Server and Domain Isolation Tech Center

Maybe you are not quite as behind the times as I am, but I just found out that there is a new Server and Domain Isolation (yes, that is the correct word order) Tech Center at http://www.microsoft.com/sdisolation. Server and Domain Isolation is certainly on my list of the top three most important security technologies of…

3

Some organizations put too much emphasis on hardening guidance

I have been working on hardening guidance for almost 10 years. The first few I worked on were essentially lists of settings that we thought you should turn on. Basically, if something sounded like it might have to do with security then it must be turned on. To say that it was basic and naive…

5

New Taped Presentations Available

The Europeans have put up a couple more presentations from IT Forum 2005. There is a tape of my Is That Application Really Safe demos, as well as the Security Policy Management with SCW. They also put up Jason Zions’ Unix/Linux Authentication with Active Directory presentation. For a complete list of taped presentations available online check…

1

Power Users are Admins who have not made themselves admins yet

It seems kind of odd that in 2006 I would still get these questions, but twice in the past week have I had to explain the truth about Power Users to someone. Typically they are organizations who are trying to limit the rights of their users, who right now run as admins. Unfortunately, they are…

20

Security is a confidence building exercise

Yesterday I was at a community event in Canberra, well, actually, it was in the middle of nowhere in New South Wales, but that’s beside the point. One of the issues that came up there was how to sell security to senior management. Having struggled with this for a while I listened attentively as Peter…

3