Classic Lines

Classic Lines

There’s an old Western TV program in syndication, titled something like “The Cisco Kid.”  It’s a great show about two Mexican “Robin Hood” style figures, who rode around the southwest, righting wrongs.  One part of the show sticks with me is when Cisco and Pancho joke with each other.  Pancho points to Cisco and says, […]

Risky Business

Deloitte and RSA presented a collection of seven articles on risk, covering topics ranging from general business risk to IT specific risks.  As I read the articles, the definition of risk that I learned way back in a risk management class kept coming to mind.  Definition: a risk is a potential future event that has […]

Too Much Access

In my experience as a security engineer, I have noticed that employees are often given significantly more access than needed. This is particularly true at large, enterprise level organizations. At enterprise clients I have worked with, I was responsible for granting this access once a request was approved. All too often I receive requests that […]

Application Whitelisting

Application whitelisting (AWL) is a technology that has been used in the security industry for a long time but is not yet widely accepted in enterprise workstation environments. AWL is the opposite of blacklisting which is the model used in most antivirus software today. Traditional antivirus looks for malicious files by fingerprinting files on the […]

Securing Your Network Infrastructure – Free Auditing Tools

In this edition of our “Securing Your Windows Infrastructure” series, I’ll be talking about some great free tools offered by Netwrix. Netwrix was founded in 2006 and offers a comprehensive suite of commercial and free security tools, all focused around increasing visibility into the changes made to your Windows environment. Among their free tools, you […]

Case Study – McAfee ePO/MOVE for a billion dollar financial establishment

Use Case ArchetypeSC was recently approached by billion dollar global financial corporation to perform an assessment of their McAfee ePO, MOVE, and DLP upgrade implementation plan. They have an older, distributed ePO environment which consisted of separate consoles in AMER, EMEA, and APAC making administration of the overall environment difficult. While the ePO infrastructure was […]