6 Register today at europe. gartner. com/ security Summit Program TRACK 1: A Secure Infrastructure is no Luxury Today's highly- connected environment simultaneously offers huge business advantages and signifi cant risks. You not only have to maintain network fi rewalls, secure Web gateways and endpoint protection platforms, but you have to support teleworkers and partners. Virtualization and cloud security challenge your established perimeters while the bad guys keep innovating. Protecting the Endpoint From the Malware Pandemic The expansion of endpoint protection from traditional signature- based detection and personal fi rewalls, to data protection and PC life cycle tools is well underway. This session will examine what makes sense in an endpoint security package and which vendors are leading the way. We will also examine the converging roles of operations and security and list the top procedural changes that will enhance the security posture of endpoints. . What are the advantages of security and operations integration? . What features, confi guration options and procedural enhancements will be critical for future endpoint security success? . Which vendors are leading the way and how to negotiate effectively to get the best deal? Peter Firstbrook, Gartner Planning for the Content Aware Enterprise: 2009 DLP Magic Quadrant The content aware data loss prevention market continues to evolve. Organizations are adjusting to a strategy where they can dynamically apply policy at the time of an operation. Data loss prevention technologies are increasingly common compliance tools for many organizations. However, many struggle when it comes to selecting and deploying meaningful content- aware DLP solutions and achieving their intended compliance goals. . What should an enterprise data loss prevention strategy look like? . Who are the leaders in each market segment? . What fi ve points must organizations consider when deploying DLP solutions? Paul Proctor, Gartner Secure Remote Access For Non- Securable People: Access Protection in an Outsourced, Contracted, Partnered World Contractors are less expensive on the ledger than full- time employees. Business partners must be connected to make just- in- time decisions. Companies give control of critical internal systems to users who are not under direct supervision. Relationships span political boundaries. Enforcement of data protection and SLAs are acts of faith. We take stock of the vulnerabilities caused by extranet access and recommend a survival plan. . What are the extranet security and privacy challenges through 2014? . How will business integrity be maintained when users may never be seen? . Which contractual, technological and managerial practices will be most effective to maintain access control? John Girard, Gartner Gartner Magic Quadrant Power Session: Getting What you Want From the Security Market Players With cost rationalization and effi ciency high on the corporate agenda for 2009- 2010, learn from the Gartner analysts who are best placed to give you what you need and whether there are opportunities for you to achieve a better deal or a renegotiated arrangement in this climate. The session will cover the key technology providers in SIEM, user provisioning, content monitoring and fi ltering, data loss protection, personal fi rewalls and mobile data protection. . What trends and product features contributed to the 2009 Magic Quadrant positioning? . Which vendors have the sharpest vision of where the market is going? . Where are the dangers and opportunities in the security technology market? Gartner Analysts: Peter Firstbrook, John Girard, French Caldwell, Paul Proctor Securing the Web Gateway The Web is simultaneously becoming more important and more dangerous to modern business. Web- based applications and services such as Skype and Salesforce. com have the ability to cut costs and improve productivity, yet few organizations have adequate solutions to effectively manage and fi lter Internet traffi c fl ooding the LAN. . What are the trends and implications of the evolving Web applications? . What are the key features and requirements of a secure Web gateway? . Which vendors will your organization rely on to secure the Web gateway? Peter Firstbrook, Gartner Trusted Portable Personalities: Case Studies To Mix Security and Portability Every company struggles to adapt to rising demands for portable information access without increasing investments in supervision and dedicated workstations. Data loss prevention is failing under an avalanche of portable media devices and Internet portals. These demands extend far beyond the question of employee access to encompass sharing of legally sensitive data and competitive intellectual property. . How can corporate data be productively used on noncorporate workstations? . What are the decision factors that determine the best methods for secure, portable remote access? John Girard, Gartner Using Vulnerability Management to Operationalize Security Security policies are most effective when assessment and remediation processes are implemented by network, desktop and server administration groups. The security organization needs to keep control of policy and audit while it runs projects to operationalize selected assessment and remediation functions. This presentation provides guidance on how to use operations to improve the effectiveness and effi ciency of IT security. Mark Nicolett, Gartner 1 Presented by both Gartner analysts and invited guest speakers these sessions offer the very latest topical updates and actionable insights on the subjects most critical to your organizational development and innovation.
7 The Elements of an Effective Identity and Access Management Program Identity and access management ( IAM) can deliver real business value beyond its contributions toward effi cient and effective security, risk management and compliance. However, realizing that value demands sound program management. To build an IAM infrastructure that will meet your needs, you must orchestrate a variety of different technologies. . What are the drivers for and benefi ts from IAM? . What are the key elements of an IAM program? . What is the range of IAM technologies: which are core and which fringe, which tactical and which strategic? Ant Allan, Gartner User and Resource Access Monitoring to Improve Security Today's threat environment is dangerous because attackers are targeting your highest value data, and quiet because attackers want to capitalize on a breach for as long as possible. In many cases, the only signal that you will have of a breach is abnormal user activity or resource access. Come to this presentation to learn how user and resource access monitoring technologies ( SIEM. DAM, and so on) improve security, compliance and effi ciency. Mark Nicolett, Gartner Planning for DLP Deployments for Compliance and Intellectual Property Protection Organizations large and small are planning to deploy DLP to better control and protect sensitive assets at the perimeter, within data stores and document management systems, and at the endpoints. As these tools become mainstream within organizations they will impact and challenge traditional views of data classifi cation, protection and access controls. . Exactly what is DLP and how much of it do you need and in what form? . How and what kind of DLP should be leveraged to maximize effectiveness within organizations at the lowest cost and in minimizing the Christmas tree effect? . What are the key deployment lessons learned from successful deployments? Eric Ouellet, Gartner G14: The Dawn of Content Aware IAM Content awareness is a relatively new idea under evaluation in identity and access management ( IAM) circles. Originally a capability incorporated within data loss prevention ( DLP) offerings, it can deliver new capabilities within IAM suites. This presentation will look at: . Content awareness in the context of IAM . Initial and long term vision for content awareness integration . How organizations should plan for the introduction of content Eric Ouellet, Gartner Role Management Evolves: Contextual Entitlement Administration Enterprises frequently struggle with how to control access - who has it, what level, and to what? Role life cycle management is key to many successful user provisioning and IAM governance implementations, and is itself evolving to a new form of " entitlement administration." . What are the key elements? . Who are the key vendors and what do they offer to customers today? . What's the difference between role management and authorization management? Ant Allan, Gartner The Root to Happiness: Best Practices for Managing Superuser Privileges and Shared Account Passwords Organizations are under increasing pressure to reduce the number of users having permanent full superuser privileges. In addition, there is pressure to implement better control over, and greater accountability for, use of shared accounts with like privileges. . What are the risks of unconstrained use of superuser privileges and shared accounts? . What are the best practices for managing superuser privileges and shared accounts in a controlled and auditable manner? . What are the most effective tools for managing superuser privileges and shared accounts? Ant Allan, Gartner Securing Your Organization With Data Scrubbing Technologies Organizations are quickly becoming aware of the risks associated with unintended embedded metadata information in documents shared with clients and partners. With the potential risk exposure being very signifi cant, organizations need to consider data scrubbing solutions. . What is data scrubbing and why is it important? . What type of data scrubbing offerings are currently available? . What is the current legal impact and accepted best practice for enacting a data scrubbing program? Eric Ouellet, Gartner 2 TRACK 2: Protect Data and Applications to Deliver Higher Business Value Attackers are increasingly concentrating on data and applications because " that's where the money is." But it's not just a matter of protection against fi nancial fraud. Privacy demands protection of personal data. Government regulations demand activity monitoring. Business continuity demands robust and reliable backup and recovery. Security managers must address these needs by orchestrating vulnerability management and IAM initiatives to maximize effectiveness and effi ciency. Register Now and builder your agenda at europe. gartner. com/ security