Entries Tagged as 'Information Security'
by Neil MacDonald | September 13, 2012 | 3 Comments
I blogged about this question years ago, but a recent blog on CSO got me thinking once again. Has anything changed? Thoughts: 1) The question “Has antivirus outlived its value?” is wrong. AV hasn’t been AV for years. Gartner stopped calling the market “AV” back in 2006. Modern Endpoint Protection Platforms (EPP – the term [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Next-generation Security Infrastructure Windows 8 Tags: Adaptive Security Infrastucture, Apple, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Information Security, Microsoft, Microsoft Security, Windows
by Neil MacDonald | September 6, 2012 | 1 Comment
There’s a story behind the title of this blog Recently, I had a discussion in regards to Microsoft’s BitLocker with a client. One of the issues I call out in my research on BitLocker is that (unlike competing third party products), Microsoft doesn’t have an option to synchronize the pre-boot PIN with the Windows login [...]
Category: General Technology Information Security Microsoft Microsoft Security Windows 7 Tags: Best Practices, Endpoint Protection Platform, Information Security, Microsoft, Microsoft Security, Windows
by Neil MacDonald | March 31, 2012 | 7 Comments
In multiple Gartner surveys, security is cited as the number one inhibitor to the adoption of Cloud-based computing. Many IT professionals have a preconceived notion that cloud computing will be less secure than what they can deliver themselves on premises. This is a mistake. An absolute statement that cloud computing will be less secure is [...]
Category: Cloud Cloud Security Next-generation Security Infrastructure Tags: Cloud Security, DC-Summit-NA, GartnerDC, Information Security, Next-generation Security Infrastructure, Security-Summit-NA
by Neil MacDonald | December 9, 2011 | 1 Comment
I’m just back from Gartner’s US 2011 Data Center Summit held this week in Las Vegas. In my previous post, I talked about information security vendor’s concerns on the potential impact of the Eurozone crisis on information security spending. Here, I want to outline the top security-related issues and concerns that I discussed with attendees [...]
Category: Cloud Cloud Security Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Cloud Security, GartnerDC, Hypervisor Security, Information Security, Next-generation Data Center, Next-generation Security Infrastructure, Virtualization Security, vShield
by Neil MacDonald | December 9, 2011 | Comments Off
I’ve just gotten back from Gartner’s Data Center Conference in Las Vegas. Like Gartner’s recent US Symposium and European Symposium, the conference had record attendance and interest in information security was high. I’ll place the top security-related issues from non-vendor attendees in a separate post. On the vendor side, I had several information security providers [...]
Category: Information Security Next-generation Data Center Tags: GartnerDC, Information Security, Next-generation Data Center, symposium
by Neil MacDonald | November 14, 2011 | 1 Comment
I spent the last week in Barcelona with 4,000+ attendees at the 2011 Gartner European Symposium. It was a new venue for Gartner (we were displaced from Cannes by the G20), and I’m happy to say it was a fantastic with record attendance. Security was front and center of attendee interests. We had a total [...]
Category: Application Security Cloud Security Virtualization Security Tags: application security testing tools, Cloud Security, GartnerDC, Information Security, symposium
by Neil MacDonald | October 24, 2011 | 1 Comment
Last week I attended Gartner’s US Symposium conference in Orlando. With 8,000+ attendees (25% of which were CIOs) and at least 1,000 more analysts, vendors and support staff, you can imagine it was quite a scene. In addition to three presentations, I had more than 30 fantastic one on ones with attendees over the four [...]
Category: Application Security Beyond Anti-Virus Cloud Cloud Security Information Security Microsoft Security Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Cloud Security, Context-aware Security, DC-Summit-NA, Endpoint Protection Platform, Information Security, Microsoft Security, symposium, Virtualization Security
by Neil MacDonald | October 11, 2011 | 1 Comment
Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to destinations outside of the enterprise (the latter is where most organizations have started). <digress> You noticed I didn’t use the term “DLP”. That’s because I [...]
Category: Information Security Next-generation Security Infrastructure Security Intelligence Tags: Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Security No-Brainer
by Neil MacDonald | September 28, 2011 | 1 Comment
I’ve been out the past two weeks visiting with clients and have been meaning to summarize my impression of the upcoming Windows 8 (expected mid 2012) from a security point of view. I attended Microsoft’s recent BUILD conference for developers where Windows 8 made its first official appearance. You can see my real-time tweets and [...]
Category: Beyond Anti-Virus Information Security Microsoft Security Windows 7 Tags: Apple, Beyond Anti-Virus, Defense-in-Depth, Information Security, Microsoft, Microsoft Security, Whitelisting, Windows
by Neil MacDonald | August 5, 2011 | 1 Comment
I had a discussion with a client today looking to protect sensitive intellectual property in their source code. I discussed two primary areas of risk: 1) that the developers (some of which were offshored) might take the code and 2) once the code was distributed to customers, it might be reverse engineered or copied Addressing [...]
Category: Application Security Applications Information Security Tags: Application Security, Best Practices, Defense-in-Depth, Information Security
