So for our next Speaker Introduction we have Tom Hollander who graciously agreed to give a session at tech Ed after I begged him to share his awesome wisdom around how to create a secure development framework.

Bio:

Tom Hollander is a Solution Architect in Microsoft’s Solutions Development Centre in Sydney, responsible for driving the technical design and delivery of complex customer projects. Prior to joining this team, Tom spent over three years in Microsoft’s headquarters in Redmond working as a product manager in the patterns & practices team. In this role Tom helped deliver many patterns & practices deliverables including Enterprise Library, the Guidance Automation Toolkit and Web Service Software Factory. Tom is a frequent blogger on patterns & practices and architecture topics, at http://blogs.msdn.com/tomholl.

What did you want to be when you grew up?

At once stage I wanted to be a “real” architect, meaning someone that designs actual buildings.

What got you started in the IT Security Arena?

Being an a developer and an architect, I had no choice but to become interested in security.

What do you like most about your job?

Working with a fantastic team and seeing progress day by day.

If you had a magic wand that fixed things with a single flick, what are the top three things you’d fix about IT Security?

Ignorance and stupidity of (some) end users.

The SMTP protocol.

The need to establish different credentials on every system.

Is this your first time presenting at Tech Ed Australia / New Zealand?  If not, how many times have you presented down here?

No, I think it’s my 3^rd time.

What are you looking forward to presenting on most at Tech Ed this year?

All of the cool stuff I’ve learned from working on my current project.

If your audience only takes one thing away from your session(s), what would you like that to be?

That security needs to be top of mind every day for everyone in a development team.

What are you looking forward to most about Tech Ed Australia / New Zealand?

Going to New Zealand again J. Nothing against Sydney but I’m here every day!

I recently was in a bit of a conversation about Threat Modeling, it's future, and how it relates to Risk Management. The ensuing thoughts and gyrations in my head produced a bit of a post on how Threat Modeling, is actually 1/2 of a Threat Management process.  Which in itself is a subset of a well rounded Risk Management process. I posted the mini-essay on our ACE Threat Modeling blog. Check it out here.

As part of the Security Track, I like to get you some personal insight on the speakers we'll be having.  Lee, being the prompt and studios guy he is has answered some questions for us. 

What did you want to be when you grew up?

LH > Depends, when I was 5 I wanted to be a fire engine….I got my first computer around 1979 (a Commodore PET) and then a VIC-20 in 1981 - after that…..I wanted to write Computer Games, don’t know why and I never did……just seemed like a pretty cool way to make a living.

What got you started in the IT Security Arena?

LH > Luck, not Judgement. Took a job with IBM back in 1993 running Mainframe systems (DOS/VSE on VM systems if you’re interested) and just found myself lucky enough to be the ‘Security’ guy. Once you get into it…….it’s hard to get out ! J

What do you like most about your job?

LH > The Challenges…..it’s never easy and there is a constantly changing playing field. I also find the whole ‘cat n mouse’ aspect of IT security fascinating.

If you had a magic wand that fixed things with a single flick, what are the top three things you’d fix about IT Security?

LH > Easy to say, hard to do……………….I would make the internet both the safest place to do business and completely uncensored :)

Is this your first time presenting at Tech Ed Australia / New Zealand?  If not, how many times have you presented down here?

LH > I’m afraid not ! this will be my 3^rd year presenting at TechEd :)

What are you looking forward to presenting on most at Tech Ed this year?

LH > Finally getting to talk about something new in the ISA product line up (Threat Management Gateway) :)

If your audience only takes one thing away from your session(s), what would you like that to be?

LH > Take a second look, don’t discount Microsoft as a security vendor based on old thinking – come with an open mind and we will be honest with you…..

What are you looking forward to most about Tech Ed Australia / New Zealand?

LH > A trip to the Gold Coast…………..oh wait……….it’s in Sydney, damn……….. :)

Stay tuned for more Speaker Bits coming soon...

Well it's that time of year again. We're just about to Tech Ed and we'll into the planning stages.  I have the honor of managing the Security Track again this year.  I thought I'd run my proposed track sessions past you and see what you thought.

SPEAKERS

• Laura Chappell
• Steve Riley
• Tom Hollander
• Mark Curphey
• Jamie Sharp
• Lee Hicken

SESSIONS

• Network Forensics: Reconnaissance and Attack Traffic Patterns
• Analyzing Questionable Network Applications
• Top Ten Analysis Skills for Troubleshooting and Securing Your Network
• Case Studies: Identifying Compromised Hosts
• Virtualization and Security: What Does It Mean for Me?
• Privacy: The Why, What, and How
• Wireless Security Today
• Secure Development Patterns: How not to screw yourself during development
• Microsoft Connected Information Security Framework (CISF)
• WM Architecture Security: SSCM: MDM
• Securing your mobile enterprise: WM Deep Dive
• Threat Management Gateway
• Stirling
• UAG/ILM
• 2007 Office Client Security

As you can see we have a lot of great speakers, and awesome presentations lined up. 

One of the security measures we are all becoming overly familiar with is the Password Reset Security questions used today.  So just what is a good way to use security questions? Recently I was asked to put together some recommendations around the use of Security Questions for resetting passwords.

There are two methods commonly in use at this time

· Pre-Canned Questions (PCQ)

· User Defined Questions (UDQ)

Pre-Canned Questions

From a usability perspective the Pre-Canned questions are a bit easier to deal with because the user only has to supply an answer, rather than come up with a question, and the answer.  However, from a security perspective, Pre-Canned questions are not as secure as User Defined questions.  Most of the questions in these Question Based Identification systems are well known: What is your mother’s maiden name, What is the name of  your first pet, What is the name of your first school, etc.

The problem with most PCQs is that they are designed around information that is either public domain or easy to social engineer out of someone.  There are some organisations that have taken the PCQ further and created very obscure questions that are not the common ones in most default Question Based identification system.  They ask information that hopefully only the real user knows, and that isn’t in the public domain somewhere.  However, even with these, close friends or astute attackers can still identify the answer such as ‘Who was the first person you kissed?’.

There is even some concern in conspiracy circles that the PCQ option is designed to collect demographic information that you would not otherwise normally give to a company.  

Implementation

The implementation is quite easy for PCQs.  There are simply 1-* questions that are defined and stored as part of the application meta-data.  During account creation the user selects the question(s) they want to have as their secret identification, and then supply an appropriate answer.  The answer should be stored as salted hashes, not the plain text answer to the question.

User Defined Questions

User defined questions are an order of magnitude more secure than PCQs.  The reason for this is that the attacker now does not know the kind of data they have to collect before-hand.  While they may still be able to discover the questions that the user defined by simply requesting a password reset from the account, they will hopefully then have to try and discover answers that can only be obtained by asking the legitimate user themselves.

In some circles UDQs are considered less friendly from a usability perspective.  After all, now the user has to think up a question as well as an answer.  It is expected that the answer to the question should be easy for them to come up with though.  There is also the possibility that when presented with the request for a question, that the user enters something they’ve seen on other sites such as ‘What is your mother’s maiden name?’.  At this point though, the strength (as judged by how easy it would be to determine the answer to the question) is in the hands of the user and it is their choice, and their risk if they decide to use a question with a publicly researchable answer.

Implementation

The UDQ approach requires the ability for the system to accept and store the questions the user enters.  Normally the questions would have to be stored in plain text, or through reversible encryption.  The latter being the recommended option.  The answers however would be stored as salted hashes of the actual answer the user entered during account creation.

Asking the Questions

Once a choice has been made about which type of questions to use, asking them is another matter.

There are several ways to ask the questions:

1. Ask a single static question which was defined or selected by the user during account creation

2. Ask a single question randomly chosen from a battery of questions defined or selected by the user at account creation.

3. Ask more than one question randomly chosen from a of battery of questions that was defined or selected by the user at account creation

Option 1 is the worst from a security standpoint as the attacker only has to obtain one piece of information.  But it is the best from a usability and system design standpoint as the user only has to supply one answer, or question/answer at account creation time.  It also remove the random question chooser from the design of the application.

Option 2 is a better choice from a security perspective.  However, the user has to define multiple answers or question/answer pairs at account creation, and the system has to store multiple answer or question/answer pairs for each user. 

Option 3 is the best from a security standpoint.  This introduce the most problems for an attacker to deal with.  Not only do they have to know all the possible questions that will be answered, but their answers too.  This option represents the worst usability though.  Not only do users have to define 1-* answer or question/answer pairs as in option 2, but they have to enter multiple answers during the reset process.  From a system implementation perspective it is not much more complicated to implement than Option 2.

In either case, the most important part about Question Based Identification is that the answers, and potentially the questions themselves, be something that is not publicly available (i.e. driver’s license number), and that is very difficult to social engineer (i.e. TFN, SSN ).

Alternatives / Additions

Some sites prefer to bypass questions altogether and send the user a link to a secure reset web site instead.  This is acceptable, but you are relying on the fact that the person requesting the reset, is the only person able to access that email account and that they are the legitimate owner of the account.

In order to have multiple levels of authentication you might want to extend the question based system to implement an emailed link to a secure web site for password reset after asking the security questions.  So in this case, once the user answer the security question(s) appropriately, they are emailed a life-limited link that will take them to a secure site where they will enter a new password. 

*-Never ever send usernames and passwords to a user through email

Email them a life-limited link to a secure (SSL/TLS) site to enter their new password instead.

Just note that the email notification can be problematic if the link email is caught in a spam filter, or if the users is shopping remotely and cannot access their email at the time. (not everyone has web based email or knows how to use it)

Recommendations

Based on a security first perspective, tempered with usability, Option 2 discussed above is preferred. Option 3 is the best security choice, but it is not as usable. Option 1 is not recommended.

Option 2 provides the added security of using UDQs, with decent usability by asking 1 question at a time during reset.  The user only has to define multiple questions and answers during account creation.  If there is text on the page explaining that this is done to protect their money, they should be accepting of it.

When option 2 is combined with an Email Link, it provides a secure reset capability.  It would be a question of usability and confidence in the requestor being able to get to their email during the password reset process.

Best Practices for Users around Security Questions

When you are asked to either define these kinds or questions, or just define the answers to standard questions...be creative.

The most common problem with a lot of these systems is that they ask information that anyone can discover with a quick Internet search, or by watching the victim for any amount of time.  For example, it would be very easy to discover my mother's maiden name. So when presented with this kind of question, supply a totally nonsensical answer. 

Q: What is your mother's maiden name? 
A: Purple Sunday

Be patient and creative if a site asks you to define multiple questions and their answers.  Remember, this is to prevent someone from compromising your account.  It may seem a bit frustrating to have to go through this, but consider the alternative. If someone was able to easily guess this information, and reset your password...they can do whatever YOU can do on your account. 

Ok, so this is a bit of a rant but it's been something that has been a very irritating topic for a few years now; dropped calls on mobile phones.

In the not-too-distance past, we used to talk about trying to get computers to reach a point of 'Dial Tone Reliability'.  This was a reference to the fact that in the past, with copper based, 'Plain Old Telephone Service' (POTS), when you picked up the phone you always got a dial tone. Even when the electricity went off, the phone would still work.  This was the pinnacle of reliable technology.  The phrase is still used today as a benchmark for reliability by WebEx and Oracle and several others in their advertising. Well I guess if you can't join them, infiltrate them and beat them into submission. Hence my affinity for Killer Coding Ninja Monkeys.

We've been going down hill ever since the mid 90's when this statement became popular. Computers have become more unreliable because we are rushing to market, and trying to cram every feature into the software that we possibly can.  There has been a lot of focus on secure development but what has happened to the Availability, leg of the Confidentiality, Integrity, and Availability triangle?

This is especially a problem now with mobile phones. The tighter the integration with computers, the worse they are getting. It doesn't matter which model you have, or which OS is running on it, they crash on a regular basis.  They have to be reset, and updated almost weekly if not daily. In most cases, making phone calls appears to be optional. Mobile phones, yes including the Apple iPhone, are now unreliable compared to the Dial Tone Reliability we used to have. 

15 years ago there was no such thing as a dropped call.  True, we've gained many many benefits from mobile phones like being reachable anytime (including when we should be enjoying time with our families, and sleeping) and anywhere (well almost except for the dead zones and out of service areas, in secured buildings, etc.) including in the car so we can now become a traffic hazard while we make our calls.  In the past, when you needed to make a call, you picked up a phone and the call always went through. Now you hit speed dial or use your voice command and pray the planets are aligned.

If you weren't near a phone, you waited until you got to one rather than becoming a traffic hazard.  Was it really such a bad thing to wait for 10 minutes before you called someone? I know most of us could use that extra 10 minutes to sort out what we want to say rather than making brash knee jerk statements. But now we don't have to worry about it because there's a good chance that we'll be out of a coverage area, or that the call will get dropped. 

With the advent of VoIP invading offices and even homes around the world, we have corrupted simple, reliable technology.  When you combine VoIP with unstable mobile phone calls, and then trying to get something like Skype into the mix, your chances of making a successful phone call fall below 60%. (based on my experience).

Now that we are connecting our phones to our computers with all kinds of connectivity and SIP options, what happens to making a simple phone call? Now, we're entering a situation where if you are using your PC to make calls through your VoIP system, you have to boot your PC to make emergency calls.  Think about that, now, in order to call an ambulance, you not only have to count on the reliability of the new phone software and VoIP network but your PC as well.  So how do you feel about it now?

Great so now we have devices that can take pictures, play music, manage our calendars (since our memory is shot now), email, SMS, keep our contacts together and sometimes make phone calls. I'd be happy with reliable phone calls. After all isn't that the main function of a phone? Don't sacrifice the primary function of the device for bells and whistles. Make sure the phone part works first, then add email and stuff. The main purpose of the phone has been corrupted and lost in the mess that is the All In One Device now.

Look, I love my job, and I work for this company because I feel they are actually doing far better work than others out there. But I think the entire industry needs to take a step back. Slow the hell down. There is no such thing as Dial Tone Reliability anymore because the IT Industry has killed it. It may not be sexy to have a 12 button analog phone wired to the wall and a piece of paper with names and numbers on it, but at least I could always make a call with it.

Well recently I put together the Inaugural Security Camp Oz (SCO) 07.  It is a community driven event for the IT Security community.   We held it in Wagga Wagga at the Charles Sturt University campus. SCO is a FREE two day event for IT Security Professionals of all platforms.  Even though a Microsoft guy put it together, it wasn't a "Microsoft" event. We invited speakers from all areas to present.

We had great speakers and some great sessions over the two days.  Here's the list (also available at http://www.securitycampoz.com )

Hello everyone!!

Well it's Tech Ed Eve for me.  I'm Ready to head up and Make My Mark!

I wanted you all to know about the Threat Modeling Hands On Lab.  It almost didn't make it but Kyle and Corey from HynesITe did a great job of getting it loaded at the last minute.  So if you see them walking around, thank them! :-) 

Now here's the good part! I'm going to be giving away some prizes for the first 50 people to complete the Threat Modeling HOL. It's just a small token of my appreciation for you taking the time out to do SEC08 Threat Modeling Hands On Lab!  The first 50 people ( 50 in Australia and 50 in New Zealand). will get a prize.

There is a catch though.  The goodies haven't arrived on site yet.  So I came up with a plan. When you complete HOL SEC08, the attendants will give you one of my business cards.  On the back is a number like AU34, and a code.  Just email me that number and code, and I will mail you one of the prizes as soon as they arrive.  Hopefully they'll be here by the time Tech Ed New Zealand comes along and I'll have them there, but if not, we'll do the same thing in NZ.

Just to set expectations, no the prize is NOT a Zune. Sorry.... But it is something that should help you with your software security efforts.

Just as an FYI, the code on the cards, is in Hex.  I only say this because if you send me the number, if you know it's in hex, then you won't be tempted to think any of the characters are something like L, I or O.

Oh man.... Get this, when you register at Tech Ed, pick up a TechNet sticker!!! and WEAR IT!

If you do, you could win some pretty cool prizes randomly throughout Tech Ed, including these COOL Halo 3 Hooded Jumpers! Now I just have to figure out how *I* can get one! Check out Deeps' blog post about the jumpers! http://blogs.technet.com/itproaustralia/archive/2007/07/30/halo-3-hooded-jumpers-at-tech-ed-2007.aspx

Well the good news, for most, is that Tech Ed Australia, and Tech Ed New Zealand are SOLD OUT.  You can still put your name on the wait list for a spot though.  So this means that the events will ROCK! 

I, of course, would like to accredit this to the awesome speakers in the Security Track this year.  Then again, I’ve heard similar sentiments from about every track owner. J

The Ask The Experts evening gives you a chance to chat with the speakers in a more personal, or even humane, environment.  They tend to loosen up and chat more in a relaxed environment as opposed to being in the auditorium environment.  

For Australia:

ATE is on Wednesday 8 August after dinner from 7.15pm – 9pm in the main expo hall.

For New Zealand:

ATE is on Monday 13 August 6.30pm – 8.00pm in the Market Place on level 4 of the SKYCITY Convention Centre

There will be 10 topic areas (see below) that align to the TechEd tracks where delegates can meet the speakers in a 1:few setting as well as three 1: many spaces where we will run a panel discussion on three hot topics (see below). 

Topic areas: Architecture; BI & Database, Unified Comms, Mobility and Messaging, Connected Systems, Dev Tools, Technology & Business Applications, Office System, Windows Server Infrastructure, Security, Identity & Access, Web Development & Infrastructure, and Windows Client & Management.

Panel subjects: Un-computing Panel; Technologies, Platforms, Products; The ‘Soft Stuff’

All of the speakers are expected to be there so that the attendees get a great experience. J Apparently in New Zealand we get Expert Hats but I’m sure we’ll be identifiable even without them.  

So this is your chance to talk to the likes of Steve Riley, Kai Axford, Jamie Sharp, Tim Smith, Lee Hickin, Orin Thomas (Security MVP), and yours truely, over a few beers.  Take advantage of the oppertunity.

Some of you may have seen Daniel doing a tour of the User Groups around Australia.  He has been giving talks on how to understand what really causes system crashes, and what all that junk is in a Crash Dump file.  He actually knows what happens to those crash dumps when they get sent to Microsoft. :-)  Anyway, we talked him into coming to Tech Ed and we even gave him his own Chalk Talk / Cabana session. 

So if you have ever experienced a crash, and want to know how to read the results to find out what's actually happening, or just want to find out what all that stuff means, come talk to Daniel at Tech Ed. If you've been having particular troubles with systems crashing, you can even schedule 1:1 time with him and show him some of your crash dumps so he can de-mystify them for you. 

Take advantage of this oppertunity to talk to one of the foremost experts in figure out 'why things go wrong'.

Well I was polishing my UAC session for Tech Ed this year. It occurred to me that there are bound to be a lot of actual questions about it.  So what I thought I'd do is ask you for your questions.

So tell me, what do you want to know about UAC? Post your questions here and I'll include them (or all that are applicable) in my session at Tech Ed. Just post replies to this post and we'll keep track of the ones you want answered.

Here's your chance to ask a question without having to raise your hand in front of everyone. :-)

Several people have asked me about Jesper not being in the line-up.  As with all of the best laid plans of mice and men, sometimes fate conspires against us.  Jesper isn't able to attend this year because quite simply, he's got a lot on at his day job.  Having had a bit of a busy schedule myself I can completely understand that. 

He sends his best wishes to everyone and apologizes for not being able to come but real life got in the way.  I can say though that he was pretty bummed about it.  Those of you that know Dr. J, he loves his SCUBA diving and we have some great dive spots down here.

Oh well, Maybe next year.  We'll leave a light on for you Jesper.

Tech Ed Australia - http://www.microsoft.com/australia/teched07/index.aspx  Tech Ed New Zealand - http://www.microsoft.com/nz/teched07/index.aspx

Hi Gang,

It's been a while since I've posted. Sorry about that.  Been busy traveling to the US, SE Asia, and around Australia. In between airport lounges and taxi's, I managed to sort out the Security track sessions for Tech Ed AU/NZ 07.  Here's the line up for this year!

SEC301
It's 11:00 P.M., Do You Know Where Your Data Is?
Steve Riley

SEC302
Making the Tradeoff: Be Secure or Get Work Done
Steve Riley

SEC303
Securing Your Friends and Family
Steve Riley

SEC304
The fortified data center in your future: build it and they will come.
Steve Riley

SEC305
The Fundamental Computer Investigation Guide for Microsoft Windows
Kai Axford

SEC313
How Did They Find THAT?: Implementing the New Microsoft Fundamental Computer Investigation Guide for Windows
Kai Axford

SEC306
Technical Compliance Management with SPIDER - You know you need it!
Rocky Heckman

SEC307
Enterprise Threat Modeling with TAMe
Rocky Heckman

SEC308
User Account Control - Beyond the Hype
Rocky Heckman

SEC309
Forefront Client Security – providing visibility into your corporate Security and Health Status
Lee Hicken

SEC310
Forefront Server Security Management Console: Take control!
Tim Smith

SEC311
Total Protection with Forefront Client and Server.
Tim Smith

SEC312
Deploying and Managing Intelligent Application Gateway (IAG) 2007 in Enterprise Networks
Jamie Sharp

SEC314
Securing the Small Business
Kai Axford

SEC315
Pushing the limits of EFS in Windows Vista and Windows Server 2008
Orin Thomas

Ask The Experts!
It's a great line up for this year.  Of course on Wednesday Night (Aug 8) in Australia, and Monday (Aug 13) in New Zealand is the Ask The Experts dinner.  The speakers and industry experts in their respective fields will be hanging around for you to talk to and shoot the breeze with.  This is always a great opportunity to get the more personal side of the story, and to ask the questions that you didn't have time to ask in the sessions.

1 on 1 Meetings with the Speakers
Also remember that you can schedule 1 on 1 meetings with the speakers in case you have any particular issues you'd like some help with or just to discuss and see how we might do things. 

IT Management Seminar
This year's IT Management Seminar is all about Infrastructure Optimisation.  Invest a day and learn how optimising your infrastructure is easier and more impactful than you think. Learn from Microsoft, our partners and customers about lowering Total Cost of Ownership (TCO), increasing organisational agility, and freeing staff to focus more on building competitive advantage.

Certification
Microsoft Certified Professionals are in a league of their own. Being an MCP not only conveys your passion for the continuing challenges in IT, the practical expertise you gain through the certification process gives you the kind of know-how that gets recognized by your peers, and more importantly – future employers.

Hands-on Labs
Hands-on Labs provide drill-down technical learning opportunities in a self-paced environment. Included is the key Microsoft product or technology already presented in a Breakout Session. With the support of experienced Technical Learning Guides, you experience a Microsoft product while working at your own speed. Hands-on Labs range from 45 to 75 minutes in length and are available on more than 150 computer stations throughout the TLC.

Instructor-led Labs (Australia Only)
Thanks to attendee feedback, Tech.Ed 2007 will have more Instructor-led Labs than ever before. Each Instructor-led Lab presents the best of Hands-on Lab content in an expert-facilitated environment. You sit at your own computer while Microsoft Certified Trainers and Microsoft program managers use manuals to walk you through exercises. Instructor-led Labs accommodate up to 25 people in each 75-minute session.

Deep Dive Workshops (Australia Only)
Do you want more than the surface info that you can cover in an hour. Then you'll want to sign up for Deep Dive Workshops! Check out this year's great topics!

• How Microsoft Windows Server codename "Longhorn" changes IT infrastructure
  
  Key products and technologies
  Windows Server code-named "Longhorn", Microsoft Virtual Server R2 SP1, Windows Server Virtualization, Branch Office Solutions, Terminal Services, Active Directory Directory Services and Active Directory Federation Services, Active Directory Certificate Services, Networking, Server Clustering, Windows Server Update Services, Windows PowerShell and Windows Storage Server.

• Microsoft Office SharePoint Server 2007 (Overview, Deployment, Configuration, and Management) and Development Tools and the 2007 Microsoft Office System
  
  Key products and technologies
  Microsoft Office SharePoint Server 2007, Microsoft Office Project Server 2007, Microsoft Office client suites and applications, Visual Studio Tools for Office STO SE, Visual Studio 2005 Extensions for SharePoint, Open XML File Formats, Workflow.

• Unified Communications
  
  Key products and technologies
  Exchange Server 2003/2007, Exchange Server 2007 Unified Messaging, Live Communications Server 2005/Office Communications Server 2007, Office Outlook® 2007, Outlook Web Access, Office Communicator 2007, Office Communicator Mobile 2007, Office Communicator Web Access 2007, Forefront Security for Exchange Server, Exchange Hosted Services, Office Live Meeting 2007, Office RoundTable™ (for Video Conferencing), Telephony Devices.

• Designing, Developing and Deploying a Performance Management Solution on top of the Microsoft Business Intelligence Stack
  
  Key products and technologies
  SQL Server 2005, Microsoft Office PerformancePoint Server 2007, ProClarity 6.3, Business Scorecard Manager 2005, 2007 Office system, SharePoint Portal Server 2007, Excel for Business Intelligence.

BEST OF ALL IS THE PARTIES!!!!!

This year, in Australia the Tech Ed Party is in Movie World! That is always a blast! But I think this year, I'm just as excited about the party in New Zealand. Why you might ask? Because it's featuring one of my favourite bands Evermore! Yes you read it right, Evermore is playing at the Tech Ed NZ Party this year!! I'm pretty stoked about that.

Tech Ed is right around the corner.  See You There!

Tech Ed Australia - http://www.microsoft.com/australia/teched07/index.aspx 

Tech Ed New Zealand - http://www.microsoft.com/nz/teched07/index.aspx (SOLD OUT)

Well it's been a crazy few weeks for me. But I've managed to get Jesper to agree to come down for Tech Ed.  That makes the list of cool speakers grow to:

Steve Riley

Kai Axford

Jesper Johansson

Corneliu Tusnea

Yours Truly

and more great speakers.

The Security Track is sure to be the best one of the whole show.  I'm starting to get pumped about Tech Ed.  It's just around the corner now and I've been going over the content we'll be having.

Here's a preview of Kai's sessions:

He'll be doing a regular session and a couple cabana sessions so you can ask all the questions you want around computer forensics and investigation.

How'd They Find THAT?: Implementing the New Microsoft Fundamental Computer Investigation Guide for Windows

HR tells you "We think Bob may be storing some illegal files on his machine. We need you to find them." What do you do now? Join us for a unique and interactive presentation as Kai and a special forensics guest star show you the new Investigation Guide. We demonstrate the tools that are discussed in the new manual, and see examples of the more popular forensics tools for Windows. This session is a must-see if you're being asked to run your own internal investigations.

The Fundamental Computer Investigation Guide for Microsoft Windows

If you’re being asked to run—or are currently running—your own internal investigations, this must-attend session is for you! Come speak with the Australian High Tech computer Crime Centre about techniques that you can use during your own internal investigations.

TLC - Securing the Small Business

They've got little money to spend on security, and big demands. Minimal staff and zero tolerance for disaster. The risks aren't reduced because it's a small business. The risk can actually be greater than for a large network. Join us as we look at the unique challenges small businesses face and show you successful methods to help secure them. Securing the small business doesn't need to cost a lot of money!

I'll be posting information about Steve's sessions, as well as sessions from the other speakers over the next few days.  Be sure and check back often and Sign Up for Tech Ed!!  You have 5 more days left to get the Early Bird Discount!!!