Gartner Blog Network

Posts from Date:   2011-7

The Key to Successful Application Control is not to Control Applications

by Neil MacDonald  |  July 19, 2011

Counterintuitive? Yup. I’ve worked with hundreds of clients on the design and implementation of application control (whitelisting) solutions. The key to a successful application control implementation is *not* have to manually manage the whitelist on an application-by-application basis. Our goal should be to identify and approve how trust propagates to files on a system and […]

Read more »

Seven Cloud Computing Pet Peeves

by Neil MacDonald  |  July 15, 2011

1) Treating Cloud as one thing. At a minimum, clarify whether you are talking about SaaS, PaaS, or IaaS – and whether you are talking about public or private cloud implementations. 2) Assuming Cloud always means Public Cloud Cloud is a computing style, not a location. 3) Citing Security as the number one issue to […]

Read more »

Security Thought for Thursday: We are Overspending on Traditional Security Controls

by Neil MacDonald  |  July 14, 2011

We can’t secure everything equally, nor does everything need to be equally secured. What we need is a context-aware, risk-based view of where to focus our efforts where part of the context is the business value and sensitivity of the asset we are protecting.

Read more »

Sand Castles and Advanced Persistent Threats

by Neil MacDonald  |  July 11, 2011

I’ve been absent from blogging for 2 weeks – first we had the Gartner Information Security Summit in DC and then I took some time off for a much-needed vacation. We spent some time at Hilton Head Island in South Carolina. They’ve got a pretty amazing flat beach where the difference between high tide and […]

Read more »