Neil MacDonald

A member of the Gartner Blog Network

Entries Tagged as 'Reducing Cost'

Does Protecting Desktops Require a Different Vendor/Product than Protecting Servers?

by Neil MacDonald  |  September 29, 2011  |  2 Comments

I’ve made it a point over the past 6 months to ask clients if they are combining their endpoint protection platform contracts across desktops, laptops and servers. In most cases (about 75%), the answer is yes – contracts are being combined in order to reduce complexity and costs. Is protecting a desktop different than a […]


Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure     Tags: , , , , , , , ,

Security Thought for Thursday: We are Overspending on Traditional Security Controls

by Neil MacDonald  |  July 14, 2011  |  Comments Off

We can’t secure everything equally, nor does everything need to be equally secured. What we need is a context-aware, risk-based view of where to focus our efforts where part of the context is the business value and sensitivity of the asset we are protecting.

Comments Off

Category: Information Security Security Intelligence     Tags: ,

IT Operations and Security Convergence? Not Really.

by Neil MacDonald  |  May 17, 2011  |  1 Comment

I’m having lots of discussions with clients on Microsoft’s new Forefront Endpoint Protection offering that was released in December of 2010. In addition to recent licensing changes, the biggest change over the pervious release (formerly called Forefront Client Security) is the change out of the management, policy and reporting infrastructure underneath to be based on […]

1 Comment »

Category: Beyond Anti-Virus Endpoint Protection Platform Information Security     Tags: , , , , , , ,

Yes, Standard Users can Install Software

by Neil MacDonald  |  March 15, 2011  |  Comments Off

The conventional wisdom is that a user who is configured with “standard user” privileges (the least possible in Windows 7) cannot install software (or malware for that matter). This is incorrect. Software that writes to the user’s data directory, and that doesn’t write to protected portions of the registry, can install correctly as a standard […]

Comments Off

Category: Endpoint Protection Platform Microsoft Security Windows 7     Tags: , , , , , , ,

One Big Take Away From RSA: Intelligence

by Neil MacDonald  |  March 1, 2011  |  1 Comment

As I walked the exhibit hall floor at RSA, I couldn’t help but notice the large numbers of vendors talking about the need for improved detection capabilities and security intelligence that provides actionable insight as to what is going on in our IT infrastructure. Complete protection requires both prevention and detection capabilities. I’ve blogged about […]

1 Comment »

Category: Beyond Anti-Virus Endpoint Protection Platform Security Intelligence     Tags: , , , ,

Improving Your 2011 Security Bang for the Buck Continued

by Neil MacDonald  |  January 6, 2011  |  Comments Off

In my previous post, I kicked off 2011 with a recommendation for improving your “security bang for the buck” or quick wins for information security in 2011 – increasing patching breadth and depth. Here’s a few more to consider in 2011: In a response to this post on the value (or lack thereof) of antivirus […]

Comments Off

Category: Beyond Anti-Virus Cloud Security Endpoint Protection Platform Windows 7     Tags: , , , , , , , ,

Antivirus is Dead. Long Live Antivirus.

by Neil MacDonald  |  December 23, 2010  |  5 Comments

Signature-based antimalware detection is increasingly ineffective against an explosion in the number of malware variants as well as an increase in the number of financially motivated targeted attacks. Does this mean we get rid of antivirus technology altogether? Not at all. What it means is that we can no longer protect endpoints using signature-based mechanisms […]


Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Virtualization Windows 7     Tags: , , , , , ,

More Pressure on the Antivirus Vendors: Free AV for Midsize Enterprises

by Neil MacDonald  |  September 24, 2010  |  Comments Off

Microsoft Security Essentials (MSE) is a free consumer offering originally delivered to market in 2009 based on the same engine and anti-malware feeds that are used within Microsoft’s for-fee enterprise-oriented Forefront Endpoint Protection (FEP). I saw this announcement from Microsoft earlier in the week. From the announcement: For this reason, Microsoft is announcing that beginning […]

Comments Off

Category: Endpoint Protection Platform Microsoft Microsoft Security     Tags: , , , ,

Stop Paying for Anti-Spyware

by Neil MacDonald  |  May 18, 2009  |  1 Comment

I had a conversation with a client last week where their incumbent antivirus provider was trying to charge them separately for antispyware capabilities in addition to their antivirus solution. Sigh. I thought we put this issue to rest years ago. In 2005, I wrote ”How to Get Free Anti-spyware (or Antivirus) Protection” so I was […]

1 Comment »

Category: Beyond Anti-Virus Endpoint Protection Platform     Tags: , ,

Save a Million Dollars

by Neil MacDonald  |  May 13, 2009  |  Comments Off

Seriously. Rather than pay for an expensive custom support agreement for NT v4 or (soon) Windows 2000, why not just keep these older systems around? Ditto for OSs from other vendors that are (or will soon be) “out of support”. Are these systems vulnerable? Probably. But this is a fallacious argument. Even our supported systems […]

Comments Off

Category: Information Security     Tags: