Neil MacDonald

A member of the Gartner Blog Network

Archives for March, 2011


Observations from Microsoft’s Management Summit

by Neil MacDonald  |  March 22, 2011  |  Comments Off

I’ve spent the past day and a half attending Microsoft’s Management Summit in Las Vegas. From my perspective the announcement that will affect the most enterprises from a security perspective was a change in licensing related to Forefront. Some history — in 2010, Microsoft reorganized the Server and Tools Business Unit placing the Forefront Endpoint […]

Comments Off

Category: Cloud Cloud Security Endpoint Protection Platform Microsoft Microsoft Security Next-generation Data Center Virtualization Virtualization Security     Tags: , , , , , , , ,

Yes, Standard Users can Install Software

by Neil MacDonald  |  March 15, 2011  |  Comments Off

The conventional wisdom is that a user who is configured with “standard user” privileges (the least possible in Windows 7) cannot install software (or malware for that matter). This is incorrect. Software that writes to the user’s data directory, and that doesn’t write to protected portions of the registry, can install correctly as a standard […]

Comments Off

Category: Endpoint Protection Platform Microsoft Security Windows 7     Tags: , , , , , , ,

Lesson from Android: Does More Open Have to Mean Less Secure?

by Neil MacDonald  |  March 11, 2011  |  Comments Off

Google’s Android has made the news a couple of times already in 2011: Here, with a credit card snooping exploit proof of concept and most recently, with malware that had gotten into the Google application store. The latter was particularly serious as it involved a privilege escalation attack that broke out of the Android sandbox. […]

Comments Off

Category: Application Security Beyond Anti-Virus Endpoint Protection Platform     Tags: , , , , , ,

Lesson from Android: Does More Open Have to Mean Less Secure?

by Neil MacDonald  |  March 11, 2011  |  Comments Off

Google’s Android has made the news a couple of times already in 2011: Here, with a credit card snooping exploit proof of concept and most recently, with malware that had gotten into the Google application store. The latter was particularly serious as it involved a privilege escalation attack that broke out of the Android sandbox. […]

Comments Off

Category: Virtualization Security     Tags:

Securing the Cloud

by Neil MacDonald  |  March 9, 2011  |  3 Comments

The cloud isn’t one thing, so securing the Cloud won’t be one thing either. The industry has settled on a layered framework for understanding, comparing and selecting cloud-based services. Gartner’s model has these high-level layers (with subcategories in each layer): Infrastructure as a Service (compute, storage, etc) Platform as a Service (middleware-like services such as […]

3 Comments »

Category: Cloud Cloud Security Virtualization Virtualization Security     Tags: , , , ,

NAC, DLP and Application Control: It’s About the Visibility, not the Control

by Neil MacDonald  |  March 9, 2011  |  Comments Off

Sitting here in the airport getting ready to fly back home, it occurred to me that all of these hyped technologies have had a critical shift in mindset over the past several years. Each of these technologies was originally touted with their ability to block and control “bad things” from happening. With NAC, this entailed […]

Comments Off

Category: Beyond Anti-Virus Endpoint Protection Platform Security Intelligence     Tags: , , , ,

Is Microsoft’s Secure Development Lifecycle Losing Its Effectiveness?

by Neil MacDonald  |  March 7, 2011  |  4 Comments

I was performing some background research on the number and severity of vulnerabilities produced by Apple, Microsoft and other vendors when I ran across something quite interesting. (BTW – I was researching the issue addressed in this research note for clients — whether or not antimalware software is recommended for enterprise Apple Macintosh endpoints.) Microsoft, like […]

4 Comments »

Category: Application Security Information Security Microsoft Security Windows 7     Tags: , , , , ,

Muddy Carpets and Endpoint Security

by Neil MacDonald  |  March 4, 2011  |  Comments Off

I’ve had several calls recently where clients are looking to switch their endpoint protection platform vendor from one provider to another because they’ve gotten infected and they believe that switching vendors will provide them better protection. The scenario is usually goes something like this: they are using vendor X, got infected, scanned the machine with […]

Comments Off

Category: Beyond Anti-Virus Endpoint Protection Platform Information Security     Tags: , , , ,

Yes, Macs are Vulnerable.

by Neil MacDonald  |  March 3, 2011  |  Comments Off

I’ve talked about this issue in past blogs, but I have an increasing number of clients asking me whether or not antimalware protection is needed on Apple Macintosh computers. More and more, organizations are putting Macs on the list of approved devices so a deeper look into this question is warranted. I’ve provided detailed guidance […]

Comments Off

Category: Beyond Anti-Virus Endpoint Protection Platform     Tags: , , ,

One Big Take Away From RSA: Intelligence

by Neil MacDonald  |  March 1, 2011  |  1 Comment

As I walked the exhibit hall floor at RSA, I couldn’t help but notice the large numbers of vendors talking about the need for improved detection capabilities and security intelligence that provides actionable insight as to what is going on in our IT infrastructure. Complete protection requires both prevention and detection capabilities. I’ve blogged about […]

1 Comment »

Category: Beyond Anti-Virus Endpoint Protection Platform Security Intelligence     Tags: , , , ,