Careful, when Microsoft Support is calling

I guess you are aware of the phone scams, when Microsoft support is calling you to tell you that you have an issue on your computer, which needs to be fixed. A Norwegian team was actually able to film that. The whole conversation with the “supporter” is in English (the rest in Norwegian) and is…


Windows XP: The world after April 8, 2014

To be clear upfront: After support for Windows XP will end, the world will still exist – at least I hope. However, over the course of the last few months I read numerous articles with speculations, what is going to happen, once we stop support of Windows XP. The key problem is, that we do…


Unique in the Crowd – False sense of Privacy

This morning, I was reading a very interesting article called Unique in the Crowd: The privacy bounds of human mobility. This is the abstract: We study fifteen months of human mobility data for one and a half million individuals and find that human mobility traces are highly unique. In fact, in a dataset where the…


Targeted Attacks – a Video Series

Trustworthy Computing in partnership with Microsoft IT, Microsoft Consulting and the product groups just released a series of videos on targeted attacked and how to defend. I would definitely urge you to listen to them and make sure you implement the countermeasures: Targeted Attacks Video Series Roger


Are we sitting on a time bomb?

I just read another of these studies: Enterprises sitting on security time bomb as office workers compromise company data. Let’s briefly look at the findings first: 38% of U.S. office workers admit to storing work documents on personal cloud tools and services […] almost a fifth (16 percent) of people use Dropbox to store work…


The Moscow Rules in the Cyberspace

Doing your basics is a natural given, when you defend your assets. Basics like updating your computers, staying on latest versions, dynamic network zones, incident response, identity management, monitoring etc. etc. – last but not least (or probably first J) is to know your assets and have your data classified so that you understand, which…


Enabling the Hybrid Cloud with Microsoft Technology

When I talk with customers about the Cloud, we always talk about a few key themes: Identity: I am convinced that you need to be able to federate your identity from your on premise solutions to the cloud. You will want to control the process of decommissioning an identity and want to make sure that…


Is there a future for Product Certifications?

Often, when I talk to customers, product certification is one of the key themes they want to address. Especially they want to know about our commitment to Common Criteria and whether our products are certified. Typically we certify an operating system on Common Criteria EAL 4+ – the highest level, which seems achievable for multi-purpose…


Will the user define security policies in the future?

I think, I blogged about this event already earlier: Years ago I was meeting a customer and was talking about the future of IT. I was telling the audience (about 10 people including the Security Officer) that there is a good chance that IT will not define a set of hardware anymore but that the…