Neil MacDonald

A member of the Gartner Blog Network

Entries Categorized as 'Information Security'


Is Antivirus Obsolete?

by Neil MacDonald  |  September 13, 2012  |  3 Comments

I blogged about this question years ago, but a recent blog on CSO got me thinking once again. Has anything changed? Thoughts: 1) The question “Has antivirus outlived its value?” is wrong. AV hasn’t been AV for years. Gartner stopped calling the market “AV” back in 2006. Modern Endpoint Protection Platforms (EPP – the term [...]

3 Comments »

Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Next-generation Security Infrastructure Windows 8     Tags: , , , , , , , ,

If a Tree Falls in the Forest, is it Encrypted?

by Neil MacDonald  |  September 6, 2012  |  1 Comment

There’s a story behind the title of this blog Recently, I had a discussion in regards to Microsoft’s BitLocker with a client. One of the issues I call out in my research on BitLocker is that (unlike competing third party products), Microsoft doesn’t have an option to synchronize the pre-boot PIN with the Windows login [...]

1 Comment »

Category: General Technology Information Security Microsoft Microsoft Security Windows 7     Tags: , , , , ,

What we Need is the Equivalent of Apple for Enterprise Data Centers

by Neil MacDonald  |  August 29, 2012  |  Comments Off

I’ve spent the last three days in Silicon Valley – some of it at VMworld and some of it with a client. With the flight out and back to the West Coast, I’ve had some time to do some thinking. Cleary, there’s a perception that hardware is commoditizing and that there’s little or no premium left in [...]

Comments Off

Category: Cloud Security General Technology Information Security Next-generation Data Center Next-generation Security Infrastructure Virtualization Security     Tags: , , , , ,

Getting Ready for Gartner’s 2012 Infrastructure & Operations and Information Security Summits

by Neil MacDonald  |  May 21, 2012  |  Comments Off

I’ve been absent from my typical blogging routine getting my material finalized for two Gartner upcoming US-based summits in June 2012. The first is Gartner’s Infrastructure and Operations Management Summit being held in Orlando the week of June 4th. This conference is focused on infrastructure and operations solutions for managing desktops, servers, and mobile devices [...]

Comments Off

Category: Application Security Beyond Anti-Virus Big Data and Information Security Cloud Security Information Security Next-generation Security Infrastructure Security Intelligence Virtualization Security     Tags: , , , , , , , , , , , , ,

Will the Euro Crisis Affect Information Security Spending?

by Neil MacDonald  |  December 9, 2011  |  Comments Off

I’ve just gotten back from Gartner’s Data Center Conference in Las Vegas. Like Gartner’s recent US Symposium and European Symposium, the conference had record attendance and interest in information security was high. I’ll place the top security-related issues from non-vendor attendees in a separate post. On the vendor side, I had several information security providers [...]

Comments Off

Category: Information Security Next-generation Data Center     Tags: , , ,

US Symposium Summary from a Security Perspective

by Neil MacDonald  |  October 24, 2011  |  1 Comment

Last week I attended Gartner’s US Symposium conference in Orlando. With 8,000+ attendees (25% of which were CIOs) and at least 1,000 more analysts, vendors and support staff, you can imagine it was quite a scene. In addition to three presentations, I had more than 30 fantastic one on ones with attendees over the four [...]

1 Comment »

Category: Application Security Beyond Anti-Virus Cloud Cloud Security Information Security Microsoft Security Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , , , ,

Data Loss Prevention Needs to Evolve

by Neil MacDonald  |  October 11, 2011  |  1 Comment

Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to destinations outside of the enterprise (the latter is where most organizations have started). <digress> You noticed I didn’t use the term “DLP”. That’s because I [...]

1 Comment »

Category: Information Security Next-generation Security Infrastructure Security Intelligence     Tags: , , ,

Windows 8 Raises the Bar for Security

by Neil MacDonald  |  September 28, 2011  |  1 Comment

I’ve been out the past two weeks visiting with clients and have been meaning to summarize my impression of the upcoming Windows 8 (expected mid 2012) from a security point of view. I attended Microsoft’s recent BUILD conference for developers where Windows 8 made its first official appearance. You can see my real-time tweets and [...]

1 Comment »

Category: Beyond Anti-Virus Information Security Microsoft Security Windows 7     Tags: , , , , , , ,

Full Drive Encryption is not just for Laptops

by Neil MacDonald  |  August 22, 2011  |  3 Comments

I’ve had two discussions with clients today already on the role of full drive encryption ( FDE technologies such as Microsoft’s BitLocker, McAfee Total Protection, Sophos/Utimaco, Symantec PGP, Check Point, Trend/Mobile Armor etc) for fixed desktops. Full drive encryption should be considered mandatory for laptops and most organizations have implemented this – either with Windows [...]

3 Comments »

Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Windows 7     Tags: , , , ,

Protecting Intellectual Property in Source Code Requires a Two Prong Strategy

by Neil MacDonald  |  August 5, 2011  |  1 Comment

I had a discussion with a client today looking to protect sensitive intellectual property in their source code. I discussed two primary areas of risk: 1) that the developers (some of which were offshored) might take the code and 2) once the code was distributed to customers, it might be reverse engineered or copied Addressing [...]

1 Comment »

Category: Application Security Applications Information Security     Tags: , , ,