Gartner Blog Network

Posts from Date:   2009-7

Security Thought for Thursday: Information is Like Inventory

by Neil MacDonald  |  July 30, 2009

It is an asset It represents potential (revenue) for our organization Sitting idle and locked in a warehouse, its potential is wasted Its value typically diminishes over time Why aren’t we laser-focused on putting information in motion to the people that need it, when and where they need it? “Locking down” information has never been […]

Read more »

IBM Acquires Ounce Labs

by Neil MacDonald  |  July 28, 2009

Our full analysis of the acquisition will be published for clients shortly along with advice for customers of Ounce Labs and IBM’s Rational software offerings. IBM acquired a leading dynamic application security testing tool with Watchfire in 2007. With the acquisition of Ounce announced today, IBM adds a lesser known (smaller, but still positioned as […]

Read more »

From the Gartner Information Security Summit on SharePoint Security

by Neil MacDonald  |  July 27, 2009

We had a crowd of several hundred people for my presentation on SharePoint security at the recent Gartner Information Security Summit. It’s pretty much as I suspected – just like virtualization projects where security tends to be an afterthought (if considered at all), SharePoint deployments are pretty much following the same course. When I polled […]

Read more »

Byte Code Analysis is not the Same as Binary Analysis

by Neil MacDonald  |  July 24, 2009

I’ve posted many times on the importance of application security. Recently, my colleague Joseph Feiman and I published a magic quadrant for static application security testing tools – rating the vendors and tools that analyze an application from the “inside out” looking for coding conditions indicative of a security vulnerability. In the research we describe […]

Read more »

Security Thought for Thursday: It Shouldn’t Matter Where Your Data Is

by Neil MacDonald  |  July 23, 2009

When data is encrypted, the location of the data doesn’t matter (including in the Cloud). The location and management of the decryption keys is what matters.

Read more »

My Positive Experience With Bing

by Neil MacDonald  |  July 22, 2009

I’m just back from a vacation after the Gartner Information Security Summit. More on that later. While on the trip, twice I had a better experience with Microsoft’s Bing search than with Google search. Both times, I has a specific goal in mind: find a hotel for the family (with three children!) with an indoor […]

Read more »

Security No-Brainer #7: If You Have Intellectual Property Embedded in Software, Protect it.

by Neil MacDonald  |  July 7, 2009

I saw this in an article today on Bloomerberg: July 7 (Bloomberg) — Goldman Sachs Group Inc. may lose its investment in a proprietary trading code and millions of dollars from increased competition if software allegedly stolen by a former employee gets into the wrong hands, a prosecutor said. Full details of the theft were […]

Read more »