Untitled Document
  Home
Register
  Sponsorship Info
  Conference Info
  Call for Papers
Untitled Document
2011 West Diamond Sponsor

Untitled Document
2011 West Platinum Plus Sponsor

Untitled Document
2011 West Platinum Sponsor

Untitled Document
2011 West Gold Sponsors

Untitled Document
2011 West Silver Sponsors

Untitled Document
2011 West Bronze Sponsors


Untitled Document
2011 West Exhibitors

















































Untitled Document
2011 West Wireless Network Sponsor

Untitled Document
2011 West Lunch Sponsor

Untitled Document
2011 West Media Sponsors

Untitled Document
2011 East Diamond Sponsor

Untitled Document
2011 East Platinum PlusSponsors

Untitled Document
2011 East Gold Sponsor

Untitled Document
2011 East Silver Sponsors

Untitled Document
2011 East Bronze Sponsors

Untitled Document
2011 East Exhibitor










































Managing Internal Threats
Remember that every employee has the ability to be an insider threat

By

The number of annual security incidents caused by insider threats continues to increase.  In The CERT Guide to Insider Threats, Capelli et al writes, “Insider threats are an intriguing and complex problem. Some assert that they are the most significant threat faced by organizations today.” Disgruntled system administrators damage data and systems, skilled professionals steal intellectual property, and inferior employees use information to achieve political or financial objectives for their self-gain.  Any of these can constitute a critical national defense breach or breach of public trust.

Infosec InstituteTo defend against the damage or theft caused by insiders, an organization must hold every employee responsible for detecting and reporting both behavior and technical evidence indicating a possible employee defection from policy and compliance.  In addition, technical controls can help monitor suspected offenders and the overall network for evidence of criminal behavior.

Behavior Monitoring
In a 2008 article I wrote for CBS Interactive/TechRepublic, I listed employee characteristics that warn of potential defection from organizational and social policy and norms, including:

  • Appearing intoxicated at the office
  • Actual or threatened use of force or violence
  • Pattern of disregard for rules and regulations
  • Attempts to enlist others in illegal or questionable activity
  • Pattern of lying and deception of co-workers or supervisors
  • Argumentative or insulting behavior toward work associates
  • Attempts to circumvent or defeat security or auditing systems

In general, any negative change in an employee’s behavior is concerning.  Furthermore, actions taken by management can trigger a borderline defector to cross into criminal behavior.  For example, an already disgruntled employee might feel justified in stealing and selling intellectual property after being passed over for promotion.  Any potential-employees are candidates for additional monitoring.

Terminating an employee is one way to deal with a potential problem.  However, we often value employees who are simply going through rough personal times. If terminating an employee is your preferred choice, keep in mind that you need to have attempted to resolve the issues with the employee or have clear evidence of a violation in policy; otherwise the termination can result in a lawsuit. It is often better to remediate than to terminate an employee.

First, we should ensure all employees understand organizational policies regarding the use of information resources and workplace behavior.  Second, management should have a clear and fair process for a workplace infraction. The response should match the level of the offense.  Furthermore, every employee, without exception, should understand the consequences of defection.

Finally, problem employees will usually not commit an infraction in front of management.  This means we must train employees, as well as managers, to detect suspicious behavior and report it to someone higher-up.  Since many employees would rather not become personally involved, an anonymous tip line is a possible solution.  For example, a large organization for which I worked had a toll-free number any employee could call to report policy violations or any other concern or complaint.  In addition, if you don’t want to set up a phone line, you could set up an anonymous website where you achieve the same result. Weekly, a compliance committee met to go over all reports, and there were many. Anything that appeared critical did not wait for the weekly meeting but was handled immediately.

Technical Monitoring
While behavior monitoring can alert us to many possible incidents, it often fails when dealing with network and server administrators who go rogue. We can easily miss behavior signals when an employee does his or her best to hide them.  When behavior monitoring fails or is insufficient, technical monitoring should fill the gap.

Non-administrators
For non-administrators, we can control how much information an employee can access (and what they can do with it) by enforcing need-to-know, least privilege, and separation of duties. Organizations enforce all three by properly managed authorization policies and processes.

The first two are closely related.  Need-to-know restricts the information a user can access only to that required for daily task completion.  Least privilege controls what a person can do with the information accessed.  For example, need-to-know might allow me to see electronic information classified as top secret, but least privilege would prevent me from changing or deleting it unless my role in the organization requires it.  Together, they strictly limit insider threat damage.

Separation of duties, when properly implemented, prevents any one person from performing all tasks associated with a critical process.  To illustrate, separation of duties prevents a software developer from creating malware and placing it in a production environment.  In other words, developers should not be able to place their work into production systems.

Next, organizations must control the movement of sensitive information.  If not possible using direct means, such as data rights management, then you should use indirect means.  One of the most effective indirect monitoring methods is NetFlow analysis.  NetFlow, emerging as the IPFIX standard, collects network traffic flow information at various points across the network.  Information gathered and aggregated to an analysis and management server provides insight into anomalous traffic flow.  If, for example, an employee decides to copy a large number of documents to an Internet location, NetFlow statistics would alert security to unusual behavior at one or more points on the network.  This near-real-time identification of technological infractions happening on the network enables the possibility for a quick and effective response: stopping the employee or mitigating their effects on the organization.

In addition to NetFlow, security information and event management (SIEM) provides additional information about anomalous server or network behavior.  SIEM solutions gather logs from various devices and systems, aggregating them into a correlation server.  An event correlation application then mines unusual patterns or patterns known to be related to malicious behavior.  Questionable activity is reported to security via email, SMS, or a Web portal.

Finally, employment termination and job change processes must include immediate revocation of all rights and privileges to previously accessed information resources.  During a job change, removing all access and then granting access for the new role is a good approach.  Failure to adequately perform these tasks is a significant cause of many insider incidents, especially those caused by administrators.

Administrators
While the previous controls also work for malicious activities by administrators, they tend to fall short.  Administrators can alter logs or create backdoor accounts for use after hours or post-termination.  Monitoring all employees and using separation of duties can help eliminate these vulnerabilities.

Administrator monitoring must extend to changes applied to special purpose files.  One example includes log changes.  Operating systems or other third-party solutions can track changes to logs, including who made the change and when.  Security teams can identify unplanned changes and respond appropriately. This also applies to other files that might contain critical system management information and applications in the production environment.

In addition to file changes, any creation of a privileged account should raise a warning.  For example, one security team ran a script every morning to determine if any accounts had been added to any Windows Active Directory administrator group.    If so, the addition was reviewed against change management documentation to ensure it was approved.  Any questionable account was removed and the offending employee was reported to his manager.  A periodic audit of all privileged accounts, whether disabled or active, is another good way of identifying possible rogue IDs.

Sharing of administrator passwords also requires special attention.  Each time a shared admin account is used, log it.  Each time an administrator leaves the organization, change all shared passwords.  If your budget allows it, consider implementing a privileged password management solution that logs who checks out shared account passwords and changes the passwords after use.

Finally, remember that every employee has the ability to be an insider threat. The most impactful threats are caused by those at the top – managers, administrators, programmers, and security experts. Insider threats are real, and they will eventually cause an incident in every organization.  Proper preparation, training, and vigilance can prevent or alleviate related consequences.

Tom Olzak is a security researcher for InfoSec Institute. InfoSec Institute is a security certification company that provides popular ccent training.

Read the original blog entry...

About Bob Gourley
Bob Gourley, former CTO of the Defense Intelligence Agency (DIA), is Founder and CTO of Crucial Point LLC, a technology research and advisory firm providing fact based technology reviews in support of venture capital, private equity and emerging technology firms. He has extensive industry experience in intelligence and security and was awarded an intelligence community meritorious achievement award by AFCEA in 2008, and has also been recognized as an Infoworld Top 25 CTO and as one of the most fascinating communicators in Government IT by GovFresh.

Untitled Document
Virtualization Expo Looms Large on SYS-CON.TV



Cloud Expo 2010 East Opening Keynote by Oracle

View this Keynote, recorded live at the Jacob Javits Center, featuring Richard Sarwal, CSVP of Development and Hasan Rizvi, Senior Vice President of Oracle Fusion Middleware Products.

The Science of Doing Business in the Clouds
During this Cloud Expo Day Two Keynote, Tony Bishop will describe Adaptivity’s systematic and prescriptive approach that combines Fit-for-Purpose infrastructure technologies and management capabilities in order to create the optimal economics, environment and autonomics needed for the business to leverage cloud services.

Pete Malcolm, CEO of Abiquo Live From New York City
Join Pete Malcolm, CEO Abiquo, for this vendor-neutral keynote, where you will learn about the next chapter in the Virtualization story. What it is, what it means, why open standards are key, and most importantly, how it will revolutionize the way your organization manages IT.

Keynote: Cloud Computing: Separating Hype from Reality
Rex Wang, VP of Product Marketing at Oracle will explore how enterprises are likely to adopt public and private cloud computing, building on a foundation of virtualization infrastructure and management systems.

The Time is Right for Enterprise Cloud Computing
During his keynote, Rich Marcello, Senior Vice President of Unisys, will discuss the latest technologies and approaches that help knock down these barriers, creating the opportunity for attendees to now consider cloud managed services as part of their data center journey to secure "IT as a Service".

Accelerating Innovation with Cloud Computing
Join Shelton Shugar, Senior Vice President of Cloud Computing at Yahoo! for a keynote elaborating on how Yahoo! and consumers benefit from Yahoo! Cloud Services and will describe Yahoo! Cloud Services and technologies.

Virtualization Articles & Feature Stories
The market is full of buzz about cloud computing, and with it come sweeping claims about simplicity and savings. Deciding to migrate some or all database management to a cloud hosting provider, however, is a more complex undertaking than conventional wisdom may suggest. This white paper from Peak 10 addresses five primary questions posed by technology leaders as they assess their data management options. We address the true cost of a hosted data storage strategy; safety and security issues; ac...
The revolution that happened in the server universe over the past 15 years has resulted in an eco-system that is more open, more democratically innovative and produced better results in technically challenging dimensions like scale. The underpinnings of the revolution were common hardware, standards based APIs (ex. POSIX) and a strict adherence to layering and isolation between applications, daemons and kernel drivers/modules which allowed multiple types of development happen in parallel without...
In this report Enterprise Management Associates (EMA) analysts explore the ways in which gaining visibility and control over high-privilege access helps organizations achieve regulatory compliance, assure responsible governance, and improve security all while reducing IT operational costs. The characteristics of an effective privileged access management solution are examined, along with evidence from EMA research that supports the values of a more consistent approach to operational IT control.
Latest Virtualization Conference News
VMware announced the release of the latest generation of its flagship product, VMware vSphere 5.5. Enhancements include support for larger storage systems, support for management and deployment of big data environments, and support for Flash Memory performance improvements. VMware vSphere 5.5 also expanded its support by allowing configurations with two times the previous physical CPU, memory and NUMA node limits.
After joining with Southeastern Asset Management in signing an open letter to Dell’s special board committee – which is wrestling with Michael Dell’s offer to pay $13.75 a share, 10 cents more a share, to change how the stockholders vote on his leverage buy-out offer is counted – telling the special committee he expected them to tell Michael Dell “no” – activist investor Carl Icahn wrote another open letter to Dell shareholders characterizing Michael Dell as a “whining” “sore loser” and major co...
Dell CEO Michael Dell told the Wall Street Journal in an e-mail exchange over the weekend that he intends to stay with the company if his multibillion-dollar offer to buy the joint and take it private isn’t approved by the stockholders. He also said that he won’t support Carl Icahn’s notion of a leverage recapitalization or Icahn’s schemes to put the company deeper in debt or sell off some its assets to pay shareholders an ostensibly higher price. Michael reiterated that the spec...
Best Recent Articles on Cloud Computing & Big Data Topics
As we enter a new year, it is time to look back over the past year and resolve to improve upon it. In 2014, we will see more service providers resolve to add more personalization in enterprise technology. Below are seven predictions about what will drive this trend toward personalization.
IT organizations face a growing demand for faster innovation and new applications to support emerging opportunities in social, mobile, growth markets, Big Data analytics, mergers and acquisitions, strategic partnerships, and more. This is great news because it shows that IT continues to be a key stakeholder in delivering business service innovation. However, it also means that IT must deliver new innovation despite flat budgets, while maintaining existing services that grow more complex every day.
Cloud computing is transforming the way businesses think about and leverage technology. As a result, the general understanding of cloud computing has come a long way in a short time. However, there are still many misconceptions about what cloud computing is and what it can do for businesses that adopt this game-changing computing model. In this exclusive Q&A with Cloud Expo Conference Chair Jeremy Geelan, Rex Wang, Vice President of Product Marketing at Oracle, discusses and dispels some of the common myths about cloud computing that still exist today.
Despite the economy, cloud computing is doing well. Gartner estimates the cloud market will double by 2016 to $206 billion. The time for dabbling in the cloud is over! The 14th International Cloud Expo, co-located with 5th International Big Data Expo and 3rd International SDN Expo, to be held June 10-12, 2014, at the Javits Center in New York City, N.Y. announces that its Call for Papers is now open. Topics include all aspects of providing or using massively scalable IT-related capabilities as a service using Internet technologies (see suggested topics below). Cloud computing helps IT cut infrastructure costs while adding new features and services to grow core businesses. Clouds can help grow margins as costs are cut back but service offerings are expanded. Help plant your flag in the fast-expanding business opportunity that is The Cloud, Big Data and Software-Defined Networking: submit your speaking proposal today!
What do you get when you combine Big Data technologies….like Pig and Hive? A flying pig? No, you get a “Logical Data Warehouse.” In 2012, Infochimps (now CSC) leveraged its early use of stream processing, NoSQLs, and Hadoop to create a design pattern which combined real-time, ad-hoc, and batch analytics. This concept of combining the best-in-breed Big Data technologies will continue to advance across the industry until the entire legacy (and proprietary) data infrastructure stack will be replaced with a new (and open) one.
While unprecedented technological advances have been made in healthcare in areas such as genomics, digital imaging and Health Information Systems, access to this information has been not been easy for both the healthcare provider and the patient themselves. Regulatory compliance and controls, information lock-in in proprietary Electronic Health Record systems and security concerns have made it difficult to share data across health care providers.
Cloud Expo, Inc. has announced today that Vanessa Alvarez has been named conference chair of Cloud Expo® 2014. 14th International Cloud Expo will take place on June 10-12, 2014, at the Javits Center in New York City, New York, and 15th International Cloud Expo® will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
12th International Cloud Expo, held on June 10–13, 2013 at the Javits Center in New York City, featured four content-packed days with a rich array of sessions about the business and technical value of cloud computing led by exceptional speakers from every sector of the cloud computing ecosystem. The Cloud Expo series is the fastest-growing Enterprise IT event in the past 10 years, devoted to every aspect of delivering massively scalable enterprise IT as a service.
Ulitzer.com announced "the World's 30 most influential Cloud bloggers," who collectively generated more than 24 million Ulitzer page views. Ulitzer's annual "most influential Cloud bloggers" list was announced at Cloud Expo, which drew more delegates than all other Cloud-related events put together worldwide. "The world's 50 most influential Cloud bloggers 2010" list will be announced at the Cloud Expo 2010 East, which will take place April 19-21, 2010, at the Jacob Javitz Convention Center, in New York City, with more than 5,000 expected to attend.
It's a simple fact that the better sales reps understand their prospects' intentions, preferences and pain points during calls, the more business they'll close. Each day, as your prospects interact with websites and social media platforms, their behavioral data profile is expanding. It's now possible to gain unprecedented insight into prospects' content preferences, product needs and budget. We hear a lot about how valuable Big Data is to sales and marketing teams. But data itself is only valuable when it's part of a bigger story, made visible in the right context.
Cloud Expo, Inc. has announced today that Larry Carvalho has been named Tech Chair of Cloud Expo® 2014. 14th International Cloud Expo will take place on June 10-12, 2014, at the Javits Center in New York City, New York, and 15th International Cloud Expo® will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Everyone talks about a cloud-first or mobile-first strategy. It's the trend du jour, and for good reason as these innovative technologies have revolutionized an industry and made savvy companies a lot of money. But consider for a minute what's emerging with the Age of Context and the Internet of Things. Devices, interfaces, everyday objects are becoming endowed with computing smarts. This is creating an unprecedented focus on the Application Programming Interface (API) as developers seek to connect these devices and interfaces to create new supporting services and hybrids. I call this trend the move toward an API-first business model and strategy.
We live in a world that requires us to compete on our differential use of time and information, yet only a fraction of information workers today have access to the analytical capabilities they need to make better decisions. Now, with the advent of a new generation of embedded business intelligence (BI) platforms, cloud developers are disrupting the world of analytics. They are using these new BI platforms to inject more intelligence into the applications business people use every day. As a result, data-driven decision-making is finally on track to become the rule, not the exception.
Untitled Document
Register Now and Save!
Save $500
on your “Gold Pass” Registration! Call 201.802.3020 or click here to Register Early Bird Expires January 2nd.

Santa Clara Call For Papers Now Open

Submit
your speaking proposals for the
upcoming Cloud Expo in

New York, NY


Sponsorship Opportunities
Please Call
201.802.3021
events (at) sys-con.com
SYS-CON's Virtualization Expo, held each year in California, New York, Prague and Tokyo, is the world’s leading Cloud event in its 4th year, larger than all other Virtualization events put together. For sponsorship, exhibit opportunites and show prospectus, please contact Carmen Gonzalez.

Who Should Attend?
Senior Technologists including CIOs, CTOs, VPs of technology, IT directors and managers, network and storage managers, network engineers, enterprise architects, communications and networking specialists, directors of infrastructure Business Executives including CEOs, CMOs, CIOs, presidents, VPs, directors, business development; product and purchasing managers.

Download Virtualization Journal & Show Guide
Virtualization Journal
Download PDF
Virtualization Expo
Show Guide

Download PDF

The World's 30 Most Influential Virtualization Bloggers
Virtualization Expo on Ulitzer
1
U. Banerjee 11 Irfan Khan 21 Maureen O'Gara
2
J. Bloomberg 12 T. Lanowitz 22 Brace Rennels
3
Dave Chappell 13 Treff LaPlante 23 Greg Schulz
4
Jeremy Chone 14 Steve Lesem 24 Peter Silva
5
Robert Eve 15 David Linthicum 25 Roman Stanek
6
Chris Fleck 16 Don MacVittie 26 David Strom
7
S. Foskett 17 Miko Matsumura 27 Roger Strukhoff
8
Dana Gardner 18 JP Morgetnthal 28 Ian Thain
9
Jeremy Geelan 19 Chris Muir 29 K. Wadsworth
10
C. Keene 20 Greg Ness 30 B. Watson

Virtualization Blogs Live
While organizations spend the next few days and weeks patching OpenSSL vulnerabilities, the realization is setting in that we may never know the full extent of the damage caused by Heartbleed. Although Heartbleed was only announced in early April, it has actually been present in OpenSSL versions dating back to March 2012. This means hackers have had ample time to steal certificates and other sensitive information. Making matters worse, it's nearly impossible for companies to know whether their web communications have indeed been compromised.
Earlier this week, Ethan Banks wrote a very nice article about Mellanox’s dual spine and leaf network in support of a large amount 10GbE access ports. After describing the scaled up network design, he reviews 8 observations about the design, not to point out good or bad, but merely to point out specific points to consider. Fully coincidental (Ethan lives close to us, but I am pretty sure he cannot peek through our windows) we had gone through a similar exercise this week, documenting the choices and limitations of spine and leaf networks. And as always, the conclusions are not ones of right or...
Last week was a crazy week for information security. That's probably also the understatement of the year. With the public exposure of Heartbleed, everyone was talking about what to do and how to do it to help customers and the Internet, in general, deal with the ramifications of such a pervasive vulnerability. If you still aren't sure, we have some options available, check them out here: The most significant impact on organizations was related to what amounts to the invalidation of the private keys used to ensure secure communications. Researchers found that not only did exploitation of th...
This past weekend, like many of you, I started getting the blood curdling password resets from a bunch of OpenSSL affected sites. I also got a few emails from sites indicating that I had nothing to worry about. Bad news, good news. Probably the biggest security story thus far for 2014 is Heartbleed, the OpenSSL vulnerability which potentially allows attackers to extract 64 kilobyte batches of memory at random without being noticed and leaving no trace. Sounds like the perfect crime.
Untitled Document
Past SYS-CON Events
    Cloud Expo East
cloudexpo
2011east.sys-con.com

 
    Virtualization Expo East
virtualization
2011east.sys-con.com
    Cloud Expo West
cloudcomputingexpo
2010west.sys-con.com

 
    Virtualization Expo West
virtualization
2010west.sys-con.com
    Cloud Expo West
cloudcomputingexpo
2009west.sys-con.com

 
    Virtualization Expo
virtualizationconference
2009west.sys-con.com
 
    Cloud Expo East
cloudcomputingexpo
2009east.sys-con.com

 
    Virtualization Expo
virtualizationconference
2009east.sys-con.com
 
    GovIT Expo
govitexpo.com
 
    AJAX World
ajaxworld.com
 
    Cloud Expo Europe
cloudexpo-europe.com/
 
    SOA World
soaworld2009.com
 

Virtualization Expo 2010 Allstar Conference Faculty

SARWAL
Oracle

COFFEE
Salesforce

KHAN
Sybase

BISHOP
Adaptivity

MALCOLM
Abiquo

KHALIDI
Microsoft

RILEY
AWS

AZUA
IBM

BARRETO
Intel

CHAKRAVARTY
Novell

CRANDELL
RightScale

GAUVIN
Virtual Ark

GROSS
Unisys

SCHALK
Google

YEN
Juniper Networks

WILLOUGHBY
Compuware

What The Enterprise IT World Says
About Virtualization Expo
 
"We had extremely positive feedback from both customers and prospects that attended the show and saw live demos of NaviSite's enterprise cloud based services."
  –William Toll
Sr. Director, Marketing & Strategic Alliances
Navisite
 


 
"More and better leads than ever expected! I have 4-6 follow ups personally."
  –Richard Wellner
Chief Scientist
Univa UD
 


 
"Good crowd, good questions. The event looked very successful."
  –Simon Crosby
CTO
Citrix Systems
 


 
"Great conference and group of speakers, interesting timely announcements, and awesome networking."
  –Ricardo Sanchez
Software Architect
Myriadtech