Where to start with Effective Security – why do we need it?

The purpose of Information Technology is to make the right information available to the right people at the right time. The traditional approach to information security is the “no you can’t” syndrome. It’s much more effective to define what the business actually needs and implement controls / raise awareness to prevent inappropriate flows of information….


Where to start with Effective Security – how to reduce your risk

Effective security is all about risk. Measure it. Decide which risks you are uncomfortable with and take steps to mitigate them. It’s also about People AND Processes – technological controls alone will not give you Effective Security. Scott Culp’s 10 Immutable Laws of Security gives a really good summary of the guiding principles of security. Law…

What do you like about Windows Vista / Windows Server 2008’s BitLocker featureset?

I’m asking customers and communities for feedback on their experience of using / evaluating the Bitlocker featureset of both Windows Vista and Windows Server 2008. I’d love to including your feedback too.  Please share your feedback (good and bad) either by comments to this post OR email me. Thanks   Steve


Should I use Outlook Web Access (OWA), Gmail, Hotmail or other webmail from a cyber cafe?

Absolutley NOT unless the information in your messages and contacts is already in the public domain! Don’t get me wrong – OWA provides an excellent webmail system. My point is that if you don’t have a reason to trust the client machine you shouldn’t view/access or enter sensitive information as anything you see/type can be…


The voice of the tube is now available on co-pilot

I’m sure those of you who follow the UK media may have come across the story about the lady (Emma Clarke) who used to do the announcements for the London Underground (“the Tube”) having recorded spoof messages. Jason’s post details that Emma has also recorded the voice prompts for co-pilot too – I really hope…


How do YOU find the telephone number of your colleagues?

Whilst at a Girl Geek dinner last night I chatted with a friend who recently started working for a multi-national corporation. Neither of us could quite believe how poorly their IT systems had been implemented – particularly given their size and prestige. Simple things like finding out the telephone number for another employee was painful. I have…


Information Security for Dummies! Where to start

Read Scott Culp’s Ten Immutable Laws of Security was initially written many years ago yet the messages still strike a chord in today’s threat environment. It’s well worth a read by anyone who’s looking for the short form of “what is information security about”, “where to start getting to grips with Information Security” and “what should…

Thanks to the warm welcome in Newcastle for the TechNet team

It was wonderful to see so many enthusiastic people at our event in Newcastle today. Upon reflection perhaps my 5 minute crash course in PKI was a little too much! George posted the following image of us at a local pub quiz thanks to Jonathan who took us to a brilliant nearby pub with a…


Rafal’s video on TechNet Edge covering security and IPv6 is well worth a listen

Join Rafal Lukawiecki’s interview at TechEd IT Forum on TechNet Edge – he talks about a range of security topics including suite B algorithms, Server 2008 and IPv6. You’ll need the Silverlight plugin to view the video – it’s only 1.37Mb and is a free download – just follow the link to the video and…

Are you allowed to use social networks at work?

Technorati Tags: I would Love to hear whether you are allowed to access social networking sites from work as it keeps coming up in discussion…don’t be shy…