Neil MacDonald

A member of the Gartner Blog Network

Archives for September, 2009


Yes, Macs are Vulnerable Too.

by Neil MacDonald  |  September 25, 2009  |  6 Comments

Do Macintosh machines need AV? My answer: Forget the OS. Do users download and install arbitrary code/applications? (don’t forget, this includes browser plug-ins as well). If so, I don’t care if you are running Macintosh, Linux, or Windows the answer is you need protection from malware, including signature-based mechanisms (historically referred to as AV…). Just [...]

6 Comments »

Category: Beyond Anti-Virus Endpoint Protection Platform     Tags: , , ,

Security Thought for Thursday: With DLP, Don’t Just Treat the Symptoms, Address the Cause

by Neil MacDonald  |  September 24, 2009  |  4 Comments

I’ve talked to several organizations (commercial and federal governments) that have banned the use of all USB flash drives as part of a data loss prevention (DLP) strategy. This may indeed be necessary and provides immediate protection of data loss. However, its a blunt, coarse control that really doesn’t solve the underlying problem. Such drastic [...]

4 Comments »

Category: Information Security Next-generation Security Infrastructure     Tags: ,

Security Thought for Thursday: The Proxy Purists Were Right

by Neil MacDonald  |  September 16, 2009  |  4 Comments

A proxy-based model for externalizing and enforcing security policy is the right approach and becoming more, not less, relevant. To be clear, I’m not just talking about network traffic proxies. I mean everywhere up and down the IT stack. For example, when web users talked to web applications, we use load controllers, web access management [...]

4 Comments »

Category: Next-generation Security Infrastructure Virtualization Security     Tags:

We Have a Quorum: Blacklists Aren’t Cutting it.

by Neil MacDonald  |  September 14, 2009  |  7 Comments

Symantec recently announced the latest release of its consumer protection technology which includes a new malware technology code-named “Quorum”. Essentially the technology uses visibility (or lack thereof) of behavior of executable code across a community to aid in the determination if a given piece of code is “good” or “bad”. We are working on our [...]

7 Comments »

Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure     Tags: , , , ,

VMware, SpringSource and Security

by Neil MacDonald  |  September 11, 2009  |  Comments Off

In a previous post, I discussed VMware’s differentiated message of choice in Cloud-computing infrastructure. That post talked primarily about enabling infrastructure as a Service (IaaS) providers (using the same technology VMware delivers for enterprises) to build and deliver flexible infrastructure services with scalable networking, storage and compute underneath. But what about the ability to support [...]

Comments Off

Category: Cloud Next-generation Security Infrastructure     Tags: , ,

Security Thought for Thursday: DLP Should be a Process, not a Product

by Neil MacDonald  |  September 10, 2009  |  3 Comments

When someone talks undertaking a “Data Loss Prevention” (DLP) initiative, they are usually talking about deploying a product from one of the DLP vendors such as McAfee, Symantec, EMC/RSA and so on. Much like I talked about in this post on application security, a product cannot solve what first and foremost is a process problem. [...]

3 Comments »

Category: Information Security     Tags: ,

VMware’s Message of Cloud Choice (and Security)

by Neil MacDonald  |  September 2, 2009  |  4 Comments

As I listened to the keynotes Tuesday and Wednesday at VMworld, a couple of things stood out. It is refreshing to hear the CEO and CTO of a platform vendor talk about the importance of security in both of their respective keynotes. Make no mistake, VMware will be a factor in shaping the future of [...]

4 Comments »

Category: Cloud Virtualization Security     Tags: , ,