You can't secure what you don't acknowledge.SM

Thursday, October 6, 2011

My latest bits on Windows 7, Microsoft SCM and Metasploit

Here are some new pieces I've written for my friends at TechTarget on Windows security that you may be interested in including bits on the often overlooked but oh so valuable Security Compliance Manager and Metasploit:

Using Windows 7 management tools to your advantage

Getting to know Security Compliance Manager

Why aren’t you using Metasploit to expose Windows vulnerabilities?

You know the deal, be sure to check out for links to all of my information security whitepapers, podcasts, webcasts, books and more.

Wednesday, October 5, 2011

Join me at the CDW - TechTarget seminar in Phoenix next week

If you happen to be in or around Phoenix, AZ next Thursday October 13th, I'd love it if you could join me at the TechTarget / CDW seminar: Predictive Security: Plan Ahead to Stay Ahead of the Next Threat.

I'll be giving the keynote and combined breakout session in addition to the sessions provided by other vendor experts. We'll close out with a lively Q&A that I know you'll enjoy.

If you can't make the Phoenix event, I'll be in Philly and New York next month so perhaps our paths will cross in one of those cities.

For what it's worth, here's a sampling of audience feedback on my keynote and breakout sessions from our Boston event two weeks ago and our Dallas event that took place in August:
  • Kevin was great - perspective with lots of practical suggestions.
  • Perfect speaker, enjoyable to listen to.
  • Awakening presentation.
  • Great speaker, very knowledgeable.
  • Left me thinking.
  • Great job! Very enjoyable.
  • Excellent insight and perspective
  • Outstanding Presentation
  • Good lead into sessions for participants
  • Insightful view of foundation related tasks for security
  • Set the stage and energy level right
  • Kevin is a good speaker
  • Really good relevant quotes and analogies
Hope to see you soon!

Information security's bond with e-discovery is strengthening

We're seeing more and more how information security and e-discovery go hand in hand. Here are two new pieces I've written that delve into the subject. I hope you enjoy.

Information security’s tie-in with the e-discovery process

Lax enterprise mobile device management hampers e-discovery

As always, be sure to check out for links to all of my information security whitepapers, podcasts, webcasts, books and more.

Tuesday, October 4, 2011

Should You Ban Facebook at the Office?

In the whitepaper To Block or Not. Is that the Question?, Palo Alto Networks explores the issue of "Enterprise 2.0" applications such as Facebook, Skype, Twitter and YouTube and how users are now in control of the network. Meanwhile, IT staff is saying "just block it!" and users say "just don't block it!," but it's not that simple. As the whitepaper points out, the real answer lies in your ability to see what's actually going on on the network and then decide on the best fit for your organization.

An interesting bit from the whitepaper is that 69% of respondents to a McKinsey study say their companies have gained measurable business benefits, including more innovative productsand services, more effective marketing, better access to knowledge, lower cost of doing business and higher revenues because of Enterprise 2.0 software (while IT staffers argue the opposite: that these applications DON'T boost the bottom line). Knowing that most traditional security controls will block their software, developers of Enterprise 2.0 applications look for ways to circumvent the system so that employees and other users can get access anyway (necessity is the mother of invention, right?).

For governance to work, IT should play a big part in the definition of policies, but not be the sole owner of those policies (something I've been ranting about for years because policy creation and enforcement is an HR, legal and management issue — not an IT issue). I have a client that's experiencing this very dilemma with social media right now. Company managers want to provide Facebook access for their employees. However, recent malware outbreaks have compromised several company systems and placed its network at risk. They have policies and antivirus software, but not anti-spyware protection which would have (presumably) blocked the
infections. We're now working on a plan for moving forward to keep users happy and minimize business risks at the same time.

These new applications are presenting a Catch-22 that's throwing many small and medium-sized businesses for a loop. There are no good answers right now. If you take anything from this, just know you have to do your homework and understand the risks/benefits. Blocking or no blocking, the angles to this issue are still being worked out — one business at a time. Stayed tuned and, in the meantime, stay vigilant.