Emory Report
February 28, 2005
Volume 57, Number 21


Emory Report homepage   >   Current issue front page

February 28, 2005
Mini-conference to focus on computing security

Donna price is coordinator for communications and marketing services for itd

The security of Emory's valuable information resources is everyone's responsibility. In an environment where most of the community uses Emory's shared computer environment daily for e-mail, connecting to websites, accessing and storing digital resources, and managing business and administration transactions, breaches of computing privacy and information security are an ever-present threat.

On March 9, the 2005 Information Security Awareness Mini-Conference will offer faculty, staff and students the opportunity to learn about information technology security services offered by the Information Technology Division (ITD) such as intrusion prevention, firewalls and spam scanners, as well as ways to protect their computing privacy and the security of Emory's shared digital resources.

The conference will offer something of value for people of all levels of computing experience--from IT professionals to those who consider themselves "non-techies."

"Security was again named as one of the top three concerns of university CIOs in the 2004 Educause current IT issues survey," said Don Harris, CIO and vice provost for information technology. "Besides the steps we take as IT professionals, education and the diligence of the University community are the most important elements in protecting Emory from IT security threats. This mini-conference is intended to provide the community with the knowledge and tools they need to become active participants in this very important process."

Kicking off the conference will be Tammy Clark, information security officer, and William Monahan, information security lead analyst both at Georgia State University. Their session, "Security is Not My Responsibility--It's That 'IT' Guy's Job," will highlight desktop computing practices that help safeguard digital information from attacks by hackers, viruses, worms and other online security threats.

ITD services and resources, practices for safe desktop computing, and emerging threats like spyware will be covered in the second session, "Why Should Security Matter to You," led by Jay Flanagan, Emory's IT security team lead.

"Nothing is 100 percent or ever will be," Flanagan said of IT security. "We've made our network much more secure from outside attacks. For instance, in August, an intrusion prevention service was implemented that has been a huge success in blocking hackers and associated compromised machines within the Emory network. It has stopped millions of attacks.

"But even with all that Emory IT professionals are doing," Flanagan said, "information security really comes down to individual responsibility. Our computing resources are only as secure as the weakest link. Just being aware of how important security really is for each of us individually can make a huge difference in averting potential harm."

Doris Kirby, director of IT policy and legal compliance, will lead the final session, focusing on the risks and the responsibilities associated with using network resources and copyrighted materials in accordance with all Emory rules, guidelines and policies, as well as federal, state and local law.

Capping the conference will be a luncheon and presentation by featured speaker Preston Futrell, director of business development for managed security services for Atlanta-based Internet Security Systems. Futrell, a graduate of Northwestern University, oversees the managed services business for the United States, Canada and Latin America. With more than six years of security industry expertise, Futrell consults with and designs security solutions for some of the largest organizations in the world. His presentation, "Security Strategies: How To Sleep at Night Knowing Your Data is Secure," will explore the current security landscape and discuss cost-effective solutions for staying ahead of threats and vulnerabilities.

There are no fees for the conference, but registration is required. Attendees can elect to attend the full conference or select only individual sessions. To find out more or to register online, visit www.cio.emory.edu/ISA2005.htm.