Architecting the Digital Enterprise
- TYPE: Track DATES: May 06 - May 07, 2015
Securing the digital enterprise in a way that is light and agile enough to remain flexible and competitive is creating complex architectural, technical and integration challenges for IT professionals. What can we do now to support the transformational period from analog to digital business? What standards will be critical to support in future time? What are the steps to be taken now? This track is focused on the information security part of the digital business and will give you valuable and actionable advice.
Moderators:
Tracks:
Architecting the Digital Enterprise: Securing Cloud, Data & Mobility
Sessions:
Top 5 Cloud Security Threats and how to Mitigate the Risk of High Impact
Date: Wednesday, May 06, 2015 Time: 11:00-12:00
Location: ALPSEE
Top 5 Cloud Security Threats and how to Mitigate the Risk of High Impact
Although cloud computing has left the early adopter stage, there are still quite a few organizations hesitant to migrate services and data into the cloud due to security concerns, not only in Europe. Many of the security and privacy concerns heard when listening to IT professionals, are not just fears - they are real amd meed to be treated. In this presentation, KuppingerCole Analysts Mike Small and Eric Cole will guide you through the top 5 Cloud Security & Privacy concerns and...
Simplify your IAM – what’s first: User Interface, Processes, or Infrastructure?
Too many companies suffer from complex IAM implementations. Lack of user acceptance due to overly complex user interfaces; massive workloads for business people in recertification; failed projects due to complex infrastructures; the list of challenges is long. On the other hand, the need for a well-working IAM has never been as large as today. Support for more users and other types of identities than ever before, with more and more business users being involved in access requests and...
Enterprise Mobility Management: Best Practices & Lessons Learned
Date: Wednesday, May 06, 2015 Time: 12:00-13:00
Location: ALPSEE
Enterprise Mobility Management: Best Practices & Lessons Learned
The mobile cloud era represents a tectonic shift and executives are increasingly recognizing the opportunity at stake as they map out the role technology plays in their organizations’ future. Workflows are becoming synergized with the elements of mobile and cloud, as field workers are accessing cloud services for their day to day operations. However, this presents security challenges for enterprises when mobile users access sensitive information through email and applications across...
What’s Next in Cloud IAM – Moving Beyond Single Sign-On
While an imperative component to a truly comprehensive Cloud Identity and Access Management strategy, Single Sign-On (SSO) is not the only factor for enterprises to consider when evaluating the proper long term solution. Other critical factors to keep in mind include advanced trust-based access control, authorization management and audit intelligence for compliance. As enterprises look to take advantage of cloud adoption, these structured best practices will allow companies to leverage...
Architecting the Digital Enterprise: Securing Cloud, Data & Mobility
Sessions:
Customer-Managed Encryption Keys: Controlling Your Data’s Privacy in the Cloud
Date: Wednesday, May 06, 2015 Time: 14:30-15:30
Location: ALPSEE
Customer-Managed Encryption Keys: Controlling Your Data’s Privacy in the Cloud
Businesses put a lot of trust in the cloud, believing that, as paying customers, they will enjoy total protection from hackers and law enforcement agencies trying to access their private data.
But the majority of cloud providers who encrypt data have full control over encryption keys and could – if required to – access and share the data. This is a risk many businesses are unaware of. It also means CISOs in industries handling very sensitive data cannot take advantage of the...
Best Practice: From Zero to Secure in 1 Minute
Cloud instances lifecycles are accelerating fast. Cloud providers are competing among them by switching to by-the-minute server billing instead of hourly billing. This means that servers should be installed, launched, process and terminate and all within a range of minutes. This new accelerated life cycle makes traditional security processes such as periodic patches, vulnerability scanning, hardening and forensics impossible. In this accelerated lifecycle, there are no maintenance windows...
Best Practice: A Hybrid Enterprise in a Cloud First World
Date: Wednesday, May 06, 2015 Time: 15:30-16:30
Location: ALPSEE
Best Practice: A Hybrid Enterprise in a Cloud First World
You’ll laugh, you’ll cry, and you might even pick up a useful nugget or two listening to a real-world enterprise IT architect share the experiences of the past year trying to support his business migrating to cloud services, and sharing the lessons learned from trying to integrate 2 hybrid enterprises into a single, streamlined company. You’ll hear where the cloud came through for us, and how we often had to fall back to on-prem services such as FIM, Ping Federate, and ADFS...
Identity-as-a-Service Securing PostNL’s 100% Cloud Strategy
PostNL deals in letters, parcels and everything related to letters and parcels. PostNL is with 60.000 employees and 3.4 billion of revenues the leader in The Netherlands and PostNL also works in Belgium, Luxembourg, the United Kingdom, Germany and Italy. Volumes in the letters business are declining and therefor cost cutting and having flexibility in cost both in Business and in IT are a key target for PostNL. For this reason, PostNL announced a 100% go to Cloud strategy where execution will...
The Future of Directory Services: Data Models - Performance - Security
Date: Wednesday, May 06, 2015 Time: 17:30-18:30
Location: ALPSEE
The Future of Directory Services: Data Models - Performance - Security
While there hasn’t been much news around directory services in the last decade, we see new momentum in this area, driven by two challenges and both related to the “hyberconnected” enterprise that has to manage identities of consumer, things, devices etc. and their relationships.
One challenge is performance. Managing some thousand employees or even tens of thousands or a few hundred thousand is fairly different from managing tens of millions of customers, billions of...
Business Critical Application Security
Most transactions take place on business-critical applications and infrastructure, producing data and information with the highest possible value for attackers. Protecting these applications and infrastructure is a fundamental part of each corporate security strategy. In this session we will talk about the real security challenges facing your business critical infrastructure, i.e. your SAP or Oracle system, how mitigate the risks involved and prevent against threats.
Secure Information Sharing through Rights Management
Sessions:
Digital Rights Management – UBS Case Study
Date: Thursday, May 07, 2015 Time: 11:00-12:00
Location: ALPSEE
Digital Rights Management – UBS Case Study
As a global operating financial institution UBS provides investment banking, asset management, and wealth management services for private, corporate, and institutional clients worldwide. UBS is the biggest bank in Switzerland, operating in more than 50 countries with about 60,000 employees around the world.
As a leading financial services provider, UBS defines information security as the backbone of our business. Our clients, as well as employees trust us to keep their information safe...
Experiences in getting Rights Management Deployed
Secure Information Sharing - The User Experience
As a result of the number of high profile, headline-grabbing revelations about security breaches and the consequent, well-publicised legal and financial implications, many enterprises, already worried about the free-and-easy transmission of sensitive company material have been impelled to take action to ensure that in the future their digital assets are far better protected from falling into the wrong hands than previously.
This session will show the experience and lessons...
Protecting and Tracking Sensitive Data
Date: Thursday, May 07, 2015 Time: 12:00-13:00
Location: ALPSEE
Protecting and Tracking Sensitive Data
Modern organizations routinely share sensitive data both internally and externally. This session will present a solution capable of letting data owners protect, control, and track their sensitive data regardless of where it is used (or abused). We’ll specifically present solutions for both front office and industrial use cases.
Information Centric Security; the Way to Go?
In the current world of fast-moving organizations with high demands of new services and supporting IT-systems we can no longer deal with the "old" perimeterized way of protecting the organizations assets. We are in need of a much more focussed and efficient approach that will allow us to protect our assets on their needs. Classification of information and protecting at it it's source is the way forward. Solutions have evolved that can make this happen without the major downsides of previous...
Identity Defined Security
Sessions:
What If the Future of Security Means Not Knowing It’s There?
Date: Thursday, May 07, 2015 Time: 14:30-15:30
Location: ALPSEE
What If the Future of Security Means Not Knowing It’s There?
For the modern enterprise, agility is the name of the game. What does that mean for enterprise security? How can security practices and policies evolve at the same rate as the business, while simultaneously adapting to an anywhere, anytime, any device IT environment that faces an increasing number of increasingly complex security threats?
As the real world becomes more real-time, security will need to adjust by transitioning from a highly structured, policy-based,...
User Discovery: Changing Best Practices and Protocol Convergence
The simple question of "who are you" is a problem with changing importance in the identity industry. Reigning best practice in authentication has favored a stateless model, where all users are treated as strangers when a session is not detected, regardless of high likelihoods of recurring usage by a single person on a given browser or device. This best practice is now under challenge, as multifactor authentication more tightly binds user identity to devices, and as security context, identity...
IAM as a Service Best Practice: B.Braun Melsungen AG
Date: Thursday, May 07, 2015 Time: 15:30-16:30
Location: ALPSEE
IAM as a Service Best Practice: B.Braun Melsungen AG
Experiences with IAM as a Service and/or IAM Managed Service
Many organizations today raise the question whether they could and should move their IAM infrastructure to the cloud (IAM as a service) or run it as a managed service. However, many IAM infrastructures still primarily support on-premise applications, thus this would be about connecting back to the on-premise IT infrastructure. So, does IAM in the cloud or as managed service only work well for organizations that run most of their IT in the cloud anyway? And what about customizations? IAM...
The Anthem Breach and how it could have been Avoided
Date: Thursday, May 07, 2015 Time: 17:00-18:00
Location: ALPSEE
The Anthem Breach and how it could have been Avoided
In January, Anthem Healthcare, the US’s second-largest health insurer, reported that the personal records of as many as 80 million individuals were compromised. Many so-called "security gurus" quickly called out the company for two flaws that were felt to be the major causes of the breach. The gurus were wrong. Kuppinger-Cole analyst Dave Kearns will guide you through the most likely vector for the attack, why the gurus’ recommendations wouldn’t have stopped the attack and...
Risk-based Realtime Security Intelligence: Prime Time for the Next Generation of IAM Solutions
Real Time Security Intelligence is one of the red hot topics in Information Security these days. There are a growing number of solutions that allow analysis of security-related incidents in real time, but can also detect anomalies in what is happening in the network.
We also observe strong innovation in the field of IAM (Identity and Access Management) and IAG (Identity and Access Governance), moving from preventive-mode to detective-mode incorporating responsive solutions as well as...
Top 5 Cloud Security Threats and how to Mitigate the Risk of High Impact
Date: Wednesday, May 06, 2015 Time: 11:00-12:00
Location: ALPSEE
Top 5 Cloud Security Threats and how to Mitigate the Risk of High Impact
Although cloud computing has left the early adopter stage, there are still quite a few organizations hesitant to migrate services and data into the cloud due to security concerns, not only in Europe. Many of the security and privacy concerns heard when listening to IT professionals, are not just fears - they are real amd meed to be treated. In this presentation, KuppingerCole Analysts Mike Small and Eric Cole will guide you through the top 5 Cloud Security & Privacy concerns and...
Simplify your IAM – what’s first: User Interface, Processes, or Infrastructure?
Too many companies suffer from complex IAM implementations. Lack of user acceptance due to overly complex user interfaces; massive workloads for business people in recertification; failed projects due to complex infrastructures; the list of challenges is long. On the other hand, the need for a well-working IAM has never been as large as today. Support for more users and other types of identities than ever before, with more and more business users being involved in access requests and...
Enterprise Mobility Management: Best Practices & Lessons Learned
Date: Wednesday, May 06, 2015 Time: 12:00-13:00
Location: ALPSEE
Enterprise Mobility Management: Best Practices & Lessons Learned
The mobile cloud era represents a tectonic shift and executives are increasingly recognizing the opportunity at stake as they map out the role technology plays in their organizations’ future. Workflows are becoming synergized with the elements of mobile and cloud, as field workers are accessing cloud services for their day to day operations. However, this presents security challenges for enterprises when mobile users access sensitive information through email and applications across...
What’s Next in Cloud IAM – Moving Beyond Single Sign-On
While an imperative component to a truly comprehensive Cloud Identity and Access Management strategy, Single Sign-On (SSO) is not the only factor for enterprises to consider when evaluating the proper long term solution. Other critical factors to keep in mind include advanced trust-based access control, authorization management and audit intelligence for compliance. As enterprises look to take advantage of cloud adoption, these structured best practices will allow companies to leverage...
Sessions:
Customer-Managed Encryption Keys: Controlling Your Data’s Privacy in the Cloud
Date: Wednesday, May 06, 2015 Time: 14:30-15:30
Location: ALPSEE
Customer-Managed Encryption Keys: Controlling Your Data’s Privacy in the Cloud
Businesses put a lot of trust in the cloud, believing that, as paying customers, they will enjoy total protection from hackers and law enforcement agencies trying to access their private data.
But the majority of cloud providers who encrypt data have full control over encryption keys and could – if required to – access and share the data. This is a risk many businesses are unaware of. It also means CISOs in industries handling very sensitive data cannot take advantage of the...
Best Practice: From Zero to Secure in 1 Minute
Cloud instances lifecycles are accelerating fast. Cloud providers are competing among them by switching to by-the-minute server billing instead of hourly billing. This means that servers should be installed, launched, process and terminate and all within a range of minutes. This new accelerated life cycle makes traditional security processes such as periodic patches, vulnerability scanning, hardening and forensics impossible. In this accelerated lifecycle, there are no maintenance windows...
Best Practice: A Hybrid Enterprise in a Cloud First World
Date: Wednesday, May 06, 2015 Time: 15:30-16:30
Location: ALPSEE
Best Practice: A Hybrid Enterprise in a Cloud First World
You’ll laugh, you’ll cry, and you might even pick up a useful nugget or two listening to a real-world enterprise IT architect share the experiences of the past year trying to support his business migrating to cloud services, and sharing the lessons learned from trying to integrate 2 hybrid enterprises into a single, streamlined company. You’ll hear where the cloud came through for us, and how we often had to fall back to on-prem services such as FIM, Ping Federate, and ADFS...
Identity-as-a-Service Securing PostNL’s 100% Cloud Strategy
PostNL deals in letters, parcels and everything related to letters and parcels. PostNL is with 60.000 employees and 3.4 billion of revenues the leader in The Netherlands and PostNL also works in Belgium, Luxembourg, the United Kingdom, Germany and Italy. Volumes in the letters business are declining and therefor cost cutting and having flexibility in cost both in Business and in IT are a key target for PostNL. For this reason, PostNL announced a 100% go to Cloud strategy where execution will...
The Future of Directory Services: Data Models - Performance - Security
Date: Wednesday, May 06, 2015 Time: 17:30-18:30
Location: ALPSEE
The Future of Directory Services: Data Models - Performance - Security
While there hasn’t been much news around directory services in the last decade, we see new momentum in this area, driven by two challenges and both related to the “hyberconnected” enterprise that has to manage identities of consumer, things, devices etc. and their relationships.
One challenge is performance. Managing some thousand employees or even tens of thousands or a few hundred thousand is fairly different from managing tens of millions of customers, billions of...
Business Critical Application Security
Most transactions take place on business-critical applications and infrastructure, producing data and information with the highest possible value for attackers. Protecting these applications and infrastructure is a fundamental part of each corporate security strategy. In this session we will talk about the real security challenges facing your business critical infrastructure, i.e. your SAP or Oracle system, how mitigate the risks involved and prevent against threats.
Secure Information Sharing through Rights Management
Sessions:
Digital Rights Management – UBS Case Study
Date: Thursday, May 07, 2015 Time: 11:00-12:00
Location: ALPSEE
Digital Rights Management – UBS Case Study
As a global operating financial institution UBS provides investment banking, asset management, and wealth management services for private, corporate, and institutional clients worldwide. UBS is the biggest bank in Switzerland, operating in more than 50 countries with about 60,000 employees around the world.
As a leading financial services provider, UBS defines information security as the backbone of our business. Our clients, as well as employees trust us to keep their information safe...
Experiences in getting Rights Management Deployed
Secure Information Sharing - The User Experience
As a result of the number of high profile, headline-grabbing revelations about security breaches and the consequent, well-publicised legal and financial implications, many enterprises, already worried about the free-and-easy transmission of sensitive company material have been impelled to take action to ensure that in the future their digital assets are far better protected from falling into the wrong hands than previously.
This session will show the experience and lessons...
Protecting and Tracking Sensitive Data
Date: Thursday, May 07, 2015 Time: 12:00-13:00
Location: ALPSEE
Protecting and Tracking Sensitive Data
Modern organizations routinely share sensitive data both internally and externally. This session will present a solution capable of letting data owners protect, control, and track their sensitive data regardless of where it is used (or abused). We’ll specifically present solutions for both front office and industrial use cases.
Information Centric Security; the Way to Go?
In the current world of fast-moving organizations with high demands of new services and supporting IT-systems we can no longer deal with the "old" perimeterized way of protecting the organizations assets. We are in need of a much more focussed and efficient approach that will allow us to protect our assets on their needs. Classification of information and protecting at it it's source is the way forward. Solutions have evolved that can make this happen without the major downsides of previous...
Identity Defined Security
Sessions:
What If the Future of Security Means Not Knowing It’s There?
Date: Thursday, May 07, 2015 Time: 14:30-15:30
Location: ALPSEE
What If the Future of Security Means Not Knowing It’s There?
For the modern enterprise, agility is the name of the game. What does that mean for enterprise security? How can security practices and policies evolve at the same rate as the business, while simultaneously adapting to an anywhere, anytime, any device IT environment that faces an increasing number of increasingly complex security threats?
As the real world becomes more real-time, security will need to adjust by transitioning from a highly structured, policy-based,...
User Discovery: Changing Best Practices and Protocol Convergence
The simple question of "who are you" is a problem with changing importance in the identity industry. Reigning best practice in authentication has favored a stateless model, where all users are treated as strangers when a session is not detected, regardless of high likelihoods of recurring usage by a single person on a given browser or device. This best practice is now under challenge, as multifactor authentication more tightly binds user identity to devices, and as security context, identity...
IAM as a Service Best Practice: B.Braun Melsungen AG
Date: Thursday, May 07, 2015 Time: 15:30-16:30
Location: ALPSEE
IAM as a Service Best Practice: B.Braun Melsungen AG
Experiences with IAM as a Service and/or IAM Managed Service
Many organizations today raise the question whether they could and should move their IAM infrastructure to the cloud (IAM as a service) or run it as a managed service. However, many IAM infrastructures still primarily support on-premise applications, thus this would be about connecting back to the on-premise IT infrastructure. So, does IAM in the cloud or as managed service only work well for organizations that run most of their IT in the cloud anyway? And what about customizations? IAM...
The Anthem Breach and how it could have been Avoided
Date: Thursday, May 07, 2015 Time: 17:00-18:00
Location: ALPSEE
The Anthem Breach and how it could have been Avoided
In January, Anthem Healthcare, the US’s second-largest health insurer, reported that the personal records of as many as 80 million individuals were compromised. Many so-called "security gurus" quickly called out the company for two flaws that were felt to be the major causes of the breach. The gurus were wrong. Kuppinger-Cole analyst Dave Kearns will guide you through the most likely vector for the attack, why the gurus’ recommendations wouldn’t have stopped the attack and...
Risk-based Realtime Security Intelligence: Prime Time for the Next Generation of IAM Solutions
Real Time Security Intelligence is one of the red hot topics in Information Security these days. There are a growing number of solutions that allow analysis of security-related incidents in real time, but can also detect anomalies in what is happening in the network.
We also observe strong innovation in the field of IAM (Identity and Access Management) and IAG (Identity and Access Governance), moving from preventive-mode to detective-mode incorporating responsive solutions as well as...
Digital Rights Management – UBS Case Study
Date: Thursday, May 07, 2015 Time: 11:00-12:00
Location: ALPSEE
Digital Rights Management – UBS Case Study
As a global operating financial institution UBS provides investment banking, asset management, and wealth management services for private, corporate, and institutional clients worldwide. UBS is the biggest bank in Switzerland, operating in more than 50 countries with about 60,000 employees around the world.
As a leading financial services provider, UBS defines information security as the backbone of our business. Our clients, as well as employees trust us to keep their information safe...
Experiences in getting Rights Management Deployed
Secure Information Sharing - The User Experience
As a result of the number of high profile, headline-grabbing revelations about security breaches and the consequent, well-publicised legal and financial implications, many enterprises, already worried about the free-and-easy transmission of sensitive company material have been impelled to take action to ensure that in the future their digital assets are far better protected from falling into the wrong hands than previously.
This session will show the experience and lessons...
Protecting and Tracking Sensitive Data
Date: Thursday, May 07, 2015 Time: 12:00-13:00
Location: ALPSEE
Protecting and Tracking Sensitive Data
Modern organizations routinely share sensitive data both internally and externally. This session will present a solution capable of letting data owners protect, control, and track their sensitive data regardless of where it is used (or abused). We’ll specifically present solutions for both front office and industrial use cases.
Information Centric Security; the Way to Go?
In the current world of fast-moving organizations with high demands of new services and supporting IT-systems we can no longer deal with the "old" perimeterized way of protecting the organizations assets. We are in need of a much more focussed and efficient approach that will allow us to protect our assets on their needs. Classification of information and protecting at it it's source is the way forward. Solutions have evolved that can make this happen without the major downsides of previous...
Sessions:
What If the Future of Security Means Not Knowing It’s There?
Date: Thursday, May 07, 2015 Time: 14:30-15:30
Location: ALPSEE
What If the Future of Security Means Not Knowing It’s There?
For the modern enterprise, agility is the name of the game. What does that mean for enterprise security? How can security practices and policies evolve at the same rate as the business, while simultaneously adapting to an anywhere, anytime, any device IT environment that faces an increasing number of increasingly complex security threats?
As the real world becomes more real-time, security will need to adjust by transitioning from a highly structured, policy-based,...
User Discovery: Changing Best Practices and Protocol Convergence
The simple question of "who are you" is a problem with changing importance in the identity industry. Reigning best practice in authentication has favored a stateless model, where all users are treated as strangers when a session is not detected, regardless of high likelihoods of recurring usage by a single person on a given browser or device. This best practice is now under challenge, as multifactor authentication more tightly binds user identity to devices, and as security context, identity...
IAM as a Service Best Practice: B.Braun Melsungen AG
Date: Thursday, May 07, 2015 Time: 15:30-16:30
Location: ALPSEE
IAM as a Service Best Practice: B.Braun Melsungen AG
Experiences with IAM as a Service and/or IAM Managed Service
Many organizations today raise the question whether they could and should move their IAM infrastructure to the cloud (IAM as a service) or run it as a managed service. However, many IAM infrastructures still primarily support on-premise applications, thus this would be about connecting back to the on-premise IT infrastructure. So, does IAM in the cloud or as managed service only work well for organizations that run most of their IT in the cloud anyway? And what about customizations? IAM...
The Anthem Breach and how it could have been Avoided
Date: Thursday, May 07, 2015 Time: 17:00-18:00
Location: ALPSEE
The Anthem Breach and how it could have been Avoided
In January, Anthem Healthcare, the US’s second-largest health insurer, reported that the personal records of as many as 80 million individuals were compromised. Many so-called "security gurus" quickly called out the company for two flaws that were felt to be the major causes of the breach. The gurus were wrong. Kuppinger-Cole analyst Dave Kearns will guide you through the most likely vector for the attack, why the gurus’ recommendations wouldn’t have stopped the attack and...
Risk-based Realtime Security Intelligence: Prime Time for the Next Generation of IAM Solutions
Real Time Security Intelligence is one of the red hot topics in Information Security these days. There are a growing number of solutions that allow analysis of security-related incidents in real time, but can also detect anomalies in what is happening in the network.
We also observe strong innovation in the field of IAM (Identity and Access Management) and IAG (Identity and Access Governance), moving from preventive-mode to detective-mode incorporating responsive solutions as well as...
Quick Links
Stay Connected
Information
European Identity & Cloud Conference 2015
- Language:
- English
- Registration fee:
-
€1980.00
$2475.00
S$3168.00
21780.00 kr
INVOICE
- Contact person:
-
Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
- May 05 - 08, 2015 Munich, Germany
Partners
The European Identity & Cloud Conference 2015 is proud to present a large number of partners
Learn more