Entries Categorized as 'Information Security'
by Neil MacDonald | September 13, 2012 | 3 Comments
I blogged about this question years ago, but a recent blog on CSO got me thinking once again. Has anything changed? Thoughts: 1) The question “Has antivirus outlived its value?” is wrong. AV hasn’t been AV for years. Gartner stopped calling the market “AV” back in 2006. Modern Endpoint Protection Platforms (EPP – the term [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Next-generation Security Infrastructure Windows 8 Tags: Adaptive Security Infrastucture, Apple, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Information Security, Microsoft, Microsoft Security, Windows
by Neil MacDonald | September 6, 2012 | 1 Comment
There’s a story behind the title of this blog Recently, I had a discussion in regards to Microsoft’s BitLocker with a client. One of the issues I call out in my research on BitLocker is that (unlike competing third party products), Microsoft doesn’t have an option to synchronize the pre-boot PIN with the Windows login [...]
Category: General Technology Information Security Microsoft Microsoft Security Windows 7 Tags: Best Practices, Endpoint Protection Platform, Information Security, Microsoft, Microsoft Security, Windows
by Neil MacDonald | August 29, 2012 | Comments Off
I’ve spent the last three days in Silicon Valley – some of it at VMworld and some of it with a client. With the flight out and back to the West Coast, I’ve had some time to do some thinking. Cleary, there’s a perception that hardware is commoditizing and that there’s little or no premium left in [...]
Category: Cloud Security General Technology Information Security Next-generation Data Center Next-generation Security Infrastructure Virtualization Security Tags: Adaptive Security Infrastucture, Apple, Cloud Security, DC-Summit-NA, Reducing Complexity, Virtualization
by Neil MacDonald | May 21, 2012 | Comments Off
I’ve been absent from my typical blogging routine getting my material finalized for two Gartner upcoming US-based summits in June 2012. The first is Gartner’s Infrastructure and Operations Management Summit being held in Orlando the week of June 4th. This conference is focused on infrastructure and operations solutions for managing desktops, servers, and mobile devices [...]
Category: Application Security Beyond Anti-Virus Big Data and Information Security Cloud Security Information Security Next-generation Security Infrastructure Security Intelligence Virtualization Security Tags: Adaptive Security Infrastucture, Application Security, application security testing tools, Beyond Anti-Virus, Cloud Security, Context-aware Security, DC-Summit-NA, Next-generation Data Center, Next-generation Security Infrastructure, Security-Summit-NA, Virtualization Security, VMsafe, VMware, Whitelisting
by Neil MacDonald | December 9, 2011 | Comments Off
I’ve just gotten back from Gartner’s Data Center Conference in Las Vegas. Like Gartner’s recent US Symposium and European Symposium, the conference had record attendance and interest in information security was high. I’ll place the top security-related issues from non-vendor attendees in a separate post. On the vendor side, I had several information security providers [...]
Category: Information Security Next-generation Data Center Tags: GartnerDC, Information Security, Next-generation Data Center, symposium
by Neil MacDonald | October 24, 2011 | 1 Comment
Last week I attended Gartner’s US Symposium conference in Orlando. With 8,000+ attendees (25% of which were CIOs) and at least 1,000 more analysts, vendors and support staff, you can imagine it was quite a scene. In addition to three presentations, I had more than 30 fantastic one on ones with attendees over the four [...]
Category: Application Security Beyond Anti-Virus Cloud Cloud Security Information Security Microsoft Security Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Cloud Security, Context-aware Security, DC-Summit-NA, Endpoint Protection Platform, Information Security, Microsoft Security, symposium, Virtualization Security
by Neil MacDonald | October 11, 2011 | 1 Comment
Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to destinations outside of the enterprise (the latter is where most organizations have started). <digress> You noticed I didn’t use the term “DLP”. That’s because I [...]
Category: Information Security Next-generation Security Infrastructure Security Intelligence Tags: Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Security No-Brainer
by Neil MacDonald | September 28, 2011 | 1 Comment
I’ve been out the past two weeks visiting with clients and have been meaning to summarize my impression of the upcoming Windows 8 (expected mid 2012) from a security point of view. I attended Microsoft’s recent BUILD conference for developers where Windows 8 made its first official appearance. You can see my real-time tweets and [...]
Category: Beyond Anti-Virus Information Security Microsoft Security Windows 7 Tags: Apple, Beyond Anti-Virus, Defense-in-Depth, Information Security, Microsoft, Microsoft Security, Whitelisting, Windows
by Neil MacDonald | August 22, 2011 | 3 Comments
I’ve had two discussions with clients today already on the role of full drive encryption ( FDE technologies such as Microsoft’s BitLocker, McAfee Total Protection, Sophos/Utimaco, Symantec PGP, Check Point, Trend/Mobile Armor etc) for fixed desktops. Full drive encryption should be considered mandatory for laptops and most organizations have implemented this – either with Windows [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Windows 7 Tags: Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Microsoft Security, Windows
by Neil MacDonald | August 5, 2011 | 1 Comment
I had a discussion with a client today looking to protect sensitive intellectual property in their source code. I discussed two primary areas of risk: 1) that the developers (some of which were offshored) might take the code and 2) once the code was distributed to customers, it might be reverse engineered or copied Addressing [...]
Category: Application Security Applications Information Security Tags: Application Security, Best Practices, Defense-in-Depth, Information Security
