Steve Riley on Security
Formerly
of Microsoft's
Trustworthy Computing
Group.
Browse by Tags
All Tags
»
access technologies
(RSS)
authentication
biometrics
configuration
email
identity
IPsec
ISA Server
NAP
networking
passwords
protection
risk mitigation
security policies
security science
TechEd
Terminal Server
threats
VPN
wireless
Enabling Secure Anywhere Access in a Connected World
A few times each year, Bill Gates or Steve Ballmer publish an executive memo. The first memo was Bill's essay on trustworthy computing , in July 2002. Today Bill has a new memo , one that is very important for all of us who strive to achieve a balance
Read More...
Did you know that you ALREADY have an e-mail policy?
An email access policy can be expressed in one of two ways: E-mail is mission critical to our business. Therefore, we permit employees to read and compose e-mail from any location in the world where employees can access the Internet, using either company-issued
Read More...
Configure your router to block DOS attempts
Some time ago I had a discussion with a friend. He disagreed with my recommendations on how to configure a border router and the firewall behind it. I claimed that in the border router between you and your ISP, configure the six rules to block most denial
Read More...
Should your ISA Server be in your domain? Film at 11!
So it would seem that a statement I made during TechEd US last week in Boston has mildly stirred a bit of controversy -- no surprise there, I guess, heh. One of my presentations gave an overview of what's new in ISA Server 2006 ( download your copy of
Read More...
What do YOU need out of two-factor authentication?
Two-factor authentication continues to grow in popularity and emerge as a security requirement for many people I meet with. At Microsoft, we use smartcards internally for VPN access right now; soon we'll be requiring smartcards for domain logon, too.
Read More...
Remote Access Quarantine (TechNet Magazine article)
http://www.microsoft.com/technet/technetmag/issues/2006/03/SecurityWatch/default.aspx In those good old easy-to-manage pre-mobility days, personal computers presented few actual threats to a network. Sure, there was the occasional virus you’d get from
Read More...
How to secure your wireless network
I'm now a contributing editor for TechNet Magazine . Everyone with a TechNet subscription automatically receives it; if you don't have one, you can still get the magazine free . The magazine's published three issues so far: Winter 2005 , Spring 2005 ,
Read More...
August article: 802.1X on wired networks considered harmful
Several months ago I learned from Svyatoslav Pidgorny, Microsoft MVP for security, about a problem in 802.1X that makes it essentially useless for protecting wired networks from rogue machines. Initially I was a bit skeptical, but the attack he described
Read More...
Securing Terminal Services over the Internet
In my presentation on remote access at TechEd, I gave three scenarios: web-based access to internal resources, published with ISA Server "desktop over the Internet" using Terminal Services and the remote desktop web connection full IP-based virtual private
Read More...
New column -- Using IPsec for network protection
I'm now writing semi-regular articles for TechNet. These are part of the security management series, and they're also linked from the security newsletter. The first column is a two-parter about IPsec. Part 1 describes the technology: how it operates,
Read More...
Search
This Blog
Home
About
Email
Resources for you
Get my PPTs from
My SkyDrive
Watch my videos at
TechNet Spotlight
Download
PYWN
's
Passgen tool
follow steveriley at http://twitter.com
View blog authority
Subscribe with FeedBurner
Subscribe, translate, or sort with BlastCasta
Homeland stupidity
threat:
Tags
access control
access technologies
Active Directory
advertising
assessing security
authentication
aviation security
biometrics
BitLocker
blogging
conferences and seminars
configuration
data destruction
email
encryption
false claims
group policy
home and family security
identity
infosec as a profession
integrity
Internet Explorer
IPsec
ISA Server
malware
music
my book
NAP
networking
passwords
patch management
physical security
protection
public policy
risk mitigation
RMS
security myths
security policies
security science
security theater
spam
SSL/HTTPS
TechEd
Terminal Server
the end
the future
the trade press
things that make me angry
things that make me laugh
things that make me worried
threats
virtualization
VPN
Windows 7
Windows Vista
wireless
Archives
August 2009 (1)
May 2009 (1)
February 2009 (1)
January 2009 (5)
December 2008 (1)
November 2008 (1)
October 2008 (2)
September 2008 (6)
August 2008 (2)
June 2008 (2)
April 2008 (1)
February 2008 (7)
January 2008 (1)
November 2007 (1)
October 2007 (3)
September 2007 (5)
August 2007 (2)
July 2007 (4)
May 2007 (2)
April 2007 (1)
February 2007 (1)
January 2007 (3)
December 2006 (2)
November 2006 (3)
October 2006 (2)
September 2006 (6)
August 2006 (1)
July 2006 (3)
June 2006 (1)
May 2006 (2)
April 2006 (2)
March 2006 (5)
February 2006 (2)
January 2006 (3)
November 2005 (5)
September 2005 (4)
August 2005 (2)
July 2005 (5)
June 2005 (5)
April 2005 (3)
March 2005 (2)
February 2005 (2)
January 2005 (1)
Syndication
RSS 2.0
Atom 1.0
