Neil MacDonald

I’ve talked to several organizations (commercial and federal governments) that have banned the use of all USB flash drives as part of a data loss prevention (DLP) strategy. This may indeed be necessary and provides immediate protection of data loss. However, its a blunt, coarse control that really doesn’t solve the underlying problem. Such drastic [...]

[Read more →]

A proxy-based model for externalizing and enforcing security policy is the right approach and becoming more, not less, relevant.
To be clear, I’m not just talking about network traffic proxies. I mean everywhere up and down the IT stack. For example, when web users talked to web applications, we use load controllers, web access management gateways [...]

[Read more →]

Symantec recently announced the latest release of its consumer protection technology which includes a new malware technology code-named “Quorum”. Essentially the technology uses visibility (or lack thereof) of behavior of executable code across a community to aid in the determination if a given piece of code is “good” or “bad”. We are working on our [...]

[Read more →]

In a previous post, I discussed VMware’s differentiated message of choice in Cloud-computing infrastructure. That post talked primarily about enabling infrastructure as a Service (IaaS) providers (using the same technology VMware delivers for enterprises) to build and deliver flexible infrastructure services with scalable networking, storage and compute underneath.
But what about the ability to support newly [...]

[Read more →]

As security controls are virtualized (e.g. firewalls, IPS, web application firewalls and so on), one of the more significant concerns is performance and throughput.
I remember a demonstration about a year ago where an IPS running in a VM virtual appliance easily consumed 2 out of 8 cores in a multicore system. A 25% overhead for [...]

[Read more →]

If a web application security testing tool tells me I have a vulnerability in an application, what do I do? “Fix it” is the right answer, but not always so easy if my development organization is backlogged or, worse, I don’t have access to the source code. Another answer is to shield the application from [...]

[Read more →]

Digital Rights Management (DRM – alternatively Information Rights Management [IRM]) and Data Loss Prevention (DLP) are typically thought of as separate problems with different vendors and solutions targeting each. The market may have evolved this way, but that’s not the way it has to be.
The need to place and enforce DRM policies on information (e.g. [...]

[Read more →]

When data is encrypted, the location of the data doesn’t matter (including in the Cloud). The location and management of the decryption keys is what matters.

[Read more →]

Piqued your interest? Bear with me. In a previous post, I promised to revisit the issue of “Fast-path” and “Slow-path” in the VMware vSphere platform.
With vShpere, VMware has released the first commercial implementation of its VMsafe set of APIs. As I have discussed, VMsafe is cool, but not a panacea. VMsafe provides developers two alternatives [...]

[Read more →]

Most of us know by now that encryption of mobile laptops should be considered mandatory. However, encryption of the direct attached storage used in fixed desktops and servers hasn’t been a priority because of their relative lack of mobility.
However, this overlooks the significant issue of data leakage when devices are retired. This point was [...]

[Read more →]