You may recall that I shared the results of the previous Security Newsletter Survey - here's the latest version. In case you're not familiar with the survey it comprises feedback and charts from the readers of the Microsoft Ltd (UK) Security Newsletter - I think both the charts and verbatim comments are pretty interesting BODY { FONT-FAMILY: Arial, Verdana, sans-serif; FONT-SIZE: 70% } Survey: (Jan 09) Security Newsletter Survey Client: Microsoft UK Date ranges: All dates ((Jan 09) Security Newsletter

Be it a desktop, laptop or netbook many people I've asked this question to answer "my home one" - if that's the case for you I'd love to hear the reason why. If you're old enough to do so please cast your mind back to your work PC circa 1995 - the vast majority of personal computers back then were desktop machines - the exception being for unusually mobile people like some sales people and some IT Professionals. Back then typical "road warriors" used laptops that were of poor performance compared

Thanks to those of you who completed August's Security Newsletter Survey and to Phil Cross for sharing the results which are as follows: Survey: (Aug 08) Security Newsletter Survey Client: Microsoft UK Date ranges: All dates ((Aug 08) Security Newsletter Survey) Available dates: No restriction (all to Sep 17th 2008 10:20) First collection: Aug 28th 2008 13:48 Last collection: Sep 12th 2008 18:36 Responses collected in period: 76 Average collection rate: 0.2 per hour (5.0 per day) What size of organisation

There’s a really good (free) TechNet webcast coming up on the 17th September which will be a great resource for those of you who’d like to learn how to take advantage of Public Key Infrastructure (PKI) in your organisation. The full details of the event are as follows “To register simply click on this hyperlink TechNet Online Presents: MCS Talks Enterprise Architecture session 4 – Security and PKI 17 th September, 16.00-17.15 This session will start by discussing the areas you should consider when

Kai Axford has posted a series of short video interviews with representatives of the FBI – they are well worth a look – particularly if you are based in the United States as they include advice regarding whom to report breaches to. Check out The Security Show – the link is to a tag hence future episodes will be listed too if you re-visit it. The videos are streamed via Silverlight. They’re not deeply technical but they do provide interesting background material.

I’m delighted that so many of you took the time to vote for this blog in the “Security blog” category. Congratulations to Guy Bunker who’s View from the Bunker blog beat this one into second place. Personally the best thing to come from the competition is to find some additional interesting security blogs to read – you can see the rest of the shortlist and other nominated blogs on the Computer Weekly IT Security blog awards page – I’ve read several of them before but did find some good ones that

Credit to Ed Bott from ZDNet who interviewed Alexander Sotirov to get his perspective on the stories that have circulated in the press following the talk he gave with Mark Dowd at the recent BlackHat Securit conference. The talk was titled "How to Impress Girls with Browser Memory Protection Bypasses" which is certainly an unusual title for a technical talk. Ed's interview is interesting as it enables Alexander to clarify what the technical threats were and the context for exploits - he very clearly

I was recently asked this very question and I responded with "Windows Server 2008/2003/2000 and Windows Vista/XP" provide excellent built-in Virtual Private Networking features that are standards compliant and assuming they are correctly configured can be highly secure too. There's no additional license cost required to use Microsoft Windows VPN. In addition Microsoft offer a product named Intelligent Application Gateway which provides a high-end alternative to traditional VPN - it's part of the

I still come across Oracle enthusiasts who mistakenly believe that Oracle’s database suite is more secure than Microsoft’s SQL database suite – this is nonesense as I shall explain. The point to this post is not to gloat – it’s simply to set the record straight. Microsoft SQL Server’s suite of products ARE more secure than Oracle’s database suite. A single vulnerability in any mission critical product can cause serious problems for whomever relies upon it and ALL software is subject to both code

You can read the full details here - it's free, technical and should be fun too - just add a comment to their post if you're coming along The agenda is as follows: 6pm - 6.30pm: Arrive and introductions 6.30pm - 7:30pm: Building RIA Apps 7.30pm - 8:15: Break, Pizza and drinks 8:15pm - 9:15: Security - live demo of Network Access Protection 9:15pm: Wrap up!