Our thoughts, industry views and technology trends


Russell Smith
July 7th, 2011

Configure Application Whitelisting for Citrix GoToMeeting

One of the comments I receive most frequently from attendees of my Least Privilege webinar is that web conferencing software, such as Citrix’s popular GoToMeeting, prevents IT departments moving forward with least privilege on the desktop. This kind of software can pose a problem as users are often requested to join meetings at short notice and need to install a client program to participate in the conference. In this post I’ll focus on GoToMeeting, but some of the information could also be applied to other software.


Continue Reading

Fear and Loathing in Las Vegas – Advanced attacks and the InfoSec dream

During August members of the InfoSec community leave the comfort of their ergonomic desks and head out into the Nevada desert on a spiritual pilgrimage to Las Vegas. This mass movement is no coincidence, the draw is clear with Black Hat, DEF CON, BSides Vegas and the Star Trek Convention all occurring within a week. If you have an interest in offensive security, protecting data or ensuring your car cannot be remotely hijacked, Las Vegas is the place to be in August.

Continue Reading

Windows 10 whitelisting will not be for everyone

Windows 10′s security overhaul offers a lot but beware its complexities and limitations

With the arrival of Windows 10 in late July, businesses must once again pose many of the same questions that presented themselves at the time of the launch of Windows 8 in 2012, Windows 7 in 2009 and, for those with long enough memories, Windows XP in 2001.

Continue Reading

Turning Concern into Action

Edward Snowden’s data leakage at the NSA has certainly caused a ripple effect across the entire IT landscape, forcing organizations across all industries to take a closer look at their current security defenses. At the McAfee FOCUS conference in October this year, we conducted a survey to examine just how closely security professionals were rethinking their approaches to security as a result of the NSA incident. And just as important – if not more – was determining how many of those professionals were actually converting these attitudes to action.

Continue Reading

The Rise and Rise of ‘Standard’ Mode

User Account Control was a great idea but it has taken privilege management to fulfill its potential

How did computer security get into such a troubled and confused state? It’s a question security professionals must ask themselves on a daily basis as they face demands that threaten to explode budgets while offering no guarantee that any of the expensively-assembled defenses will actually work.

The roots of the malaise goes back to the early years of the millennium when enterprises and consumers using Windows 2000 and Windows XP were suddenly ambushed by waves of clever software attacks that warned the world that criminals had floored an evolutionary accelerator pedal. By the time XP and Windows received its first major security upgrade in the form of Service Pack 2 in 2004, it was becoming clear that security had entered an unsettling era that might take decades to play out.

Continue Reading

Whose job is it to watch the Admins?

Administrators, privileged network deities or just a type of ordinary network user much the same as anyone else?  Years into an age where IT security has become a mainstream topic, this remains the sort of polarizing question that can provoke one of two reactions; shock or relief.

Continue Reading