Neil MacDonald

A member of the Gartner Blog Network

Archives for January, 2010


Vendors are a Big Part of the Problem in Getting off of IE6

by Neil MacDonald  |  January 29, 2010  |  4 Comments

Get off of Internet Explore version 6. Now. IE6 has become an anchor (and a security risk). For Gartner clients, we’ve been advising this since October 2006. In blogging, I’ve said it here and most recently, here again. However, in reality, the move is easier said than done. Here’s what I said in this research [...]

4 Comments »

Category: Beyond Anti-Virus Microsoft Security     Tags: , , ,

Addressing the Most Common Security Risks in Data Center Virtualization Projects

by Neil MacDonald  |  January 27, 2010  |  5 Comments

One of my frequent blog posting topics is virtualization security. Virtualization isn’t inherently insecure, but in many cases, it is being deployed insecurely. The latter is a result of the relative immaturity of our tools, processes, staff and service providers. Also, in many cases, information security isn’t proactively involved in the virtualization planning. Survey data [...]

5 Comments »

Category: Next-generation Data Center Virtualization Security     Tags: , , ,

Another Lesson from the IE Zero Day Attacks on Google: The Power of Whitelisting

by Neil MacDonald  |  January 21, 2010  |  13 Comments

In my previous post, I discussed three lessons from the recent breaches of Google’s infrastructure as the result of attacks on unknown vulnerabilities in Internet Explorer where no patch was available. I need to break one out explicitly that falls under the broader category of host-based intrusion prevention: Application Control/whitelisting. I am convinced that whitelisting [...]

13 Comments »

Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure     Tags: , , , , , ,

Google, IE, China and Zero Day Attacks: Three Lessons

by Neil MacDonald  |  January 18, 2010  |  6 Comments

We’ve got a team of analysts working on a broader event research note that will be published shortly. What I wanted to discuss here is “so what do I do if my organization is using IE?”. Longer term, there are three key takeaways from the recent events: Lesson #1 – Run more users as standard [...]

6 Comments »

Category: Application Security Endpoint Protection Platform Microsoft Security     Tags: , , , , , , ,

More Application Security Goodness From OWASP

by Neil MacDonald  |  January 14, 2010  |  6 Comments

I’ve written before about OWASP and the guidance they provide to organizations looking to improve application security. One of the best practices for improving application security is to ensure that any code we produce or procure is more secure right from the beginning. Many of the clients I talk with are highly focused on the [...]

6 Comments »

Category: Application Security Information Security     Tags: , , ,

Virtualization Security Using Desktop Virtualization

by Neil MacDonald  |  January 11, 2010  |  3 Comments

As I discuss multiple security alternatives for enterprise desktops with clients, one of the options that must be discussed is the use of server-based computing and terminal services also referred to by vendors as “presentation virtualization”. One of the questions that comes up is “are terminal services really a form of virtualization, or are vendors [...]

3 Comments »

Category: Beyond Anti-Virus Virtualization Security     Tags: , , ,

Food for Thought Friday: REST, DNA and the Diversity of IT

by Neil MacDonald  |  January 8, 2010  |  4 Comments

Over the holiday break, I watched an excellent presentation on PBS titled “What Darwin Never Knew” During the 2 hour show, it stuck me that all of the diversity — from the simple to the complex — of life on earth is expressed with DNA using only four types of molecules called bases – abbreviated [...]

4 Comments »

Category: General Technology Information Security     Tags: ,

Next-Generation Data Center Security: Cisco Acquires Rohati

by Neil MacDonald  |  January 7, 2010  |  Comments Off

I saw this article yesterday on Cisco’s acquisition of Rohati. Gartner’s full analysis will be out shortly, but here are my thoughts. I believe this further confirms what I’ve already stated: Identity-awareness should be a feature, not a product. We don’t need to buy yet another box to add identity-awareness to our networks – it [...]

Comments Off

Category: Next-generation Data Center Next-generation Security Infrastructure Virtualization Security     Tags: , , ,

Six Trends That Will Further Reshape Information Security in 2010

by Neil MacDonald  |  January 4, 2010  |  3 Comments

Food for thought to kick off 2010. The convergence of these trends (listed in my opinion of the order of impact) will radically reshape the future of information security – both the vendor landscape and how we architect and manage information security internally: Convergence onto Security Platforms: The movement of related security controls into “security [...]

3 Comments »

Category: Endpoint Protection Platform Information Security Next-generation Security Infrastructure SharePoint Security Virtualization Security     Tags: , , , , , ,