Observations from Microsoft’s Management Summit
I’ve spent the past day and a half attending Microsoft’s Management Summit in Las Vegas. From my perspective the announcement that will affect the most enterprises from a security perspective was a...
View ArticleEven With Windows 7, Privilege Management Tools May be Needed
One of the top recommendations I made to increase your security “bang for the buck” in 2011 was to increase the percentage of users that run without administrative access. For clients, we’ve recently...
View ArticleTwo Lessons for Information Security from the iPhone and iPad
Rapid adoption rates, three hundred and fifty thousand apps, but not much malware. What gives? 1) The power of whitelisting. Call it what you may, but having Apple act as the steward of all...
View ArticleClik here to view.
Removing Administrator Rights for Windows Users is not “Lockdown”
In discussions with clients, I still run into some confusion on whether or not removal of administrator rights constitutes “lockdown”. Perhaps this was the case a few years ago with older Windows...
View ArticleMicrosoft’s Forefront Endpoint Protection – Is it “Good Enough”?
Licensing changes for Microsoft’s enterprise endpoint antimalware protection solution that were announced in March at Microsoft’s MMS conference take affect this month. If you are licensed under...
View ArticleThe Single Most Important Way to Improve Endpoint Security
Run more of your Windows users without administrator rights. I’ve talked about this several times before – including here, here and here. While it may not be feasible to remove administrator rights...
View ArticleWindows 8 Raises the Bar for Security
I’ve been out the past two weeks visiting with clients and have been meaning to summarize my impression of the upcoming Windows 8 (expected mid 2012) from a security point of view. I attended...
View ArticleUS Symposium Summary from a Security Perspective
Last week I attended Gartner’s US Symposium conference in Orlando. With 8,000+ attendees (25% of which were CIOs) and at least 1,000 more analysts, vendors and support staff, you can imagine it was...
View ArticleClik here to view.
If a Tree Falls in the Forest, is it Encrypted?
There’s a story behind the title of this blog Recently, I had a discussion in regards to Microsoft’s BitLocker with a client. One of the issues I call out in my research on BitLocker is that (unlike...
View ArticleWhat the Most Recent Zero Day in IE Should Teach Us
I saw yesterday that Microsoft had released the out of band patch for Internet Explorer as they had committed to do. Certainly, Microsoft’s motivation to quickly release the patch out of band was...
View ArticleObservations from Microsoft’s Management Summit
I’ve spent the past day and a half attending Microsoft’s Management Summit in Las Vegas. From my perspective the announcement that will affect the most enterprises from a security perspective was a...
View ArticleEven With Windows 7, Privilege Management Tools May be Needed
One of the top recommendations I made to increase your security “bang for the buck” in 2011 was to increase the percentage of users that run without administrative access. For clients, we’ve recently...
View ArticleTwo Lessons for Information Security from the iPhone and iPad
Rapid adoption rates, three hundred and fifty thousand apps, but not much malware. What gives? 1) The power of whitelisting. Call it what you may, but having Apple act as the steward of all...
View ArticleClik here to view.
Removing Administrator Rights for Windows Users is not “Lockdown”
In discussions with clients, I still run into some confusion on whether or not removal of administrator rights constitutes “lockdown”. Perhaps this was the case a few years ago with older Windows...
View ArticleMicrosoft’s Forefront Endpoint Protection – Is it “Good Enough”?
Licensing changes for Microsoft’s enterprise endpoint antimalware protection solution that were announced in March at Microsoft’s MMS conference take affect this month. If you are licensed under...
View ArticleThe Single Most Important Way to Improve Endpoint Security
Run more of your Windows users without administrator rights. I’ve talked about this several times before – including here, here and here. While it may not be feasible to remove administrator rights...
View ArticleWindows 8 Raises the Bar for Security
I’ve been out the past two weeks visiting with clients and have been meaning to summarize my impression of the upcoming Windows 8 (expected mid 2012) from a security point of view. I attended...
View ArticleUS Symposium Summary from a Security Perspective
Last week I attended Gartner’s US Symposium conference in Orlando. With 8,000+ attendees (25% of which were CIOs) and at least 1,000 more analysts, vendors and support staff, you can imagine it was...
View ArticleClik here to view.
If a Tree Falls in the Forest, is it Encrypted?
There’s a story behind the title of this blog Recently, I had a discussion in regards to Microsoft’s BitLocker with a client. One of the issues I call out in my research on BitLocker is that (unlike...
View ArticleWhat the Most Recent Zero Day in IE Should Teach Us
I saw yesterday that Microsoft had released the out of band patch for Internet Explorer as they had committed to do. Certainly, Microsoft’s motivation to quickly release the patch out of band was...
View Article
