Gartner Blog Network

Category: 'endpoint-protection-platform' Blog Posts

from the Gartner Blog Network

Virtualization, Containers and Other Sandboxing Techniques Should be on Your Radar Screen

by Neil Macdonald  |  March 16, 2013

  The idea of “sandboxing” potentially malicious content and applications isn’t new but interest in this type of approach on Windows desktops is growing. Further, the increasing variety of virtualization...

Read more »

This Just In: Signature-based Protection Ineffective Against Targeted Attacks

by Neil Macdonald  |  January 31, 2013

  Seriously, is anyone surprised? I’m sure you’ve seen the news about Chinese infiltration at the New York Times: http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html According to the article: Over the course of three months,...

Read more »

Is Antivirus Obsolete?

by Neil Macdonald  |  September 13, 2012

I blogged about this question years ago, but a recent blog on CSO got me thinking once again. Has anything changed? Thoughts: 1) The question “Has antivirus outlived its value?”...

Read more »

Does Protecting Desktops Require a Different Vendor/Product than Protecting Servers?

by Neil Macdonald  |  September 29, 2011

I’ve made it a point over the past 6 months to ask clients if they are combining their endpoint protection platform contracts across desktops, laptops and servers. In most cases...

Read more »

The Single Most Important Way to Improve Endpoint Security

by Neil Macdonald  |  August 23, 2011

Run more of your Windows users without administrator rights. I’ve talked about this several times before – including here, here and here. While it may not be feasible to remove...

Read more »

Full Drive Encryption is not just for Laptops

by Neil Macdonald  |  August 22, 2011

I’ve had two discussions with clients today already on the role of full drive encryption ( FDE technologies such as Microsoft’s BitLocker, McAfee Total Protection, Sophos/Utimaco, Symantec PGP, Check Point,...

Read more »

Microsoft’s Forefront Endpoint Protection – Is it “Good Enough”?

by Neil Macdonald  |  August 4, 2011

Licensing changes for Microsoft’s enterprise endpoint antimalware protection solution that were announced in March at Microsoft’s MMS conference take affect this month. If you are licensed under Microsoft’s Core Client...

Read more »

Some Thoughts on RSA SecurID Risk

by Neil Macdonald  |  June 9, 2011

On 3 June 2011, RSA, the Security Division of EMC, confirmed that Lockheed Martin had proof that hackers attacked its network partly by using data stolen in a March 2011...

Read more »

IT Operations and Security Convergence? Not Really.

by Neil Macdonald  |  May 17, 2011

I’m having lots of discussions with clients on Microsoft’s new Forefront Endpoint Protection offering that was released in December of 2010. In addition to recent licensing changes, the biggest change...

Read more »

Removing Administrator Rights for Windows Users is not “Lockdown”

by Neil Macdonald  |  May 4, 2011

In discussions with clients, I still run into some confusion on whether or not removal of administrator rights constitutes “lockdown”. Perhaps this was the case a few years ago with...

Read more »