Neil MacDonald

A member of the Gartner Blog Network

Entries Categorized as 'Cloud'


Virtual Firewalls or Physical? Wrong Question.

by Neil MacDonald  |  November 5, 2012  |  2 Comments

I still see people getting bogged down in rather meaningless arguments as to whether or not firewalls will be virtualized. They will (and, in fact, are). The bigger trend is the shift from proprietary hardware to software running on commodity hardware (in almost all cases, x86). That’s the big shift. Whether or not a given [...]

2 Comments »

Category: Cloud Cloud Security Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , ,

Yes, Cloud Offerings Can Have an On-Premises Element

by Neil MacDonald  |  May 25, 2012  |  4 Comments

One of the common misconceptions that I run into is that a public cloud services provider can’t have an on-premises element to their offering and that having this footprint somehow “breaks” the cloud model. The root of this misconception lies in equating cloud to a location. Cloud is a computing style, not a location. There [...]

4 Comments »

Category: Cloud Cloud Security     Tags: ,

Cloud Computing can be More Secure

by Neil MacDonald  |  March 31, 2012  |  7 Comments

In multiple Gartner surveys, security is cited as the number one inhibitor to the adoption of Cloud-based computing. Many IT professionals have a preconceived notion that cloud computing will be less secure than what they can deliver themselves on premises. This is a mistake. An absolute statement that cloud computing will be less secure is [...]

7 Comments »

Category: Cloud Cloud Security Next-generation Security Infrastructure     Tags: , , , , ,

Intrusion Prevention Systems? We Need Intrusion Resilient Systems

by Neil MacDonald  |  February 3, 2012  |  1 Comment

I’ve blogged before about advanced threats that easily bypass our traditional protection mechanisms and reside undetected for extended periods of time on our systems. On one of the panels I moderated on APTs, Dave Merkel from Mandiant put it best. “You are compromised, get over it”. Others in the US Government have come to the [...]

1 Comment »

Category: Application Security Beyond Anti-Virus Cloud Cloud Security Next-generation Security Infrastructure Security Intelligence     Tags: , , , , , , , , ,

The Market for Dynamic Application Security Testing is Anything but Static

by Neil MacDonald  |  January 4, 2012  |  1 Comment

We’ve just published a new Magic Quadrant for Dynamic Application Security Testing (DAST) for Gartner clients. In Gartner research, we use the term DAST to refer to testing solutions and techniques that are designed to test an application from the “outside in” to detect conditions indicative of a security vulnerability in an application in its [...]

1 Comment »

Category: Application Security Applications Cloud Cloud Security     Tags: , ,

Security Observations from Gartner’s Data Center Summit

by Neil MacDonald  |  December 9, 2011  |  1 Comment

I’m just back from Gartner’s US 2011 Data Center Summit held this week in Las Vegas. In my previous post, I talked about information security vendor’s concerns on the potential impact of the Eurozone crisis on information security spending. Here, I want to outline the top security-related  issues and concerns that I discussed with attendees [...]

1 Comment »

Category: Cloud Cloud Security Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , ,

US Symposium Summary from a Security Perspective

by Neil MacDonald  |  October 24, 2011  |  1 Comment

Last week I attended Gartner’s US Symposium conference in Orlando. With 8,000+ attendees (25% of which were CIOs) and at least 1,000 more analysts, vendors and support staff, you can imagine it was quite a scene. In addition to three presentations, I had more than 30 fantastic one on ones with attendees over the four [...]

1 Comment »

Category: Application Security Beyond Anti-Virus Cloud Cloud Security Information Security Microsoft Security Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , , , ,

It’s Time for Security to Ascend

by Neil MacDonald  |  August 24, 2011  |  1 Comment

As I research into the future of adaptive security infrastructure, I am convinced that the future of information security lies in software, not hardware. If you think about it for a bit, most of information security policy enforcement is in the form of software already – it’s just embodied (entombed?) in physical hardware. Unfortunately, the [...]

1 Comment »

Category: Cloud Cloud Security Next-generation Security Infrastructure Virtualization Security     Tags: , , , , , ,

Seven Cloud Computing Pet Peeves

by Neil MacDonald  |  July 15, 2011  |  Comments Off

1) Treating Cloud as one thing. At a minimum, clarify whether you are talking about SaaS, PaaS, or IaaS – and whether you are talking about public or private cloud implementations. 2) Assuming Cloud always means Public Cloud Cloud is a computing style, not a location. 3) Citing Security as the number one issue to [...]

Comments Off

Category: Cloud Cloud Security Virtualization Virtualization Security     Tags: ,

Forget Trust, Think “Trustability”

by Neil MacDonald  |  May 31, 2011  |  3 Comments

The term “trust” is too binary for the world of business and IT we are moving into. Trust sounds black and white / all or nothing. Either I trust you or I don’t. The reality is far more complex and a world of information security decisions based on shades of grey, not black and white. [...]

3 Comments »

Category: Cloud Cloud Security Next-generation Security Infrastructure     Tags: , , , ,