|
||||||
10 Years of Trustworthy Computing at MicrosoftBefore joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this was 2001). Mainly they were along two lines: Oh, you are joining a desktop company? ... 
10 Reasons to migrate off Windows XPI would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handled very well by the industry. How you used technology, how you used the Internet, the ... 
Office 365 Becomes First and Only Major Cloud Productivity Service to Comply With Leading EU and U.S. Standards for Data Protection and SecurityA long title but this was the title of the official press statement yesterday. Compliance is always a key question in the public cloud space. Therefore it is very important for us that we now achieved three things: Office 365 is compliant with EU Model Clauses, Data Processing Agreements and ISO 27001 among other standards. Office 365 is the first and only major ... 
Cybersecurity–More than a good headlineA lot of governments all across the globe are working on starting, restarting or pushing their Cybersecurity initiative. What often concerns me is, that the last real headline has more impact on the strategy and the themes to be addressed than a structure or a plan or a strategy. This made us thinking about what is needed to run a successful Cybersecurity Agenda within a country? What themes ought to be ... 
A lot of governments all across the globe are working on starting, restarting or pushing their Cybersecurity initiative. What often concerns me is, that the last real headline has more impact on the strategy and the themes to be addressed than a structure or a plan or a strategy. This made us thinking about what . . . → Read More: Cybersecurity–More than a good headline If you are a regular reader of my blog, you should know the Security Compliance Manager (if you are not, you should become a regular reader of my blog ). Version 2 of the Microsoft Security Compliance Manager (SCM 2) is now available for download. If you do not know it, this is the way . . . → Read More: Microsoft Security Compliance Manager 2 ready for download The Enhanced Mitigation Experience Toolkit is definitely not new but I recently realized that not too many people know about it – and they should. EMET helps you to raise your shields against zero-days and any exploit in the wild. I do not say that it is a silver bullet but it is definitely going . . . → Read More: EMET–Protection Against Zero-Days I know, that’s the second time now I am doing this comparison thingy and I promise that I will stop again and deliver you a cool tool as the next post but I read this article: Why I’ve finally had it with my Linux server and I’m moving back to Windows – be sure that . . . → Read More: Moving from Linux to Windows Well, I have to admit – I am biased. I never used an iPhone in my life and based on my experience with my iPod, I hope I never have to, but who knows. I really do not like the UI which – to me – is everything but user friendly and the worst thing . . . → Read More: Comparing Windows Phone 7 and iPhone A lot of countries are currently looking at their capabilities to defend their networks as well as leveraging technology for offense doing “Cyberwarfare”. Let’s now not debate where this starts or ends… Pakistan is another example: Pakistan to open cyber warfare school I can understand where governments and militaries are coming from but this deeply . . . → Read More: Another Cyberwarfare School–better keep them employed! A few years ago I posted on DaRT after having seen it: Microsoft Diagnostics and Recovery Toolset. It is a really good an interesting tool for a lot of problems, one of them being incident response. I just stumbled across one article describing this: Using the Microsoft Diagnostics and Recovery Toolset (DaRT) for Incident Response. . . . → Read More: Using the Microsoft Diagnostics and Recovery Toolset (DaRT) for Incident Response This is actually an interesting approach: VeriSign Proposes Takedown Procedures and Malware Scanning for .Com. This leads to the discussion I have so often: What is more important? The single website or the greater good? Now, do not get me wrong: I see the risks of VeriSign taking down microsoft.com because a blog hosted there . . . → Read More: VeriSign to Take Down Malware Sites? It is not that rare for Law Enforcement that they use software to spy in the case of severe accusations like terrorism. What is kind of surprising is the level of sophistication some of these Trojans seem to have – and not necessarily to the good side. The German Chaos Computer Club analyzed the Trojan . . . → Read More: German’s Government-Created Trojan Vulnerable Interesting: Microsoft takes the Android profit, the Wonkas take the pain I quote: Yet Android costs Google billions, without drawing revenue. Microsoft is making half a billion a year from Android. The settlement with Oracle, when it eventually comes, will add even more costs to working with Android – for anyone who dabbled with it. . . . → Read More: Why Patents are not here to be violated: Google’s challenges with Android |
|
|||||
|
Copyright © 2012 Roger Halbheer on Security - All Rights Reserved |
||||||
