine Purcell, EMC
- Adam Stein, Mu Security
- Wendy Hyde, Flagstone International
- Michele Borovac, Decru
Stopping data leakage is now a CEO-level priority. Month after month, the CEOs, board members and top government officials have read front page articles about data breaches; watched endless TV replays of Veterans Affairs' Secretary Nicholson being humiliated in front of Congress, heard from lawyers that laws and regulations in the US and Europe provide real teeth for data protection enforcement; and heard (privately) from their peers that substantial numbers of customers defected after being told that their data was lost. They have had enough. They are demanding that their security chiefs do more than write policies. They want technical solutions that work and they want them implemented now!
The SANS Secure Storage and Encryption Summit, being held on December 6 & 7 in the Washington DC area (McLean, VA), is the first in-depth program featuring user-to-user discussions focused on lessons learned, mistakes to avoid, and technologies and processes that work in securing sensitive data on mobile devices, on backups, on servers, and in databases. The Summit is an interactive program with ample opportunity to get your questions answered by those who have already fought the wars. You will leave the summit with concrete, actionable information you can deploy as soon as you return to work.
What Will You Learn?
- How to make sure data on laptops and other mobile devices cannot be used by thieves.
- How to better protect data on your storage networks and backups.
- How to get ahead of attackers who try to steal your data through database attacks like SQL Injection.
Who Should Attend?
- Storage managers, database and data warehousing managers, and security managers should attend as a team. Organizations that care about protecting sensitive information need managers who can reliably work together to deploy the right technologies and process to secure that information. Joint attendance at the Summit will go a long way toward getting everyone reading off the same page.
- Security auditors and incident handlers who need to know the greatest threats to their organizations' data and what needs to be done to protect it.
- Security architects and CTOs who are trying to determine what technologies and processes are most critical for protecting sensitive information stored in their organizations.
- Consultants tasked with helping organizations design the right defenses to protect their sensitive information.
Attendees will get the first look at the new consensus procurement document for buying laptop encryption.
Ten Questions to Be Answered at the Summit
-
For Securing Mobile Data Storage
- How can organizations use encryption and other security steps to avoid disclosing the loss of mobile devices storing sensitive information? What is the legal framework?
- What are the key criteria for choosing a mobile data encryption package, which are the leading programs, and how do they measure up?
- What processes work best for rolling out mobile data protection across large enterprises and what are the biggest mistakes made by the pioneering users?
- How can encryption be integrated with Active Directory and LDAP?
- Can protection of data on desktops be justified?
- Is there a way to lower the cost of acquiring encryption software for all systems?
- Which principal attack vectors are the most successful in penetrating storage networks and backups?
- What types of protection from storage network vendors and security software/hardware companies are most effective?
- Where does encryption fit and how can it be integrated into a comprehensive storage security process?
- What have large user organizations found to be best practices in architecture and processes for protecting storage networks?
For Securing Storage Networks and Backups
How Good Are SANS Summits?
Here's what people who attended the last Summit said:
There's nothing better than having an opportunity to talk to end users who have gone before you - this is a marvelous new opportunity which SANS has made available.- William Knox, The MITRE Corp.
A great resource for determining who the major players are, what's available and where to look.- Bill Bergman, Omnicare Clinical Research
Everything you wanted to know about logging, but were afraid to ask... or, think about. A vendor neutral approach to a significant problem.- Bill Eshbach, Independence Blue Cross
Preliminary List of Sessions for the Summit
- Current Legal Framework for Liability Associated with Data Loss and for the Use of Encryption to Avoid Disclosure (Expert Briefing)
- The Three Faces of Cyber Crime and How and Why the Criminals Are Targeting Storage Devices and Databases (Expert Briefing)
- Defining the Key Criteria for Selecting a Laptop Encryption Vendor: An Executive Survey of Laptop Encryption Technology and Market Leaders (Expert Briefing)
- Promising Practices in Selecting and Deploying Laptop Encryption (User Lessons Learned)
- Five Top Mistakes in Deploying Mobile Data Encryption (User Lessons Learned)
- Vendor Panel of Leading Encryption Products (plus Hospitality Suites Where You Can Get Better Answers)
- Attack Vectors for Penetrating Storage Networks (Expert Briefing)
- Promising Practices in Protecting Storage Networks (User Lessons Learned)
- Technology Innovation in Secure Storage (Vendor Panel)
- Key Criteria in Selecting Enterprise Storage: Choosing the Best Products and Vendors
- What Works in Protecting Backup Media in Storage and in Transit (User Lessons Learned)
- Developing Common Procurement Specifications for Encryption Acquisition to Maximize Protection (Expert Briefing)
- The Future of Storage Security