Upcoming Events
Past Events
Media Archive
Registration History
|
|
NERCOMP EVENT
Data Privacy
 Printer Friendly Version
|
Data privacy is, of necessity, becoming a major focus in many institutions' information security programs. We will spend a day discussing various dimensions of data privacy, with examples provided where possible from successful programs. Among areas considered will be (1) the legal and regulatory framework for data privacy, (2) risk management and obtaining institutional buy-in, (3) eliminating, encrypting, or reducing access to confidential data, (4) awareness and training, and (5) controls and policy compliance issues related to data privacy. Specific regulations such as PCI-DSS, HIPAA, and 201 CFR 17.00 (M.G.L. 93H) will be touched upon as appropriate, tying the first area together with the rest.
Workshop Organizer/Host: David Escalante of Boston College and Chris Misra of University of Massachusetts Amherst
Date/Time:
Tuesday, May 19, 2009
9:15am - 3:00pm
Registration begins at 8:00am
Location:
Four Points Sheraton Hotel and Conference Center
1125 Boston Providence Turnpike
Norwood, MA
Click
Here for a Map
Click Here for Directions
Special instructions:
Your fee includes unlimited am and pm break service and lunch.
Pricing:
NERCOMP Members: $124
Non-Members: $249
By clicking on the "Register" button below, you are indicating a commitment to attend and will be held responsible for the registration fee.
Your fee can be refunded if you notify us of a cancellation at least 8 days prior to the event via email to nercomp@nercomp.org.
|
Additional Information
Event Schedule:
8:00am - 9:15am Registration and Coffee
Speakers for the Day:
David Escalante, Director of Computer Policy & Security, Boston College
Christopher Misra, Network Analyst, University of Massachusetts Amherst
9:15am – 10:30am Legal and Regulatory frameworks for data privacy
We will cover the laws and regulations that are current drivers for many of the sensitive data efforts on campuses. We will discuss the impacts of both federal and state laws on campus information security programs. We will also discuss how these frameworks can enable institutional buy-in.
10:30am – 10:45am Break
10:45am – 12:00pm Risk Management: Eliminating, Encrypting, and
Reducing access to confidential data.
Managing sensitive data is intrinsically tied to business processes. These business processes are generally the source of much of our sensitive data. Eliminating, encrypting, and reducing access to these data is one of the most effective ways to reduce some of the key risks. We will cover successes and challenges at our respective campuses.
12:00pm – 1:00pm Lunch (included)
1:00pm – 2:15pm Awareness, Training, Controls, and Policy Compliance
Effective information security programs require a broad array of elements. This session will cover efforts of raising awareness of the issues, creating and disseminating training materials, assorted technical controls, and how these map to policy compliance requirements. We will also review how current sensitive data concerns are aiding the maturity of information security programs.
2:15pm – 3:00pm Q&A
3:00pm End
Speaker:
Christopher Misra
Christopher Misra is a Network Analyst with the University of Massachusetts Amherst where he has worked for the past eight years. His responsiblities including network security management, incident handling, and network security architecture. Chris has been active with various regional and national information security organizations including the Internet2/EDUCAUSE Security Task Force and SALSA, serving on program committees, participating in working groups, and presenting at conferences. Chris chairs the SALSA-NetAuth working group investigating techniques for automating network policy enforcement. Chris has also taught courses on Network Security at UMass for several years.
Speaker:
David Escalante
David Escalante is the Director of Computer Policy & Security at Boston College, where he is responsible for all data security matters. David was nominated for the "Information Security Executive of the Year" award in 2005 and 2006, and has spoken on security topics at events such as the RSA Conference, Educause Security Professionals Conference, and the Campus Technology Conference.
Prior to Boston College, David was the Director of Professional Services, Americas, for Baltimore Technology, a PKI vendor, and the manager of the Network Consulting group at Bolt Beranek & Newman, where he consulted with a variety of Fortune 500 companies on network and security issues.
Related Media Files:
data-privacySlides.pdf
Contact Information:
Lisa DiMauro
860-345-2081
ldimauro@nercomp.org
Hotel Information:
Rooms are available at the Sheraton Norwood, the conference location.
To make reservations contact the Sheraton Norwood at 781-769-7900 and request the "NERCOMP Room Block".
The room block for May 18, will be released on April 20, 2009. Standard queen rooms are available for $150 per night.
Technical Requirements:
|
|
NERCOMP reserves the right to use any photographs or other mechanical recordings taken at NERCOMP events in promotional materials.
No mechanical recordings of any kind may be used at NERCOMP events without the prior written consent of NERCOMP organizers and presenters.
The views and opinions expressed at NERCOMP events do not necessarily reflect those of NERCOMP, nor does NERCOMP make any representation regarding the information presented at NERCOMP events.
|
|
|
 |
|
EDUCAUSE
Read more about our affiliate organization, EDUCAUSE
and how we all work together to further the cause of using technology to
improve academia....
|
|
|
|
NERCOMP 2010 Annual Conference - Register Now
Monday, March 08, 2010
NERCOMP 2010, "The Next-Generation University: Rethinking IT in Disruptive Times."
Whether your...
|
|
|
|