SIGS Afterwork Event Geneva
Classification and label-centric security approach
in Office 365
|Target Audience||Information Security Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security
From Consultancies and Resellers/Integrators are only technical peoples allowed to take part. Vendors and people with a Sales/Marketing role are not authorized as participants.
|CPE Credits||Earn 2 CPE (Continuing Professional Education) for attending this SIGS Event. Please request a confirmation.
|Location||Hotel Warwick Geneva
14, rue de Lausanne
|Date of Event||6th of September 2017
|Participation Costs||Fr. 30.— per participants
This includes presentations, all beverages and apéro riche
|5:00 – 5:30||Registration & Apéro|
|5:30 – 6:00||René Eberhard, CEO at keyon AG
Classification and label-centric security approach in O365 – understanding the big picture
Organizations no longer operate solely within their premises. Cloud and mobility become more and more important. Data is transmitted between organizations, users, devices, and applications, regardless of their location. The challenge is to identify sensitive information and to apply the right level of control in order to maintain security and privacy of such information. Today’s security approach is to control data on premises and/or on a device. The classification and label-centric security approach applies security directly to the data itself, so that it’s always protected and identifiable, regardless of the location, device, application, or any additional security measures.
The goal of the presentation is to highlight the big picture of the classification- and label-centric security approach from an organizational view and how it can be implemented in an organization, especially in O365 and other applications.
|6:00 – 6:30||Pierre Salvy, Technology Specialist Windows and Jean-Marc Hilaire, Technology Specialist Enterprise Mobility + Security at Microsoft
Identities – the new security perimeter
A lot of organizations still mainly invest in network security to protect their business data. However, the security landscape has changed and companies have to handle new challenges today. We strongly belief in a “Assume Breach” approach, where IT assumes that a hacker was already able to breach the security boundaries and accessing data. To manage these kind of scenarios IT needs new security tools which are able to identifies attackers in the network based on advanced detection methods.
The goal of this presentation is to give you a better understanding about the todays challenges and what kind of solutions are available for IT. We would like to give you a clear picture how you could implement such solutions in your organization.
|6:30 – 7:00||Rade Nikolic, IT System Business Analyst at QUOTIENT
Quality control in the Cloud
Quality is often defined as a deliverable matched with specifications and requirements. Quality control ensures through the set of procedures that a manufacturing process and a product or performed service adheres to a defined set of quality criteria or meets the requirement of the client or a customer. Setting the specific standards that the product or a service must meet is a first step implementing the QC system. Quality process contains three elements: Planning, Quality Assurance (QA) and Quality control. Quality assurance phase gathers benchmarking and audit whilst the Quality control covers acceptance, rework and adjustments. Types of tests that are following QA/QC are: Unit test, Integration, System tests, UAT. Cost of Quality matches cost of conformances plus non-conformances.
Setting up the QC in the Cloud is an option now based on dramatic shift in the IT industry where the web services virtualised in-house are accessible ‘on-demand’. Cloud computing in any form (SaaS, PaaS, IaaS) is now offering QC system to be deployed in the cloud, depending on the level of control/criteria and the needs for data access and availability. Deploying a QC system in a cloud requires the same effort as on-prem from the regulatory point perspective. Typical QC modules to be deployed are: Document management, FMEA, NC/CAPA, Audit management, Supplier management (can be a part of ERP), Inspections. Budgetary benefits are both on IT and Quality side related to the fast and reliable accessibility, controlled by the SLA and scheduled planned maintenance and resourcing.
In the highly-regulated industries food/pharma/medical both FDA and EU regulatory agency require properly defined IQ/OQ/PQ protocols within the V model (concept, requirement, design specifications integration tests and verification, system validation and operation/maintenance). Cloud services in a regulated environment emphasise the highest level of UATs that are not only functionally related to the specific QC software but as well to the specific cyber security measures (pen testing, XSS and SQL injection resistance).
|7:00 – open end||Apéro Riche & Networking
The speakers will be onsite for Q&A
The sponsor of this event is:
With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this specific platform.