by Neil MacDonald | July 30, 2009 | 1 Comment
It is an asset It represents potential (revenue) for our organization Sitting idle and locked in a warehouse, its potential is wasted Its value typically diminishes over time Why aren’t we laser-focused on putting information in motion to the people that need it, when and where they need it? “Locking down” information has never been [...]
Category: Information Security Tags: Information Security
by Neil MacDonald | July 28, 2009 | Comments Off
Our full analysis of the acquisition will be published for clients shortly along with advice for customers of Ounce Labs and IBM’s Rational software offerings. IBM acquired a leading dynamic application security testing tool with Watchfire in 2007. With the acquisition of Ounce announced today, IBM adds a lesser known (smaller, but still positioned as [...]
Comments Off
Category: Application Security Tags: Application Security, application security testing tools
by Neil MacDonald | July 27, 2009 | 2 Comments
We had a crowd of several hundred people for my presentation on SharePoint security at the recent Gartner Information Security Summit. It’s pretty much as I suspected – just like virtualization projects where security tends to be an afterthought (if considered at all), SharePoint deployments are pretty much following the same course. When I polled [...]
Category: SharePoint Security Tags: Best Practices, Information Security, SharePoint, SharePoint Security
by Neil MacDonald | July 24, 2009 | 5 Comments
I’ve posted many times on the importance of application security. Recently, my colleague Joseph Feiman and I published a magic quadrant for static application security testing tools – rating the vendors and tools that analyze an application from the “inside out” looking for coding conditions indicative of a security vulnerability. In the research we describe [...]
Category: Application Security Tags: Application Security, application security testing tools
by Neil MacDonald | July 23, 2009 | 6 Comments
When data is encrypted, the location of the data doesn’t matter (including in the Cloud). The location and management of the decryption keys is what matters.
Category: Next-generation Security Infrastructure Tags: Cloud Security, Information Security
by Neil MacDonald | July 22, 2009 | Comments Off
I’m just back from a vacation after the Gartner Information Security Summit. More on that later. While on the trip, twice I had a better experience with Microsoft’s Bing search than with Google search. Both times, I has a specific goal in mind: find a hotel for the family (with three children!) with an indoor [...]
Comments Off
Category: General Technology Tags: Microsoft
by Neil MacDonald | July 7, 2009 | 5 Comments
I saw this in an article today on Bloomerberg: July 7 (Bloomberg) — Goldman Sachs Group Inc. may lose its investment in a proprietary trading code and millions of dollars from increased competition if software allegedly stolen by a former employee gets into the wrong hands, a prosecutor said. Full details of the theft were [...]
Category: Application Security Tags: Application Security, Security No-Brainer
