Entries Categorized as 'Information Security'
by Neil MacDonald | December 9, 2011 | Comments Off
I’ve just gotten back from Gartner’s Data Center Conference in Las Vegas. Like Gartner’s recent US Symposium and European Symposium, the conference had record attendance and interest in information security was high. I’ll place the top security-related issues from non-vendor attendees in a separate post. On the vendor side, I had several information security providers [...]
Category: Information Security Next-generation Data Center Tags: GartnerDC, Information Security, Next-generation Data Center, symposium
by Neil MacDonald | October 24, 2011 | 1 Comment
Last week I attended Gartner’s US Symposium conference in Orlando. With 8,000+ attendees (25% of which were CIOs) and at least 1,000 more analysts, vendors and support staff, you can imagine it was quite a scene. In addition to three presentations, I had more than 30 fantastic one on ones with attendees over the four [...]
Category: Application Security Beyond Anti-Virus Cloud Cloud Security Information Security Microsoft Security Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Cloud Security, Context-aware Security, DC-Summit-NA, Endpoint Protection Platform, Information Security, Microsoft Security, symposium, Virtualization Security
by Neil MacDonald | October 11, 2011 | 1 Comment
Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to destinations outside of the enterprise (the latter is where most organizations have started). <digress> You noticed I didn’t use the term “DLP”. That’s because I [...]
Category: Information Security Next-generation Security Infrastructure Security Intelligence Tags: Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Security No-Brainer
by Neil MacDonald | September 28, 2011 | 1 Comment
I’ve been out the past two weeks visiting with clients and have been meaning to summarize my impression of the upcoming Windows 8 (expected mid 2012) from a security point of view. I attended Microsoft’s recent BUILD conference for developers where Windows 8 made its first official appearance. You can see my real-time tweets and [...]
Category: Beyond Anti-Virus Information Security Microsoft Security Windows 7 Tags: Apple, Beyond Anti-Virus, Defense-in-Depth, Information Security, Microsoft, Microsoft Security, Whitelisting, Windows
by Neil MacDonald | August 22, 2011 | 3 Comments
I’ve had two discussions with clients today already on the role of full drive encryption ( FDE technologies such as Microsoft’s BitLocker, McAfee Total Protection, Sophos/Utimaco, Symantec PGP, Check Point, Trend/Mobile Armor etc) for fixed desktops. Full drive encryption should be considered mandatory for laptops and most organizations have implemented this – either with Windows [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Windows 7 Tags: Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Microsoft Security, Windows
by Neil MacDonald | August 5, 2011 | 1 Comment
I had a discussion with a client today looking to protect sensitive intellectual property in their source code. I discussed two primary areas of risk: 1) that the developers (some of which were offshored) might take the code and 2) once the code was distributed to customers, it might be reverse engineered or copied Addressing [...]
Category: Application Security Applications Information Security Tags: Application Security, Best Practices, Defense-in-Depth, Information Security
by Neil MacDonald | July 14, 2011 | Comments Off
We can’t secure everything equally, nor does everything need to be equally secured. What we need is a context-aware, risk-based view of where to focus our efforts where part of the context is the business value and sensitivity of the asset we are protecting.
Category: Information Security Security Intelligence Tags: Information Security, Reducing Cost
by Neil MacDonald | July 11, 2011 | Comments Off
I’ve been absent from blogging for 2 weeks – first we had the Gartner Information Security Summit in DC and then I took some time off for a much-needed vacation. We spent some time at Hilton Head Island in South Carolina. They’ve got a pretty amazing flat beach where the difference between high tide and [...]
Category: Beyond Anti-Virus Information Security Next-generation Security Infrastructure Tags: APTs, Beyond Anti-Virus, Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Security-Summit-NA, Systematic Workload Reprovisioning
by Neil MacDonald | June 23, 2011 | Comments Off
I’m here at the Gartner Information Security summit on the fourth and final day. We had a record number of attendees – at least 1700 by my estimate. Attendees have the ability to book one on one conversations with the analysts and my schedule was completely full. One of the conversations with a client was [...]
Category: Information Security Next-generation Security Infrastructure Virtualization Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Endpoint Protection Platform, Information Security, Next-generation Security Infrastructure, Security-Summit-NA, Systematic Workload Reprovisioning, Virtualization Security
by Neil MacDonald | June 9, 2011 | 1 Comment
On 3 June 2011, RSA, the Security Division of EMC, confirmed that Lockheed Martin had proof that hackers attacked its network partly by using data stolen in a March 2011 attack on RSA. Subsequently, on 6 June 2011, RSA announced a program to replace customers’ RSA SecurID one-time password (OTP) authentication product tokens We’ve updated [...]
Category: Application Security Endpoint Protection Platform Information Security Tags: Best Practices, Defense-in-Depth, Endpoint Protection Platform, Information Security, Security-Summit-NA
