Skype for Business
See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Chief Security Advisor
Critical Infrastructure Protection
Freedom of Speech
Securing My Infrastructure
Security Intelligence Report
Browse by Tags
Roger's Security Blog
Ten Immutable Laws Of Security (Version 2.0)
You might have known the 10 Immutable Laws Of Security since quite a while. It is kind of the “collected non-technical wisdom” of what we see in security respeonse being it in Microsoft Security Response Center or in our Security Product Support. There is now a version 2, which is still as important...
16 Jun 2011
Conclusion on UNODC: Open Ended Expert Group on Cybercrime
I told you that I will attend the UNODC: Open Ended Expert Group on Cybercrime , which is now slowly coming to an end. Let me draw a few conclusions on the meeting. It was not the first UN meeting I attended and – depending on the audience – the discussion can easily result an long political debates...
20 Jan 2011
What is More Important to You? Privacy or Safety?
I want to start upfront: I do not want to take a position here. I have an opinion as a person in my cultural context but I understand that this opinion is by far not the only one which is right or wrong. This morning I read this article: FBI Drive for Encryption Backdoors Is Déjà Vu for Security Experts...
29 Sep 2010
Data Governance in the Cloud
If you look at current discussions between cloud providers and customers, I see it too often that the customer leaves with the impression that the Cloud fixes all their problems. In fact – it does not. Too often I see the Cloud provider telling the customer that they should not care about security anymore...
15 Sep 2010
Who cares where your data is?
Wow, I guess the reason for you clicking on the link is this statement – right? Well, “unfortunately” I cannot claim ownership of it. It was made by a Google representative during an interview in Australia: Google: Who cares where your data is? To me, the whole Cloud discussion sometimes drives into...
10 Jun 2011
Are You Focused On The Wrong Security Risks?
There is an good article on CIO Central: Are You Focused On The Wrong Security Risks? An interesting discussion and I part agree that we have to challenge the way we look at the security risks. I would even broaden the questions he raises. When I talk about industry trends, which impact your risk landscape...
28 Jan 2011
Stuxnet talks – do we listen?
Stuxnet is a severe threat – that’s something we know for sure. But if we look at it – what do we really know? What can we learn? Let’s start from the beginning. As soon as Stuxnet hit the news, it was interesting to see, what was happening. There was a ton of speculation out there about the source and...
12 Oct 2010
Mutual Authentication in Real Life–Launching a Nuclear Missile…
A few years ago, I wanted to run an exercise with our incident response team in Switzerland. A customer, the government and me came together to develop the goals and the scenario. One of the key question we tried to answer together with the university, which we wanted to use as observers was, whether...
30 Mar 2011
10 of the Top Data Breaches of the Decade
You might have read that I ranted a little bit about the iPad data breach: Who needs a (vulnerable) iPad if you can get an nPad? and some people pushed back – which I can understand. So, to put it into perspective, I read this article this morning on the worst data breaches of the decade. An interesting...
18 Jun 2010
How Microsoft Uses File Classification Infrastructure
Quite a while ago, I blogged about the File Classification Infrastructure in Windows Server 2008 R2: File Classification Infrastructure in Windows Server 2008 R2 File Classification Infrastructure:More content In my opinion, this is an interesting tool, built in to your server platform. Now, we just...
8 Jun 2011
Blocking Social Media Sites–a False Sense of Security?
I blogged often about it: Blocking certain websites today can fire back in different ways. The CIO published an article called Workarounds: 5 Ways Employees Try to Access Restricted Sites – and they say: "Some workarounds can be dangerous because they might create a channel that data can flow out...
14 Aug 2010
Customer Experience Study: Security Improves in the Cloud
Last week, when I was in South Africa, a partner of us pointed me to a very interesting paper by KPMG called Cloud computing: Australian lessons and experiences . What I like is, that a lot of the items I was recently raising, where actually reflected in quotes by customers of Cloud providers as well...
28 Sep 2010
Mature your IT and then move to the Cloud
Today, I had the opportunity to talk to a group of partners on Cloud and security. The goal was to make them ready for the Cloud and make them ready to answer the customer’s questions. One block – obviously – was about security and as I look at it (and as I said), this starts with the customer's processes...
23 Jun 2010
© 2015 Microsoft Corporation.
Privacy & Cookies