Gartner Blog Network

Posts from Date:   2011-3

Observations from Microsoft’s Management Summit

by Neil MacDonald  |  March 22, 2011

I’ve spent the past day and a half attending Microsoft’s Management Summit in Las Vegas. From my perspective the announcement that will affect the most enterprises from a security perspective was a change in licensing related to Forefront. Some history — in 2010, Microsoft reorganized the Server and Tools Business Unit placing the Forefront Endpoint […]

Read more »

Yes, Standard Users can Install Software

by Neil MacDonald  |  March 15, 2011

The conventional wisdom is that a user who is configured with “standard user” privileges (the least possible in Windows 7) cannot install software (or malware for that matter). This is incorrect. Software that writes to the user’s data directory, and that doesn’t write to protected portions of the registry, can install correctly as a standard […]

Read more »

Lesson from Android: Does More Open Have to Mean Less Secure?

by Neil MacDonald  |  March 11, 2011

Google’s Android has made the news a couple of times already in 2011: Here, with a credit card snooping exploit proof of concept and most recently, with malware that had gotten into the Google application store. The latter was particularly serious as it involved a privilege escalation attack that broke out of the Android sandbox. […]

Read more »

Lesson from Android: Does More Open Have to Mean Less Secure?

by Neil MacDonald  |  March 11, 2011

Google’s Android has made the news a couple of times already in 2011: Here, with a credit card snooping exploit proof of concept and most recently, with malware that had gotten into the Google application store. The latter was particularly serious as it involved a privilege escalation attack that broke out of the Android sandbox. […]

Read more »

Securing the Cloud

by Neil MacDonald  |  March 9, 2011

The cloud isn’t one thing, so securing the Cloud won’t be one thing either. The industry has settled on a layered framework for understanding, comparing and selecting cloud-based services. Gartner’s model has these high-level layers (with subcategories in each layer): Infrastructure as a Service (compute, storage, etc) Platform as a Service (middleware-like services such as […]

Read more »

NAC, DLP and Application Control: It’s About the Visibility, not the Control

by Neil MacDonald  |  March 9, 2011

Sitting here in the airport getting ready to fly back home, it occurred to me that all of these hyped technologies have had a critical shift in mindset over the past several years. Each of these technologies was originally touted with their ability to block and control “bad things” from happening. With NAC, this entailed […]

Read more »

Is Microsoft’s Secure Development Lifecycle Losing Its Effectiveness?

by Neil MacDonald  |  March 7, 2011

I was performing some background research on the number and severity of vulnerabilities produced by Apple, Microsoft and other vendors when I ran across something quite interesting. (BTW – I was researching the issue addressed in this research note for clients — whether or not antimalware software is recommended for enterprise Apple Macintosh endpoints.) Microsoft, like […]

Read more »

Muddy Carpets and Endpoint Security

by Neil MacDonald  |  March 4, 2011

I’ve had several calls recently where clients are looking to switch their endpoint protection platform vendor from one provider to another because they’ve gotten infected and they believe that switching vendors will provide them better protection. The scenario is usually goes something like this: they are using vendor X, got infected, scanned the machine with […]

Read more »

Yes, Macs are Vulnerable.

by Neil MacDonald  |  March 3, 2011

I’ve talked about this issue in past blogs, but I have an increasing number of clients asking me whether or not antimalware protection is needed on Apple Macintosh computers. More and more, organizations are putting Macs on the list of approved devices so a deeper look into this question is warranted. I’ve provided detailed guidance […]

Read more »

One Big Take Away From RSA: Intelligence

by Neil MacDonald  |  March 1, 2011

As I walked the exhibit hall floor at RSA, I couldn’t help but notice the large numbers of vendors talking about the need for improved detection capabilities and security intelligence that provides actionable insight as to what is going on in our IT infrastructure. Complete protection requires both prevention and detection capabilities. I’ve blogged about […]

Read more »