Will the user define security policies in the future?
I think, I blogged about this event already earlier: Years ago I was meeting a customer and was talking about the future of IT. I was telling the audience (about 10 people including the Security Officer) that there is a good chance that IT will not define a set of hardware anymore but that the user will buy their own and use it for business. Additionally, different people have different ...
Get off XP or Risk your Business?
One of the highest hit rates I ever had on my blog was one I wrote right before Conficker broke out. I called it Playing Russian Roulette with your Network. The background was, that we released an out of band security update and our customers came back and asked us, whether they really shall deploy it – this situation then led to Conficker.
About 12 months from today, Windows XP will ...
Security in 2013 – the way forward?
Typically January is the month where we are asked to make predictions on the trends for the New Year. I do not like this as I am an engineer and not a fortune tellerJ. But there are things we know and things we definitely need to drive this year. I would actually put it into the context of typical hygiene of any IT environment.
Let's try to understand, where we stand ...
The Directory in the Cloud?
It seems that it is an eternity ago – and it is. Pretty much three years ago, Doug Cavit and me published a paper called the Cloud Computing Security Considerations. Even though it is three years, the paper is still worth reading as the content still applies. What we basically said was, that if you look at the Cloud, there are five areas of Considerations:
Compliance and Risk Management: Organizations shifting ...
Just a brief one: the Security Compliance Management Toolkit Series has been updated to incorporate Internet Explorer 8 and Windows 7. So, to help you to manage security and compliance in your environment, you should have a look at it: http://technet.microsoft.com/en-us/solutionaccelerators/cc835245.aspx
Recently we announced the availability of the Enhanced Mitigation Evaluation Toolkit. This is a toolkit which makes it easier to defend your application on different levels – free of charge. Read the post done by our Security Research and Defense guys: Announcing the release of the Enhanced Mitigation Evaluation Toolkit
At the moment I invest a lot of my time in a Whitepaper on Client and Cloud Security. There are a few fundamentals, which are already clear to me:
You will not be able to run a trusted cloud ecosystem without a trusted client and trusted interactions. So, the End to End Trust model is . . . → Read More: Secure Datacenter, Secure Cloud, Secure Government
Get ready for the swineflu:
This morning I read the following article: Microsoft can help kill fake antivirus threat. And interesting approach. The proposal is that we could white-list all the legitimate security software within the OS in order to make it harder to trick the user. Well, would this work? I am not so sure:
First of all, what . . . → Read More: Could Microsoft solve the scareware problem?
Our EMEA Security Program Manager, Henk van Roest, started this series internally and with his consent I am publishing it here in my blog as I think it contains a lot of great information for you to use.
Security — you hear about it every day. Being responsible for information security can be a daunting . . . → Read More: Why it pays to be secure – Chapter 3 – But how do I?
COFEE is a tool available to Law Enforcement only to capture online evidence with a little training as possible. The idea behind the tool is, that there is little need for high-trained staff to be available during e.g. house searches and that a normal, much less trained officer can capture all the data. Until today, . . . → Read More: COFEE now distributed via a NW3C as well
Beginning of this year, I tried to understand, whether we can show a collaboration between Piracy (stolen software) and Malware Infections. I played a little bit with the data I had available and came to the conclusion, that there most probably is: Is there a Correlation between Stolen Software (Piracy) and Security/Patching?
Now, the Business . . . → Read More: Software Piracy – A Threat to Security!
Quite a while ago I blogged about the SharePoint External Collaboration Toolkit. I just wanted to make you aware that this toolkit is now moved to Codeplex and can be found here: http://cks.codeplex.com/
The development in Africa especially with the new broadband services to me is a huge chance for the whole continent.
I just found this map on the next two years:
Even though I have not been in Africa over the last few months, I heard that in different cities fiber . . . → Read More: The Africa Cable – A Chance for Africa! – A Threat for the Internet?