Gartner Blog Network

Category: 'beyond-anti-virus' Blog Posts

from the Gartner Blog Network

Full Drive Encryption is not just for Laptops

by Neil MacDonald  |  August 22, 2011

I’ve had two discussions with clients today already on the role of full drive encryption ( FDE technologies such as Microsoft’s BitLocker, McAfee Total Protection, Sophos/Utimaco, Symantec PGP, Check Point,...

Read more »

Comments: 3

Sand Castles and Advanced Persistent Threats

by Neil MacDonald  |  July 11, 2011

I’ve been absent from blogging for 2 weeks – first we had the Gartner Information Security Summit in DC and then I took some time off for a much-needed vacation....

Read more »

Don’t Trust Your Servers

by Neil MacDonald  |  June 17, 2011

One of the toughest problems in information security is addressing advanced intrusions that have bypassed traditional security controls and now reside undetected on enterprise systems. With financially motivated attacks and...

Read more »

Comments: 3

Improving Security by Killing Server and Desktop Workloads

by Neil MacDonald  |  June 16, 2011

It sounds counterintuitive, but today’s advanced threat environment requires new approaches to the ongoing security and management of server and desktop workloads. The trouble with Advanced Persistent Threats is that,...

Read more »

IT Operations and Security Convergence? Not Really.

by Neil MacDonald  |  May 17, 2011

I’m having lots of discussions with clients on Microsoft’s new Forefront Endpoint Protection offering that was released in December of 2010. In addition to recent licensing changes, the biggest change...

Read more »

Comments: 1

Removing Administrator Rights for Windows Users is not “Lockdown”

by Neil MacDonald  |  May 4, 2011

In discussions with clients, I still run into some confusion on whether or not removal of administrator rights constitutes “lockdown”. Perhaps this was the case a few years ago with...

Read more »

Two Lessons for Information Security from the iPhone and iPad

by Neil MacDonald  |  May 2, 2011

Rapid adoption rates, three hundred and fifty thousand apps, but not much malware. What gives? 1) The power of whitelisting. Call it what you may, but having Apple act as...

Read more »

Comments: 3

If Detection is “Security 101”, Why do we Keep Getting Nailed with APTs?

by Neil MacDonald  |  April 27, 2011

I’ve made the argument before that complete information security protection requires a combination of prevention and detection. Further, I believe we have overinvested, become overly reliant on and dangerously complacent...

Read more »

Comments: 3

Advanced Persistent Threats: Finding the Needle in a Haystack

by Neil MacDonald  |  April 14, 2011

Whether or not you agree with the use of the term “Advanced Persistent Threat” (APT), we can agree that there is a very real threat from advanced intrusions which persist...

Read more »

Comments: 4

“There’s no Such Thing as ‘Secure’ Anymore”

by Neil MacDonald  |  April 5, 2011

This sounds exactly like what I wrote here and here. However, this quote isn’t mine. This quote comes from Deborah Plunkett who head the US National Security Agency’s Information Assurance...

Read more »