As most of you as well, I was looking for information and opinions on Cloud Security over the last year. I found a lot of papers but when I talk to our customers I realize that they think about the Cloud but Cloud Security is mainly something for the specialists – which it is not . . . → Read More: Cloud Security Paper: Looking for Feedback
|
||||||
10 Years of Trustworthy Computing at MicrosoftBefore joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this was 2001). Mainly they were along two lines: Oh, you are joining a desktop company? ... 
10 Reasons to migrate off Windows XPI would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handled very well by the industry. How you used technology, how you used the Internet, the ... 
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and SecurityA long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. Office 365 is the first and only major ... 
Cybersecurity–More than a good headlineA lot of governments all across the globe are working on starting, restarting or pushing their Cybersecurity initiative. What often concerns me is, that the last real headline has more impact on the strategy and the themes to be addressed than a structure or a plan or a strategy. This made us thinking about what is needed to run a successful Cybersecurity Agenda within a country? What themes ought to be ... 
As you might know, it was time for the Data Protection Day in Europe again. Unfortunately I did not find the videos from this year’s competition yet but I guess we will find them later on the page and on YouTube. However, we released a study on Privacy which is pretty interesting. Find the summary . . . → Read More: Data Protection Day: An Interesting Study Just to make sure you have seen that: We just released a blog Security Advisory 979352 – Going out of Band Quoting the blog: Based on our comprehensive monitoring of the threat landscape we continue to see very limited, and in some cases, targeted attacks. To date, the only successful attacks that we are aware . . . → Read More: IE Vulnerability: Going Out of Band There was and still is a lot of noise regarding the Internet Explorer vulnerability reported in Microsoft Security Advisory 979352 – including the normal discussion about which browser is most secure. A discussion I do not want to get into here but I think it is necessary to lay out the facts instead of all . . . → Read More: Update on the Internet Explorer Vulnerability I guess you might have seen it by now but if not, please make sure you read and understand the material available: This night we released a Security Advisory on a Vulnerability in Internet Explorer Could Allow Remote Code Execution. The reason for that is that our investigations have shown that this vulnerability was one . . . → Read More: Security Advisory on the recent Internet Explorer Vulnerability The recent IE attacks have show again that the current technology built in Windows Vista and Windows 7 could at least help to mitigate the attacks. One of these technologies which could be used more broadly is Data Execution Prevention (DEP). Here is how to switch DEP on (it is fairly well hidden). First, enable . . . → Read More: Leveraging Data Execution Prevention (DEP) Often when I talk to our customers and they ask me about the cloud, a lot of questions come up. Most of them are security related (obviously) but some of them are more management focused. For example the question about how to manage a hybrid environment, where part of your business is run on premise, . . . → Read More: HP and Microsoft Partnership: That's What You Need in the Cloud A few days ago, I blogged on Tired of Web 2.0? Kill your Online Identities – an automated way to “disappear” from Web 2.0 (actually Facebook has banned the tool since…). Today, I was reading an article called Un-Google Yourself. Trust me, I am not explicitly looking for such approaches but seem to find them . . . → Read More: Un-Google Yourself: Remove your Web Content No, this is not a joke. If you are tired of all the discussions about Web 2.0, the privacy breaches and the related problems, you can commit Web 2.0 Suicide. There is a Web 2.0 Suicide Machine – but we warned before you do it – this process seems to work and is not reversible. . . . → Read More: Tired of Web 2.0? Kill your Online Identities When the industry prepared for the Year 2000, I was working in a consulting company living good from doing reviews on Y2k-projects. Then the year 2000 came and nothing happened (besides a big party). Then year 2010 came – and the bug actually got hold of us. Initially I thought that I was reading a . . . → Read More: The "Year-2010"-Problem: Failure of ATM cards! |
|
|||||
|
Copyright © 2012 Roger Halbheer on Security - All Rights Reserved |
||||||
