There were just new resources released for the Security Compliance Manager: the Windows Server 2008 R2 Security Baseline and the Office 2010 Security Baseline, and setting packs for Windows 7 and Internet Explorer 8. This packs help you to manage your security and compliance. The Security Compliance Manager works with the Microsoft Assessment and Planning…Details
It is kind of strange, whenever I talk to governments and customers, everybody seems to agree that basic malware protection should be for free or even integrated into the OS. I am talking about malware, which is â€œinstalledâ€ by the user as wellâ€¦ However, it seems that not everybody is happyâ€¦ Security firms blast Microsoft…Details
Since quite a while I am not satisfied with the way we (in the industry) are doing risk management. In my early days, before I was actually entering the security space, I was doing project management and as part of it risk management. The way we did it was fairly simple (as probably most of…Details
We recently released a paper called The Economics of Cloud Computing for the EU Public Sector, which is actually valid for every other European country as well as it is not too narrowly focused on the EU only. Additionally there is a US-version of the paper as well.
Now, Gartner commented on it as well with “Microsoft offers a refreshing perspective on government clouds”.
We are huge supporter of the Convention on Cybercrime by the Council of Europe. The reason for this is that we are convinced that there is a need of a certain level of harmonization across the Globe regarding cybercrime laws. Today I learned, that Turkey signed the convention yesterday. This is a great achievement and…Details
If you use Hotmail, you should enable full session SSL in my opinion. Additionally we use SSL for additional services like Skydrive etc. However, there are some caveats. Read the blog post on that:
Hotmail security improves with full-session HTTPS encryption
I will be at the ISF Congress in Monte Carlo from tomorrow on. If you are there as well and want to meet, drop me a mail
It is actually the first event since a long time I am just going to participate, not to hold any speeches
You know that I am propagating the adoption of cybercrime legislation, which is aligned across the Globe. Something, which is absolutely necessary if we want to fight Cybercrime. Basically we are asking governments to consider the Cybercrime Convention (aslo known as Budapest Convention) by the Council of Europe. Now it seems, that Russia is considering…Details
We all know that Windows XP is rock-solid but not capable anymore to defend against todayâ€™s attacks and the same is true for IE6. Having been great products, when they were launched, the threat landscape changed significantly since then. Windows 7 has a great potential to help customers now move away from Windows XP and…Details
I already have a problem the way tourism develops on Mount Everest (definitely understanding that some people in the region can make money and a living of it) but now you can even get fast Internet on the base camp: Peak signal: 3G cell service comes to Mount Everestâ€¦ Is this the way to go?…Details
An interesting analysis by the Malware Protection Center:
Usually I blog intensively on the release of the Security Intelligence Report. However, this time I am out of office and have just little time to give you insight. We spent a lot of work to make it more comprehensive and give you a more stable view over quite some time. So there is a…Details
I am preparing the worldwide Chief Security Advisor meeting in Seattle, which takes place soon. I am doing at in the Swiss Alps. Isnâ€™t fall in the Alps great?
Thatâ€™s the power of home office
Stuxnet is a severe threat â€“ thatâ€™s something we know for sure. But if we look at it â€“ what do we really know? What can we learn? Letâ€™s start from the beginning. As soon as Stuxnet hit the news, it was interesting to see, what was happening. There was a ton of speculation out…Details
An interesting question, posed by V3.co.uk: Can cloud security ever work? â€“ How relevant is the question by itself? When computers and especially personal computers were introduced, people asked as well whether the security on a PC will ever work â€“ the question is just not relevant. Letâ€™s face it: The Cloud will come! Period. We just have to figure out, how we will manage risks in the Cloud â€“ thatâ€™s our job.Details