8th Pader­born Day of IT Se­cur­ity, 21 March 2013

Programme

09:00 Get together
 
09:30 Welcome
Professor Dr. Gregor Engels, Paderborn University, Paderborn Forum "Industry meets Computer Science"
 
09:40 Keynote lecture
Secure operation of IT systems in a hostile world
Fritz Bauspieß, SAP AG, Walldorf
 
10:30 Break
 
11:00 Presentation of the workshops
 
11:30

Workshops 1 to 3 parallel:
 
Workshop 1:
Current developments in IT basic protection
Moderation: Thomas Biere, Federal Office for Information Security (BSI), Bonn
First of all, the workshop will introduce the methodology of IT basic protection. In addition, it will be shown which innovations are available and which innovations can be expected before the end of this year. On the basis of the topic "Cloud computing meets IT basic protection", it will be shown how IT basic protection can be used to react to technical developments for which there is no specific IT basic protection module (yet).
 
Workshop 2:
Backup & recovery challenges for SMEs
Moderation: Dr. Lars Kemper / B. Sc. Christopher Brune, unilab GmbH, Paderborn
The so-called small and medium-sized enterprises (SME) are also facing the constantly increasing data growth and have to take this trend into account, especially when designing backup & recovery concepts. Intelligent hardware and software solutions can support IT managers in coping with these challenges. Often, however, this requires breaking familiar patterns of behaviour and accepting new food for thought.
 
Workshop 3:
Private use of company IT resources - allow or prohibit?
Moderation: Prof. Dr. Gudrun Oevel, Paderborn University; Manfred Schneider, pro DS Data protection and data security consulting, Paderborn
The aim of the workshop is to work out together with the participants which scenarios (toleration, permission and prohibition) are possible for the private use of company IT resources and to show the consequences for employees and companies.
 

 

13:30 Lunch break with snack
 
14:15

Workshops 4 to 6 parallel:
 
Workshop 4:
Secure cloud computing - challenges, solutions, tools
Moderation: Prof. Dr. Johannes Blömer / Jun.-Prof. Dr. Christoph Sorge, Paderborn University; Michael Sundermeyer, Bielefeld University
Cloud computing is ubiquitous, but poses new challenges for IT security. The presentation will highlight past incidents and lessons learned that affect both operators and users of the cloud. Especially for the encrypted storage of data in the cloud, different tools will be compared and evaluated.
In the second part, new cryptographic techniques for implementing fine-grained access structures will be presented. In addition, a practical report from the perspective of Bielefeld University reports on approaches to secure the use of private and public cloud storage and to regulate it in an overarching policy.
 
Workshop 5:
Initiative-S - the website check for SMEs
Moderation: Cornelia Schildt, eco – Verband der deutschen Internetwirtschaft e.V., Cologne
When visiting reputable corporate websites, many Internet users unconsciously infect their computers with malware. Most companies are not even aware that their websites are being used by cyber criminals to distribute malware. Germany ranks fifth in an international comparison of countries from which malicious online activities originate (Symantec Internet Security Threat Report 2011). In order to improve the level of IT security, the eco association helps companies with the free website check and offers comprehensive help in removing the malicious code.
 
Workshop 6:
Bring your own device (BYOD) - opportunities and risks from a data protection perspective
Moderation: Carola Sieling, lawyer and specialist lawyer for information technology law, Law Office Sieling, Paderborn
Employees increasingly bring IT devices into the company with or sometimes without the knowledge of their employer, set up their company e-mail address on their smartphone / tablet PC, tweet in the evening via their iPad app in front of the TV from Twitter accounts set up by the employer and watch holiday pictures with their partner. This has many advantages, but is legally not quite straightforward and should be underestimated. The workshop explains above all which data protection and technical conditions a company should observe in order to secure the use of BYOD. In addition to explaining the sense and purpose of a BYOD policy, the workshop will particularly sensitize the participants to the scenarios that need to be considered by employers.
 

16:15 Reports of the working groups in plenary
 
16:30 Summary, closing words
 
16:45 End of the event