When we talk about IT security and listen to different organizations about their main priorities, the term "compliance" has clearly made it to the top. However after 8 years of PCI DSS being in place and despite growing investments in security we still read about a growing number of data breaches and significant financial losses resulting from those.
 
This raises a few questions:
 

- Are we overemphasizing the focus on compliance in the interest of getting a compliance certificate?

  - Is compliance not bringing the effectiveness, we are expecting?
  - Are there gaps we are not aware of?
  - What should we know about HP Nonstop specifically?
 
Get answers to these questions and join an interesting session about weaknesses, you should be aware of, in order to protect your organization, your customers' data, and finally yourself.
 
The security workshop is intended to discuss these questions in 3 parts:
  1. A different view to compliance in the example of PCI DSS  (30 minutes)
    - key learning’s from data breaches and how to use them to improve security
- procedural weaknesses you should be aware of and how to avoid them affecting you
- the Nonstop obscurity myth
    Thomas Leeb, CSP - Computer Security Product
  2. How to break into a Tandem system - and how to prevent it (150 minutes)
System vulnerabilities will be explained, demoed, and their prevention shown.
This is a ‘show and tell’ session with life demos on a system.
    Carl Weber, GreenHouse
  3. How to control IP connections (30 minutes)
Bank-Verlag has developed a monitoring toolbox for NonStop. Part of this toolbox is the near real-time analysis of security events, especially finding out the source of invalid logon requests. This is done for all connections requiring a logon. In addition we are able to check the actual state of TCP/IP connections and find missing connections as well as superfluous connections.
    Wolfgang Breidbach, Bankverlag