Gartner Blog Network

Posts from Date:   2010-11

Rental Cars and Infrastructure Security

by Neil MacDonald  |  November 29, 2010

I was out last week on holiday to visit my family for the US Thanksgiving holiday. We flew into the regional airport and rented a car. As we were driving to my parent’s house, I started thinking about the protection capabilities built into the rental car: front and side air bags; automatic seat belts; antilock […]

Read more »

You Don’t Have to Own Identity in Order to Consume Identity

by Neil MacDonald  |  November 15, 2010

I’m here this week in San Diego at Gartner’s Identity and Access Management Summit. I’ve been associated with Gartner’s identity-related research from 1995 when I joined Gartner to cover Novell and directory services. I’ve atached identity change over the past 15 years. Directory services evolved into metadirectories which evolved into user provisioning which has evolved […]

Read more »

Why Does Identifying Data Owners Have to be so Hard?

by Neil MacDonald  |  November 10, 2010

One of my readers sent in this picture from one of their offices. They are moving locations, so all of the file cabinets need to be indentified with clear owners. Take a look: The pink labels (on every file cabinet) say “unidentified cabinet” – meaning the cabinet has no clear owner and the contents are […]

Read more »

Cloud Computing Will be More Secure

by Neil MacDonald  |  November 9, 2010

I presented a session exploring this provocative point of view at Gartner’s US Fall Symposium titled “Why Cloud Computing Will be More Secure Than What You Have Today”. This Wednesday afternoon presentation was a part of Gartner’s “Maverick Track” where presentations that challenge conventional wisdom are provided for clients. If you attended Symposium and weren’t […]

Read more »

Lessons from the Windows Firewall on the Evolution of Virtualization Security

by Neil MacDonald  |  November 8, 2010

In this research note on deploying Windows 7 security features for clients, I explore in detail the security capabilities baked into Windows 7 – AppLocker, BitLocker, BitLocker To Go, the Windows Firewall, USB Port Control and so on. One question I get from clients is whether or not to use the built-in capabilities of Windows […]

Read more »

A Good IPS Isn’t Necessarily a Good IDS

by Neil MacDonald  |  November 5, 2010

Is IDS dead? Not at all. I previously blogged that complete protection will require a combination of prevention and detection. Protection = Prevention + Detection We cannot and will not be 100% successful in preventing all attacks. Many organizations continue to spend an ever-increasing amount of the IT budget in a futile attempt to prevent […]

Read more »

Redefining Information Security

by Neil MacDonald  |  November 1, 2010

The traditional definition of information security has been something like the protection of the confidentiality, integrity, availability, authenticity, possession, utility and no-repudiation of our information assets. How about a new way of thinking about information security: Getting the right information to the right entity at the right time in the right context to take the […]

Read more »