TechExpo at Duke University

• Event Information
• Schedule
• Vendors
• About

Ambassador Allen

SQL Injections: What They Are and Why You Should Care
Artem Kazantsev, Alex Beutel, IT Security Office
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. SQL injections are very widely used, and often target the web front-ends of applications by exploiting their back-end databases. The importance of understanding how SQL injections work and how to protect against them become clear if we take in account that almost all recent security breaches at Duke involved SQL injections in some shape or form. Are you doing enough to protect your applications against them? We will explain the technique and some defenses in our presentation. 

Spotlight on Local IT Businesses
Mary Crawford, Procurement and Supply Chain Management 
Duke University and Duke University Health System has an award-winning supplier diversity program, as well as top-down support for their diversity initiatives. Every day, Duke helps to develop local minority and woman-owned businesses by carving out opportunities to engage them in successful business partnerships. In an effort to showcase several of the minority and woman-owned businesses in the technology field that work closely with the Duke supplier diversity team, we have invited four of these firms to give brief presentations about their respective businesses. These local businesses include:  

• Innovative Systems Group-Software Development and Solutions (Tony Marshall)
• Keshav Consulting Solutions-IT Support and Software Development (Pradeep Palreedy)
• Yorel Integrated Solutions-Virtualization, Storage, Security and Data Center Optimization (Carl Hill)
• DISYS-Global Technology and Consulting Services (Rowena Heath)

Each business will be giving a brief overview of the goods and services they have to offer. Opportunities to purchase advanced technological goods and services from local, diverse vendors will further demonstrate Duke's commitment to helping support diversity and these local technology suppliers. Additionally, the Duke community will benefit from the knowledge gained from these experts in the field and develop additional resources to utilize for everyday business solutions.

Tracking IT Work Effort
Nancy Senter, DHTS Program Mgmt Ofc
The DHTS Program Management Office will discuss the process of implementing a standardize work effort tracking program, the tools used and the benefits to IT Governance.

DHTS recently implemented a department wide initiative to track work effort related to services provided and applications that we implement and support. Also included in this tracking model is the cost of doing business (email, staff meetings, education and administrative time). 

Managing Grants Online: How I Learned to Stop Worrying and Love Microsoft Sharepoint
Jeff Volkheimer DHTS Web Services
Managing a large grant presents many scientific challenges, however, managing the paperwork can be just as daunting. This presentation will discuss some of the logistical, technical, and design challenges of bringing large grant management online for the CHAVI Management Portal using Microsoft Sharepoint.

Topics include but not limited to:
- Overview of our project scope
- Overview of Microsoft Sharepoint and why we chose it
- Discussion of technical hurdles and how we overcame them
- Lessons learned, areas of improvement, and the future 

Remedy Reports - I Didn't Know I Could Do That With Excel
Chris Smith, DHTS Customer Support Services
This session will introduce you to ways that you can use Excel to more easily produce reports based on Remedy Data. You will learn how to access Remedy data and use it to create reports without even opening the Remedy client. If you are familiar with Excel, learn ways that you can do more with what you already have.