Archives for July, 2010
by Neil MacDonald | July 23, 2010 | Comments Off
In my previous post, I discussed a free virtualized browser offering from Dell KACE. The virtualized browser is based on Firefox with Dell indicating that it hopes to offer a virtualized version of Internet Explorer in the future. That’s more complicated than it first appears. Technically, can IE be virtualized? Yes. Some of the application [...]
Category: Application Security Information Security Virtualization Virtualization Security Windows 7 Tags: Endpoint Protection Platform, Microsoft Security, Virtualization Security, Windows
by Neil MacDonald | July 22, 2010 | 1 Comment
On 20 July 2010, Dell KACE introduced a free “sandboxed” version of Firefox for download by anyone. Using its Kontainer application virtualization technology, Dell KACE isolates attacks on the browser from infecting the rest of the system. The idea of isolating the activities of a potentially harmful application (sandboxing) isn’t new. Isolation via virtualization/sandboxing of [...]
Category: Virtualization Virtualization Security Tags: Endpoint Protection Platform, Virtualization Security, Windows
by Neil MacDonald | July 21, 2010 | Comments Off
Just because Microsoft stopped providing security patches for Windows 2000 last week, don’t assume that it can’t continue to be used securely in your environment. One option is to pay Microsoft $50,000 per quarter ($200,000 per year) for a Custom Support Agreement (CSA) for continued access to critical Windows 2000 patches. A lower-cost alternative program [...]
Category: Information Security Microsoft Security Tags: Information Security, Microsoft Security, Windows
by Neil MacDonald | July 19, 2010 | 2 Comments
Let me clarify what I mean by this. When most people talk about identities they are really talking about identifiers – such as a username. I explored this insight in 2007 with Kim Cameron of Microsoft in this Gartner Fellows interview. So getting past the confusion with identifiers, what is an identity? An identity is [...]
Category: Information Security Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, Information Security, Next-generation Security Infrastructure
by Neil MacDonald | July 15, 2010 | 2 Comments
We are waaaaaay too focused on the prevention component and woefully inadequate on the detection component of this equation. We overspend on increasingly ineffective prevention technologies — network and host based firewalls, intrusion prevention systems and antivirus technologies in a futile attempt to prevent all infections. Zero infections is a fallacy. It is simply not [...]
Category: Beyond Anti-Virus Information Security Tags: Adaptive Security Infrastucture, Defense-in-Depth, Information Security, Next-generation Security Infrastructure
by Neil MacDonald | July 12, 2010 | 2 Comments
Coming back from vacation, I saw this recent article in the New York Times on the recent theft of classified military data. In this case, the person simply bypassed the restrictions on USB ports and simply copied the data to a writeable CD/DVD drive. According to the report: According to Pentagon officials and one former [...]
Category: Information Security Windows 7 Tags: Endpoint Protection Platform, Information Security, Microsoft Security, Windows
