Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Virtualization Security Roundup

There have been some great articles, data, surveys and analyst reports over the last few weeks on virtualization security and I wanted to share and consolidate some of those here. Jon Brodkin of Network World on how “most virtualized workloads are being deployed insecurely” but they don’t have to be. He speaks to hypervisor vulnerabilities…

Post by Peter McCalister November 12, 2010

Too Many Regulatory Standards, Only One Tool Please

About every two years, I indulge myself with a new laptop. This time, I waited almost three years and will be retiring my old Dell XPS M1330 for a new Alienware M15x. I wanted raw horsepower for virtual machines in a laptop format and was not as concerned about battery life (since I carry an…

Post by Morey Haber November 12, 2010
, , , , , , , , , , , , , , , , ,

What’s New in PCI DSS 2.0?

On October 28, 2010, the PCI Security Standards Council unveiled version 2.0 of the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS has not had an update since version 1.2 in October 2008. The recent “Summary of Changes” document released by the PCI Security Standards Council (SSC) covers the proposed changes in version…

Post by Peter McCalister November 11, 2010

Misuse of Privilege Soap Box

When I saw Nick’s

Post by Peter McCalister November 10, 2010

Microsoft Patch Tuesday – November 2010

Finally a reprieve from the barrage of Microsoft Patches. This month, Microsoft only released 3 security bulletins, patching a total of 11 vulnerabilities. Good news for IT server admins, as the patches only affected Microsoft Office and Microsoft Forefront Unified Access Gateway. This means that most of you won’t need to reboot your servers this…

Post by Chris Silva November 10, 2010

Top 10 Reasons To Implement Least Privilege on Windows Desktops

In the spirit of keeping blog posts informative, short and fun, this one takes a cue from David Letterman in format.

Post by Peter McCalister November 9, 2010

The 6 Things You Should Know Before Migrating to Windows 7

Microsoft has done a great deal of exceptional work in improving Windows 7 from its predecessor, Windows Vista.

Post by Peter McCalister November 8, 2010

5 Things You Should Know About Microsoft AppLocker

Microsoft AppLocker has also been touted as the next best thing in desktop security (in addition to UAC) but does it really satisfy all you need in order to ensure security, compliance and productivity?

Post by Peter McCalister November 5, 2010

Simplified Vulnerability Management – Mission Statement

Almost every company has a mission statement. Some companies make them public and a part of their marketing campaigns, tag lines, and actual products. Others keep their mission statements internal, almost like a prized position, and keep them for only training and hallway posters. One thing I have learned at eEye as the Product Manager,…

Post by Morey Haber November 5, 2010

Health Care Data Requires Sensitive User Access Control

Of the many recently reported data breaches from hospitals and health care organizations

Post by Peter McCalister November 4, 2010