You will earn 6 CPE credits for attending this virtual event.
Forum Format: Virtual - US Eastern
IT departments are under incredible pressure to maintain the business productivity for an expanded remote workforce. As the workforce continues to move into a hybrid office & home office environment, the risks of not maintaining security practices are also top of mind. Threat actors are also actively seeking opportunities to benefit from changes in the workforce.
One of the most important steps you can take to protect yourself is to use a unique, strong password for each of your accounts and apps. Unfortunately, it's almost impossible to remember all of the different passwords. In addition, we know it's time consuming to constantly track the answers to all your security questions, remember different passwords for each login, use multiple devices to gain access, among numerous other factors.
Join this SANS lead forum as we explore various password & access management topics through invited speakers while showcasing current capabilities available today. Presentations will focus on technical case-studies and thought leadership using specific examples relevant to the industry.
10:30 - 10:50 AM EDT - Keynote
Chris Dale, @ChrisADale, Forum Chair, SANS Institute
10:50 - 11:25 AM EDT - Moving Beyond Passwords to a Passwordless Future
Chris Streeks, @cStreeks, Senior Solutions Engineer at Yubico
Passwords are fundamentally broken and are among the weakest forms of authentication. But how do organizations move away from passwords?
In this presentation well highlight how not all 2FA/MFA is created equal, the many benefits of moving away from passwords, and provide an overview what passwordless authentication means in different scenarios and environments-and how organizations can move towards a passwordless future.
11:25 AM - 12:00 PM EDT - Devices in the Enterprise How to Balance Security and Productivity
Teju Shyamsundar, Senior Product Marketing Manager at Okta
The influx of new devices types in the workplace has transformed how we work. Your employees need to stay productive on any device, from anywhere, at any time. But, this is easier said than done, as new devices could also mean increased vulnerabilities.
Today, IT and Security teams need to consider how to enable device visibility, enforce devices based access controls, secure access within applications, while still delivering seamless access experiences for employees.
Join in on this presentation to understand how to:
- Reduce data breaches with device strategies
- Enforce device-based security
- Integrate user and device-based risk in access policies
- Reduce dependencies on on-prem tools to manage your devices
12:00 - 12:10 PM EDT - Break
12:10 - 12:45 PM EDT - Is Your Password Unique?
Mike Greene, CEO at Enzoic
The Password has undergone an interesting evolution traced back as far as the story of Alibaba and the Forty Thieves. We are all familiar with the passphrase Open Sesame which was used to open a magically sealed cave. A unique phrase tied to a specific door a key if you will.
The first computer password is believed to have been deployed in 1961 by MIT in order to manage access to their Compatible Time-Sharing System. Since this time, there have been issues with password security. Passwords were originally conceived to be unique keys to a unique resource. In the modern world, passwords have instead been embraced by users as their own individual unique identifier, resulting in password reuse and a host of new issues. In this webcast, we will review some of these issues and potential countermeasures.
12:45 - 1:20 PM EDT - The Problem with Passwords: How Researcher and Hacker Chris Roberts Approaches Next-Gen Authentication
Simon Berman, Chief Product Officer at Trusona
Chris Roberts, @Sidragon1, Chief Security Strategist at Cynet
We all know that passwords are an outdated technology that represent a huge risk for organizations especially with the rapid, global transition to a remote workforce. The real challenge is implementing an effective approach to replacing passwords that is both secure and easy for your employees to use.
Join us for a frank conversation with Chris Roberts and Simon Berman on new approaches to deal with the problem of passwords, and how IT security professionals can make passwordless MFA a reality for their organizations.
1:20 - 1:30 PM EDT - Break
1:30 - 2:05 PM EDT - Leveraging IAM for Effective and Efficient Threat Mitigation
Lonnie Benavides, Head of Infrastructure and Application Security at OneLogin
Theres no question that the current cybersecurity landscape is constantly shifting and evolving as new threats and security solutions emerge. Increased cyber attacks and distributed workforces have created new challenges that require innovative solutions.
Faced with the challenge of managing identities and securing access to data and applications from a growing number of endpoints, what are the fundamental controls organizations need to maintain business continuity and secure their remote and hybrid workforce?
Hear from Lonnie Benavides Head of Infrastructure and Application Security, OneLogin for a discussion on practical information and advice regarding the utilization of identity and access management solutions to effectively mitigate modern cyber threats to your business.
2:05 - 2:40 PM EDT - Using Cloud-based Identity Services in a Zero Trust World - Is it Safe?
Steve Schmalz, Field CTO at SecurID an RSA business
In our cloud-based world more organizations are looking to obtain their IT services from cloud providers. Should they also look to obtain core security services like authentication and access control from the cloud as well? This talk will address this question and discuss the various advantages and security challenges such a process entails.
2:40 - 2:45 PM EDT - Wrap-up