Consumerization of IT–How to address this
Bring Your Own Device or Consumerization of IT are fairly hot themes in a lot of customer organizations. When I talk to customers, there are typically different reactions, once we bring this up. Some tell us, that it is not part of their strategy; some tell us that they plan to do it but that they have a hard time figuring out, how to secure such an environment; very, very ...
10 Years of Trustworthy Computing at Microsoft
Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this was 2001). Mainly they were along two lines: Oh, you are joining a desktop company? ...
10 Reasons to migrate off Windows XP
I would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handled very well by the industry. How you used technology, how you used the Internet, the ...
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and Security
A long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. Office 365 is the first and only major ...
Questions to Ask your (Security) Vendor By Roger Halbheer, on December 1st, 2009 You know that I am a big fan of Security Development Lifecycles as we run it internally to build code which is more resilient against attacks. And I recently blogged on Security – A Feature Discussion? Some Thoughts on Google’s Chrome OS as I am convinced that it is much more important to look into the process how software is engineered rather than the features of the products – they come second in my opinion.
This morning I read an article called Questions to Ask Your Security Vendor. Well, I am not clear why you should only ask the questions to your security vendor as they are completely process related – ask them to all your vendors and think about the answers when you use publically available code as well to run your business on.
I think the questions in the article are great and absolutely to the point! Read them and ask them
Roger
Related posts:
- Security Development Lifecycle Template – Your next step to "Secure Development"
- Security – A Feature Discussion? Some Thoughts on Google's Chrome OS
- Service Oriented Architecture and the Security Implications
- Russian Roulette with your Network (part 2)
- Risk of Outsourcing (and Security Outsourcing)
Leave a Reply
|
|
|
