TRAINER: Ladislav Bačo
System Engineer, CSIRT.SK
TARGET AUDIENCE:
- Administrators of Linux and Windows servers
- Software developers and enthusiasts with technical skills
PREREQUISITES:
• should be familiar with Linux command-line
• laptop with at least 6GB of RAM, 20 GB of free space on HDD/SSD and installed VirtualBox (64-bit edition)
PRACTICAL CRYPTOGRAPHY FOR ADMINISTRATORS
17 April 2018 | PRAGUE
Probably all of you have heard about HTTPS, SSL, TLS. Probably some of you have heard about AES, PGP (GPG), Kerberos, OpenVPN, Diffie-Hellman… Have you ever been wondered why we are encouraged to use this crypto-stuff, how it works, how and why it protects our privacy? And what are the consequences when we do not pay enough attention to the correct configuration of this crypto-stuff?
During this training we start with little bit theory about cryptography, but most of the time we will spent by practical hands-on with configuring the most commonly used services, mostly on Linux.
After this training, participants should be able to setup and secure their own services. They can expect hands-on with the following:
• enable the https on web servers and how to achieve A or A+ rank in the well known Qualys ssltest
• secure the mail servers and SSH servers
• use VPN for secure connection between devices at various geographical locations
• send and receive encrypted e-mails, manage public keys of your contacts and use the benefits of the web of trust
• manage own certification authority
• understand the pros and cons of some ciphers and protocols
• be familiar with various attacks on weak ciphers and protocols and how to defend them
GDPR in Practice
Enough of theory! A workshop that will guide you step-by-step trough the implementation of GDPR within a model company.
17 April 2018 | PRAGUE
The workshop will guide you through the implementation process of new legislation in protection of personal data (the Data Protection Regulation, the new Personal Data Protection Act) on an example of a model company processing personal data under standard (the most common) circumstances. The time schedule for individual phases will be included.
The workshop will also focus on legal and data analysis. The identification and typology processing actions (information systems); data analysis methodology, identification of processing operations and processing tools; mapping of personal data life cycle within particular information systems; and metadata will be discussed.
The workshop will cover:
- analysis of the impact of processing operation on the rights of persons involved
- identification of areas that do not follow the new legislation
- process of creating a “risk map”
- methodology of proposing effective measures and their implementation
- clarification of applying a suitable legal framework
- approach to the proportionality test aiming at evaluating the appropriateness of processing operations and their impact on the rights of persons involved
- procedure of purpose compatibility test
TRAINER: Mgr. Tatiana Valentová
Chief Inspector of the Office for Personal Data Protection of the Slovak Republic
SPECIAL GUEST: Marek Zeman
CISO at Tatra Banka, Slovakia
TARGET AUDIENCE:
Company owners, directors, internal corporate lawyers, and management who are involved in deciding on legal and technical solutions to protect (not only) personal data and align them with current legal regulations.
The workshop will be held in Slovak language!