October 16, 2012 at 6:30 PM

ISSA National Capital Chapter October meeting topic:

Derek Melber and Paul Andrew
Creating a Secure Desktop

 

Abstract
This session covers the key aspects of how end-points become attack vectors. We will cover all of the key aspects that we did in the ISSA session, with demos of the PB products. There are some key issues which can be solved with software, but most companies are not aware the software exists. We will start the session describing what an endpoint can do to the environment. We will then discuss the potential issues with solving this, specifically with trying to remove the user from being a local administrator. We will also cover whitelisting, LM authentication, firewalls, and more.
 
In this one hour session, Group Policy MVP Derek Melber will go over some of the most important--yet often forgotten--security settings for Windows desktops. Settings like LanManager, Anonymous, IE, UAC, etc will be covered and you will see why these settings are so important for every corporation. Learn about common mistakes in Windows Security and how to avoid them, as well as how adopting least privilege can help protect you against malware and insider threats.
 
When you leave this session, you will have learned:

- How to secure the use of LAN Manager for your entire enterprise
- How to disable anonymous access to your domain controllers and servers
- What options are available to control and configure IE security
- Why UAC is so important and what it does for security
- Even more security settings inside of Windows Group Policy
 

About the speakers
Derek Melber (MCSE, MVP) is an independent consultant and speaker, as well as author of many IT books. Derek educates and evangelizes Microsoft technology, focusing on Active Directory, Group Policy, Security, and desktop management. Derek is President and CTO of BrainCore.Net. As one of only 8 MVPs in the world on Group Policy, Derek's company is often called upon to develop end-to-end solutions regarding Group Policy and security for companies. Derek is one of only a few in the industry that has a deep knowledge of Group Policy, Group Policy Preferences (AKA PolicyMaker), and Advanced Group Policy Management (AGPM). Derek is the author of the The Group Policy Resource Kit by Microsoft Press. This book covers all aspects of the new features provided for Group Policy in Windows Server 2008 and 7. Derek also wrote a series of books related to Auditing and Security Windows through the IIA. Derek is a contributing editor for WindowSecurity.com, RIAG Journal, IT Audit newsletter, and various other publications. You will most likely see Derek at one of the many conferences that he speaks at including InfoSec World, Windows Connections, MISTI, ISACA, and the IIA. Derek provides Windows security training through MISTI and also delivers custom training and speaking on nearly all Windows topics. Program Chair's Note: I saw Derek in April at ISSA give the first talk, and it was superb. In addition, David Merritt also gives him Derek an enthusiastic thumbs-up.

Paul Andrew is a Senior Sales Manager at BeyondTrust Software. In this role, for over six years, Paul has been a pioneer in the rapidly growing Desktop Security Industry, helping organizations successfully implement a Least Privilege Security Environment. Paul manages all day-to-day customer needs and he is responsible for increasing the already high demand for the BeyondTrust PowerBroker Product Suite. Paul manages all large Commercial Accounts, Government Agencies and Education clients. Paul also brings over 20 years of sales and sales management experience with other fast growing technology companies, including PC/GovConnection, Ecora Software, W.L Gore & Associates (GORE-TEX®) and Groundwater Technology, Inc.
 
Paul holds a B.S in Geology from the University of New Hampshire. In addition, Paul has also held various research positions within the National Marine Fisheries Service (NMFS) and Woods Hole Oceanographic Institution (WHOI). While working at the NMFS and WHOI, Paul was Head of Deck Operations, staging several research cruises, while at Sea. Paul has also authored or co-authored 3 volumes of Marine Sediment Core and Rock Descriptions and one Technical Publication describing Thermistor Probe Construction, which was used in support of WHOI Marine Heat-Flow research programs.
 

 

 

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Tuesday, October 16, 2012 6:30 PM

Government Printing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details