Security SIG: New Federal Rules for Document Rentention



  • The Monthly Meeting of the Security SIG



    The New Federal Rules for Electronic Document Rentention and Discovery: How it impacts every public, private, government and non-profit organization in the US

    U.S. companies now need to know more about where they store e-mails, instant messages and other electronic documents generated by their employees in the event they are sued, thanks to changes in federal discovery rules that took effect in December 2006.

    Our featured January speaker, Mr. Scott W. Pink of the law firm of DLA Piper US LLP, will discuss the implications of these new rules, how companies must handle electronic documents when litigation is filed or threatened, and what kind of planning organizations should consider to meet these new discovery requirements.

    Mr. Pink has addressed our group before, and received high marks from the audience. He is a dynamic speaker on information security legal issues, and very knowledgeable on this far-reaching topic that effects every business, non-profit, and government agency in the US that uses email or instant messaging.

    Our Opening Speaker will be about Crypto Key Management:

    As the internet becomes increasingly hostile, companies are forced to review their need for data-encryption for protecting customer information, as never before.

    However, given the highly distributed nature of applications, confidential data is spread across many applications in the enterprise, and encrypting all of them consistently, while ensuring a low TCO is challenging.

    Because of the many point-solutions on the market, IT Operations is typically saddled with managing multiple key-management infrastructures with unique OA&M (Operations, Administration & Maintenance) and increased TCO. What is needed is a consistent way of managing symmetric encryption keys across operating systems, applications, databases and devices to simplify the process and to reduce costs.

    To enable this, OASIS has created an Enterprise Key Management Infrastructure Technical Committee (EKMI-TC). This TC is focused on the standardization of an XML-based client-server protocol - Symmetric Key Services Markup Language (SKSML) - for how a client may request symmetric key-management services securely, from a centralized Symmetric Key Services (SKS) server. The protocol will enable application developers to use a consistent and standards-based communication method for generating, escrowing and recovering symmetric keys from the SKS server.

    In this session, you will hear about the architecture and the DRAFT protocol submitted to the TC for consideration, as well as see a demonstration of an open-source implementation of SKSML.


    Event Logistics


    Cubberley Community Center

    4000 Middlefield Road, Room H-1

    Palo Alto, CA



    6:30 - 7:00 p.m. Registration / Networking / Refreshments / Pizza

    7:00 - 9:00 p.m. Presentation and Discussion



    $15 at the door for non-SDForum members

    No charge for SDForum members

    No registration required

    More on the Security SIG...