Gartner Blog Network

Posts from Date:   2011-6

Real-world Systematic Workload Reprovisioning

by Neil MacDonald  |  June 23, 2011

I’m here at the Gartner Information Security summit on the fourth and final day. We had a record number of attendees – at least 1700 by my estimate. Attendees have the ability to book one on one conversations with the analysts and my schedule was completely full. One of the conversations with a client was […]

Read more »

Don’t Trust Your Servers

by Neil MacDonald  |  June 17, 2011

One of the toughest problems in information security is addressing advanced intrusions that have bypassed traditional security controls and now reside undetected on enterprise systems. With financially motivated attacks and state-sponsored “advanced persistent threats” both on the rise, intrusions can remain undetectable for extended periods of time. We have reached a point where our systems […]

Read more »

Improving Security by Killing Server and Desktop Workloads

by Neil MacDonald  |  June 16, 2011

It sounds counterintuitive, but today’s advanced threat environment requires new approaches to the ongoing security and management of server and desktop workloads. The trouble with Advanced Persistent Threats is that, by definition, they have evaded our traditional network and endpoint security controls and now reside undetected in our IT Systems. How many advanced intrusions will […]

Read more »

Some Thoughts on RSA SecurID Risk

by Neil MacDonald  |  June 9, 2011

On 3 June 2011, RSA, the Security Division of EMC, confirmed that Lockheed Martin had proof that hackers attacked its network partly by using data stolen in a March 2011 attack on RSA. Subsequently, on 6 June 2011, RSA announced a program to replace customers’ RSA SecurID one-time password (OTP) authentication product tokens We’ve updated […]

Read more »

Is Single Instance Security the Future?

by Neil MacDonald  |  June 6, 2011

I’ve been researching the intersection between virtualization and security for several years. Like security and cloud computing, virtualization and security is also following a maturity curve. The first several years were discussions with clients on how to deploy virtualization securely. Over the past 2 years, I’ve had an increasing number of calls on the virtualization […]

Read more »