Building Websites That Protect User Privacy

With the dangers of surveillance increasingly a concern, now is a great time to talk about how to build websites that protect user privacy, including avoiding sharing website visitor traffic outside of your organization. You have architected a Drupal website to store data securely with Drupal’s robust permissions, access checks and security best practices. However, your website loads third party scripts, which can share your visitor traffic with one or more outside organizations.

The Ethics of Privacy and Technology

As developers, we are capable of many amazing feats. We can create experiences that touch the lives of millions, brings aid to the corners of the world, empowers new businesses and bring a voice to the voiceless. But just because we can, should we? Additionally, with this capability, we must also take on the responsibility for the people, and data, we interact with. This isn't something we should take lightly. We are building the sites, the systems and the communities that future generations will inherit.

Best Practices for Securing Your Site

With new threats constantly emerging, how can website owners protect themselves and their business? In this session, we will cover this crucial topic for SEOs and share several demos of these threats, plus how they can be prevented. Find out what Google is seeing in hacking trends, Google’s view on what HTTPS does (and doesn’t do), and how to best address a hacked site. Attendees will learn how to protect against SQL injection attacks, sanitize user generated input, and come away with other practical tips that can immediately be implemented to secure their sites.

Dr. Upal is In: Healthcheck your Site!

In this session we'll introduce the tools and techniques to perform a health-check on your Drupal site using easy, off-the-shelf tools. We'll outline the goals of the health check, and what to do if you discover something wrong, or worse, how to recover from a hack. Knowledge of Drupal, business processes, and the command line are helpful, but not required. Learning Objectives & Outcomes:

California Consumer Privacy Act (CCPA): What Does It Mean For You?

The California Consumer Privacy Act (CCPA), a new law intended to enhance privacy rights and consumer protection for residents of California, goes into effect on January 1, 2020. We'll talk about what sites may need to do to be compliant with CCPA, including privacy-enhancing Drupal modules, and some best practices for website privacy, as recommended by the Electronic Frontier Foundation (EFF). Note, the presenter is not a lawyer and this talk is not legal advice - talk to your attorney for specific legal advice re: CCPA and other regulations that may apply to you :)

Personal Internet Security Basics

No matter if you're a developer, designer, manager or a business owner, you're a person. And these days, being a person on the Internet can be a minefield. Phishing attacks are trying to steal your information and some of your passwords have been published on the internet. But you have to work on the Internet--living off the grid is not an option.

Let's write secure Drupal code!

In my session, I'll show the most common vulnerabilities that our drupal code can have and how we should be prepared to avoid such an insecure code to be released. I'll also speak about what we should do if we found any vulnerabilities on contributed solutions. As we all love automated tests, I'll present some tools that can test our applications from a security perspective. This will be the very first time in the United States to play Drupal Vulnerability Bingo and learn how to develop Drupal sites in a secure fashion.