Neil MacDonald

In my previous post, I stated this:
One important note: Because many of the more popular security features such as BitLocker, BitLocker To Go, AppLocker, DirectAccess and so on require EA/SA, the cost of EA/SA must be factored into any cost-benefit analysis of migration. If you don’t already have EA/SA, this can be a significant expense.
Since [...]

[Read more →]

I haven’t posted in a while – I was preparing for and attending Gartner’s US Fall Symposium conference in Orlando which wrapped up yesterday. Coincidentally, yesterday was also the official launch of Windows 7.
As I talked about here, there are things that organizations can do today to improve the security of their endpoints that don’t [...]

[Read more →]

Do Macintosh machines need AV?
My answer: Forget the OS. Do users download and install arbitrary code/applications? (don’t forget, this includes browser plug-ins as well). If so, I don’t care if you are running Macintosh, Linux, or Windows the answer is you need protection from malware, including signature-based mechanisms (historically referred to as AV…). Just like [...]

[Read more →]

Symantec recently announced the latest release of its consumer protection technology which includes a new malware technology code-named “Quorum”. Essentially the technology uses visibility (or lack thereof) of behavior of executable code across a community to aid in the determination if a given piece of code is “good” or “bad”. We are working on our [...]

[Read more →]

Mostly for legacy reasons, many of us continue to run users with administrative privileges on their Windows workstations.
Running as standard user reduces exposure to malware by preventing users from updating protected parts of the file system and registry or accessing sensitive Windows operations. An analysis by BeyondTrust showed that 92% of the critical Windows vulnerabilities [...]

[Read more →]

In my previous post, I talked about the need to encrypt all desktop and server direct attached storage for protection of the data over the lifecycle of the machine, including retirement. In this post, I made this statement in passing:
Most of us know by now that encryption of mobile laptops should be considered mandatory.

The same [...]

[Read more →]

I saw today on this website that Microsoft has released the beta offering of its free consumer-oriented antivirus/antispyware protection solution called Microsoft Security Essentials (MSE – previously code-named “Morro”). The offering is available to the first 75,000 visitors to the site starting today. Gartner’s full analysis and advice for clients will be available shortly, but [...]

[Read more →]

I had a conversation with a client last week where their incumbent antivirus provider was trying to charge them separately for antispyware capabilities in addition to their antivirus solution.
Sigh. I thought we put this issue to rest years ago.
In 2005, I wrote ”How to Get Free Anti-spyware (or Antivirus) Protection” so I was a [...]

[Read more →]

In my last post, I talked about several impending inflection points for information security.
One of them was:
More than half of our employees spend the majority of their working hours connected to networks we don’t own and don’t control (airports, hotels, home, wireless, 3G and so on)

This brings me to my fifth security no-brainer (for [...]

[Read more →]

My previous post on whitelisting has generated a lot of comments. Buried in the comment stream, I made this statement:
I look forward to the time (hopefully soon) when an industry consortium or worldwide standards effort brings together legitimate ISVs to create a shareable whitelist for all to use.

Whitelisting is foundational to any information security protection [...]

[Read more →]