by Neil MacDonald | July 19, 2011 | 5 Comments
Counterintuitive? Yup. I’ve worked with hundreds of clients on the design and implementation of application control (whitelisting) solutions. The key to a successful application control implementation is *not* have to manually manage the whitelist on an application-by-application basis. Our goal should be to identify and approve how trust propagates to files on a system and [...]
Category: Virtualization Security Tags:
by Neil MacDonald | July 15, 2011 | Comments Off
1) Treating Cloud as one thing. At a minimum, clarify whether you are talking about SaaS, PaaS, or IaaS – and whether you are talking about public or private cloud implementations. 2) Assuming Cloud always means Public Cloud Cloud is a computing style, not a location. 3) Citing Security as the number one issue to [...]
Comments Off
Category: Cloud Cloud Security Virtualization Virtualization Security Tags: Cloud Security, Next-generation Data Center
by Neil MacDonald | July 14, 2011 | Comments Off
We can’t secure everything equally, nor does everything need to be equally secured. What we need is a context-aware, risk-based view of where to focus our efforts where part of the context is the business value and sensitivity of the asset we are protecting.
Comments Off
Category: Information Security Security Intelligence Tags: Information Security, Reducing Cost
by Neil MacDonald | July 11, 2011 | Comments Off
I’ve been absent from blogging for 2 weeks – first we had the Gartner Information Security Summit in DC and then I took some time off for a much-needed vacation. We spent some time at Hilton Head Island in South Carolina. They’ve got a pretty amazing flat beach where the difference between high tide and [...]
Comments Off
Category: Beyond Anti-Virus Information Security Next-generation Security Infrastructure Tags: APTs, Beyond Anti-Virus, Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Security-Summit-NA, Systematic Workload Reprovisioning
