Loading images...
Loading images...
Loading images...

July 2014 – Overcoming Configuration Management Challenges

Date Venue Presentations
Check back after this event.


Event Start Time – End Time N/A
Overall Event Title Overcoming Configuration Management Challenges
Event abstract Configuration Management facilitates the availability, reliability, and security of an organization’s systems by establishing minimum baseline standards for server builds, developing systems based on those standards, and ensuring the integrity of those systems throughout their life-cycle.Where deviations from approved standards occur, they should be captured by auditing or monitoring processes and reported to management, and if necessary reconciled to ensure the security of affected systems.In this session, various presenters will cover the key elements of configuration management, and how to overcome common challenges

Guardian Life Insurance, 7 Hanover Square, New York, NY 10005

Dress Code Business casual
Event kickoff opening remarks 2:00 – 2:10
Speaker NY ISSA Board Member
Session description Welcome attendees
Session Title Building Minimum Baseline Standards
Start Time – End Time 2:10 – 2:55
Session Description Minimum Baseline Standards (MBS) are developed by organizations as a matter of due diligence and industry regulation. The standards are developed to reflect your business, best practices and to comply, where possible, with industry guidelines.However, the task of coordinating resources and obtaining “buy-in” in the development of these standards can be daunting. This discussion will offer some methods to overcome these challenges.
Speakers TBD
Bio(s) TBD
Session Title Deploying Security Configurations
Start Time – End Time 2:55 – 3:30
Session Description Once a configuration standard is identified and constructed, an organization must develop a procedure to quickly and seamlessly implement a new, or newly updated, standard. This must be done without disrupting the course of normal business and without damaging the organization’s technical infrastructure.A deployment plan allows organizations to maintain secure configurations and assists in identifying security vulnerabilities, which often occur as deviations from the plan.This discussion will focus on the phased implementation of minimum baseline standards throughout an enterprise.
Speakers TBD
Bio(s) TBD
Networking Break 3:30 pm – 3:50
Session Title Monitoring and Maintaining Compliance
Start Time – End Time 3:50 – 4:30 PM
Session Description Once deployed, a configuration standard should be monitored or periodically audited for any deviations from the standard.  Data from systems should be aggregated and analyzed in order to identify any systems which may deviate from the standard configuration.Mechanisms for monitoring range from automated tools to manual review.  Once identified, deviations from the standard should be documented and cause of the deviation should be addressed in the deployment plan.
Speakers TBD
Bio(s) TBD
Who should attend  (customize to each session content) Who should attend this session:ISSA Members, ISACA Members and FS/ISAC Members (and other ISAC’s)This program has been created for information security practitioners,
but may also be of interest to the following:Auditors who intend to evaluate configuration management within an enterprise.Security practitioners and system admins seeking to accomplish or implement Configuration Management objectives.Security Management & Executives – With a goal of understanding industry practices trends, and seeking perspective on implementing technical assessment activities in the context of a broader application security program.
Sponsored by: Guardian Life Insurance