Will the user define security policies in the future?
I think, I blogged about this event already earlier: Years ago I was meeting a customer and was talking about the future of IT. I was telling the audience (about 10 people including the Security Officer) that there is a good chance that IT will not define a set of hardware anymore but that the user will buy their own and use it for business. Additionally, different people have different ...
Get off XP or Risk your Business?
One of the highest hit rates I ever had on my blog was one I wrote right before Conficker broke out. I called it Playing Russian Roulette with your Network. The background was, that we released an out of band security update and our customers came back and asked us, whether they really shall deploy it – this situation then led to Conficker.
About 12 months from today, Windows XP will ...
Security in 2013 – the way forward?
Typically January is the month where we are asked to make predictions on the trends for the New Year. I do not like this as I am an engineer and not a fortune tellerJ. But there are things we know and things we definitely need to drive this year. I would actually put it into the context of typical hygiene of any IT environment.
Let's try to understand, where we stand ...
The Directory in the Cloud?
It seems that it is an eternity ago – and it is. Pretty much three years ago, Doug Cavit and me published a paper called the Cloud Computing Security Considerations. Even though it is three years, the paper is still worth reading as the content still applies. What we basically said was, that if you look at the Cloud, there are five areas of Considerations:
Compliance and Risk Management: Organizations shifting ...
When I tweeted last week that I am on my way to Algeria, I got quite some reactions and questions that I shall report how it was. So, let me try to briefly summarize my impressions.
I was invited to speak at a conference on certification in Algiers. Well, initially I pushed back as I . . . → Read More: Algeria: Conference on Certification (eID)
Today we were adding 17 additional markets to our Microsoft Security Essentials offering. I am really excited about that as all these markets are in EMEA: Algeria, Bahrain, Egypt, India, Jordan, Kuwait, Lebanon, Morocco, Oman, Pakistan, Qatar, Romania, Russia, Saudi Arabia, South Africa, Tunisia, and the United Arab Emirates. Additionally we added Russian an Romanian . . . → Read More: Microsoft Security Essentials – Coming even closer to you
This is a pretty interesting approach: During the Copenhagen conference now, United Nations Environment Programme, esa and the European Environment Agency launched a website called the Environmental Atlas of Europe. The goal of this atlas is to give examples where people, organizations or communities are already working on the climate change challenge and what they . . . → Read More: Climate: Environmental Atlas of Europe
Last week there was quite some discussion about “successful attacks” on Bitlocker. Those discussions are often quite interesting for me as they show sometimes that people are looking for one technical solution for all the problems.
Bitlocker has a clear threat model it wants to protect you from. This is mainly the loss of . . . → Read More: Summary of Bitlocker Discussions
You know, there are people who blog late, there are people who blog very late and then there is me…
I actually missed that one even though I was triggered: Mid November there was the Get Safe Online Week 2009 in the UK. Usually they do really good stuff and this is the reason I . . . → Read More: Get Safe Online: Don't be a Money Mule
It has nothing to do with security – I know but it is very, very, very cool!!!!
We just released the new Bing Maps explorer! The first thing you will see is that we integrated Photosynth and Silverlight. So, no tiles anymore when loading a map. It just comes smoothly. And zooming in to photos . . . → Read More: The New Bing Maps – Freaking Cool!!!
Oh, wow – sometimes the power of social media, the blogs and the Internet can backfire. I guess in the meantime you have seen the claims by Prevx that approx. 80 Mio of PCs are affected by the Black Screen of Death problems supposedly caused by our November Security Updates. This caused (and still causes) . . . → Read More: "Black Screen of Death" Reports
You know that I am a big fan of Security Development Lifecycles as we run it internally to build code which is more resilient against attacks. And I recently blogged on Security – A Feature Discussion? Some Thoughts on Google’s Chrome OS as I am convinced that it is much more important to look into . . . → Read More: Questions to Ask your (Security) Vendor