7/31/2013 – “Creating a Secure Desktop” and “Top 5 Key Audit Points for Active Directory”
Speaker: Derek Melber, Group Policy MVP
Derek's slides are available in the Members Only Area.
Read Derek's articles!
“Creating a Secure Desktop” covered the key aspects of how end‐points become attack vectors. There are some key issues which can be solved with software, but most companies are not aware the software exists. Derek started the session describing what an endpoint can do to the environment. He then discussed the potential issues with solving this, specifically with trying to remove the user from being a local administrator. Derek also covered whitelisting, LM authentication, firewalls, and more. Other topics included some of the most important‐‐yet often forgotten‐‐security settings for Windows desktops. Attendees learned about common mistakes in Windows Security and how to avoid them, as well as how adopting least privilege can help protect against malware and insider threats.
In “Top 5 Key Audit Points for Active Directory,” Derek covered key settings to focus on in a Windows audit. Derek covered what to look for, which computers to sample, what to ask for, which settings are needed, and what tools to use. All of these items are essential, as using the wrong tool or asking for the wrong information can lead to less than desired results. A few of the key controls included password policies, Active Directory permissions, and administrative group membership.
6/13/2013 – “The Real-Time Crime Center: Fighting Crime in Real-Time”
Speaker: T.J. Wilham, Director, APD Real-Time Crime Center (RTCC)
The Smart Policing Initiative’s Real-Time Crime Center (RTCC) harnesses multiple resources for monitoring, evaluating and predicting criminal activity with state-of-the-art technology. The RTCC compiles information from varied data sources -- from traffic cams to Facebook -- to give field officers and detectives instant, comprehensive information to help identify patterns and stop emerging crime. RTCC Director T.J. Wilham described how the RTCC functions within the Albuquerque Police Department as well as the growing public-private partnerships that exist in the community.
The event concluded with a guided tour of the RTCC.
3/19/2013 – “Introduction to the New Mexico Regional Computer Forensics Lab (NMRCFL)”
Speaker: Virginia Bateman, Information Technology Specialist (ITS) & Forensic Examiner, FBI NMRCFL
The NMRCFL’s mission is to provide the highest quality digital forensics services and assistance to any law enforcement agency with jurisdiction in the state of New Mexico. Ms. Bateman presented an overview of the NMRCFL and provided an introduction to digital forensics.
Additional information about the NMRCFL can be found on their website.
2/13/2013 – “RASE: A Search Engine for Financial Data”
Speaker: Peter Chew, D.Phil., CPA, CFE, Principal Investigator with Galisteo Consulting Group, Inc.
‘Big data’ is an increasing challenge for organizations of all types including in industry and government. The challenge is magnified by the fact that the majority of data (as much as 80%) is ‘unstructured’– text, images, etc. Traditional database management systems such as SQL Server have powerful built-in query tools, but these are useful only when you know not only what you are looking for, but where to look. Moreover, query tools return exact matches only, whereas often an analyst is interested in “close” matches of the type we are accustomed to expect from Google and other search engines. In this talk Peter described some of the basic principles underlying search engines and how he has been able to adapt these for use with financial data in consulting projects, overcoming some of the limitations of traditional query tools.