John Pescatore

I’ve decided that Friday blog posts should be all unicorns and rainbows – there’s enough depressing economic news out each week to ruin all of our weekends. So, from now on only positive security blog thoughts on Fridays. If I don’t post on Friday, it is because I’m following Thumper’s advice to Bambi…
In a statement [...]

[Read more →]

The Washington Post reports that Google is offering Google Apps Premier Edition paying customers a 15 day credit to make up for the service outage that occurred on the 24th of February.  If you look at the Google Apps SLA, this means Google is offering compensation as if the February uptime percentage will be under 95%. 
Now, [...]

[Read more →]

IT has reached the “Princess Phone” phase – fads rule, dependability not yet.

[Read more →]

I’ve been doing mostly local travel meeting with Gartner clients in the DC area this year, with the exception of a few days in San Francisco meeting with Gartner financial services clients. This week I’m in Chicago at Gartner’s Mobile and Wireless conference. This a tough year for the conference business, but attendance looks strong [...]

[Read more →]

It used to be security mantra not to use a Windows operating system until Service Pack 2 came out. That was never great advice – I used to advise Gartner clients to focus on the types and severity of bugs coming out in Windows vs. any hard coded event like a Service Pack release to [...]

[Read more →]

Wired News reports that the Air Force disconnected Maxwell Air Force Base from the Internet. Wired references from Air Force General Norton Schwartz quotes to InsideDefense.com, saying that the base:
 ”…hadn’t demonstrated — in our view at the headquarters — their capacity to manage their network in a way that didn’t make everyone else vulnerable. This is [...]

[Read more →]

The current economy means we are going to see a lot of vendors get acquired and some will fail. Gartner does First Takes on major mergers and acquisitions but for smaller ones blog posts make more sense. Today we have Gartner analyst Lawrence Orans giving his take on the recent Trustwave Acquisition of Network Access [...]

[Read more →]

The FTC is the only agency that enforces (vs. ignoring) privacy regulations.

[Read more →]

I thought we had put this issue to bed many years ago, but Gartner analyst Ant Allan forwarded a Slashdot post saying that the poster had seen an increased push by Certified Microsoft Professional to use security concerns to try to scare enterprises away form using open source software. I haven’t seen any increased questions [...]

[Read more →]

Yesterday was the monthly Microsoft Vulnerability Tuesday, and while the number of patches issued wasn’t that high, there are a couple listed in the Microsoft bulletin that are worth expedited attention:

MS09-003: This is an Exchange Server vulnerability, where if a specially crafted TNEF-formatted email is received by the Exchange Server the attacker can execute arbitrary [...]

[Read more →]