|
||||||
Will the user define security policies in the future?I think, I blogged about this event already earlier: Years ago I was meeting a customer and was talking about the future of IT. I was telling the audience (about 10 people including the Security Officer) that there is a good chance that IT will not define a set of hardware anymore but that the user will buy their own and use it for business. Additionally, different people have different ... 
Get off XP or Risk your Business?One of the highest hit rates I ever had on my blog was one I wrote right before Conficker broke out. I called it Playing Russian Roulette with your Network. The background was, that we released an out of band security update and our customers came back and asked us, whether they really shall deploy it – this situation then led to Conficker. About 12 months from today, Windows XP will ... 
Security in 2013 – the way forward?Typically January is the month where we are asked to make predictions on the trends for the New Year. I do not like this as I am an engineer and not a fortune tellerJ. But there are things we know and things we definitely need to drive this year. I would actually put it into the context of typical hygiene of any IT environment. Let's try to understand, where we stand ... 
The Directory in the Cloud?It seems that it is an eternity ago – and it is. Pretty much three years ago, Doug Cavit and me published a paper called the Cloud Computing Security Considerations. Even though it is three years, the paper is still worth reading as the content still applies. What we basically said was, that if you look at the Cloud, there are five areas of Considerations: Compliance and Risk Management: Organizations shifting ... 
A long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. . . . → Read More: Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and Security If you are a regular reader of my blog, you should know the Security Compliance Manager (if you are not, you should become a regular reader of my blog ). Version 2 of the Microsoft Security Compliance Manager (SCM 2) is now available for download. If you do not know it, this is the way . . . → Read More: Microsoft Security Compliance Manager 2 ready for download You heard about the launch of Office365 recently and I hope you read the blog post on the application of the Cloud Computing Security Considerations to the private. cloud. If not, here it is: Security Considerations in a Private Cloud To complete the series now, we released an additional paper on how these considerations can . . . → Read More: Cloud Security in Office365 Back at the times of outsourcing, there was real tension between IT and the business. Internal IT had the “comfortable” position of having a monopoly: The business used the internal IT and basically just had to pay the bill. Then times came, where the business was not satisfied anymore. That basically started with the time . . . → Read More: Does the business really hate IT? Fairly often I am asked whether the Security Guides for our products still exist. The good news is: They do. The bad news is: They are called differently The previously stand-alone Microsoft product-specific security guides are now included within the Microsoft Security Compliance Manager (SCM) tool, which I blogged about several times already (e.g. . . . → Read More: Rediscover Microsoft Security Guides There were just new resources released for the Security Compliance Manager: the Windows Server 2008 R2 Security Baseline and the Office 2010 Security Baseline, and setting packs for Windows 7 and Internet Explorer 8. This packs help you to manage your security and compliance. The Security Compliance Manager works with the Microsoft Assessment and . . . → Read More: New Baselines for the Security Compliance Manager Last week, when I was in South Africa, a partner of us pointed me to a very interesting paper by KPMG called Cloud computing: Australian lessons and experiences. What I like is, that a lot of the items I was recently raising, where actually reflected in quotes by customers of Cloud providers as well as by the general findings of the study. The final conclusion is to me that there are a lot of security benefits moving to the Cloud. . . . → Read More: Customer Experience: Security Can Improve in the Cloud Our Trustworthy Computing team published a very good paper on Data Governance in the Cloud including areas to consider as well as some real hints how to appraoch it. . . . → Read More: Data Governance in the Cloud I recently blogged about the Beta version of our Security Compliance Manger, helping you to manage the security baselines in your organization. There are some screenshots in the corresponding post: Making the Management of Security Compliance Easier! Now, we released the final version of it. It can be found here: Microsoft Security Compliance Manager Roger . . . → Read More: Microsoft Security Compliance Manager: Now available! |
|
|||||
|
Copyright © 2013 Roger Halbheer on Security - All Rights Reserved Powered by WordPress & Atahualpa |
||||||
