proudly powered by 3dfxzone.it |
News | Headlines | Ricerca |
|
27.12.2005 - Microsoft and Computer Security in 2005 | ||
Real progress was made by Microsoft and its industry partners in 2005. REDMOND, Wash., Dec. 21, 2005 — In the ongoing challenge to deliver a safer, more secure computing experience for PC users, Microsoft and its industry partners in 2005 made considerable progress on the security front with achievements such as greater customer awareness of the existence of spam, viruses, spyware and other security threats, as well as the availability of more effective and powerful software protections against software attacks and security breaches, which has resulted in improved security for Microsoft customers. “At Microsoft, we’re focused on protecting customers from current and emerging cyber security threats,” says Mike Nash, corporate vice president of Microsoft’s Security Technology Unit. “Our strategy is to make the right technology investments, to provide clear guidance to our customers about how to stay better protected, and address industry-wide challenges through partnerships in the public and private sectors.” In looking at the past year, Nash adds, “The deep investments we’ve made in technology are resulting in a more secure computing experience for our customers. More than 250 million copies of Windows XP Service Pack 2, which includes significant security enhancements, have been distributed. Windows Server 2003 Service Pack 1, which is more secure by design and default and includes the security configuration wizard, has been downloaded approximately 4 million times. Over 18 million customers are using the Windows AntiSpyware beta to help protect themselves against spyware threats.” Additionally Nash offers, these new tools, coupled with customers’ better understanding of security best practices, are paying dividends. “We look forward to continuing our efforts to build greater trust in computing in 2006,” he says. Jon Oltsik, senior analyst on information security of the Enterprise Strategy Group says in “Could Microsoft Make Security a Competitive Differentiator?” — “Microsoft has proven time and time again that its corporate focus equates with execution excellence somewhere down the line. The company is now delivering on security in a way that sets it apart from other software companies.” Microsoft’s security efforts are focused on three areas: technology investments; prescriptive guidance and education; and industry partnerships. Technology Investments Progress Microsoft is making investments to achieve the highest level of quality in Microsoft software, and to deliver security technology innovations in the platform, security products and hosted security services. Over the past 12 months, Microsoft has made significant progress in delivering technologies across three key areas: fundamentals, threat and vulnerability mitigation, and identity and access control.
Prescriptive Guidance Progress Another area of activity for Microsoft security is educational outreach and improved security guidance for consumers, IT professionals, software developers and industry partners. For developers, Microsoft provided intensive training for third-party developers on secure coding practices and the SDL at the annual Microsoft Professional Developers Conference. The company also continued to build on its 35,000 unique pages of security guidance for developers and IT professionals by launching a new online security curriculum called Learning Paths for Security, organized around four key learning paths: Threats & Vulnerabilities; Identity & Access Control; Regulatory Compliance; and System Integrity. Microsoft also provided valuable guidance to more than 30,000 IT professionals and technical decision makers through Security360, a monthly webcast series focused on security topics that includes commentary and guidance from security industry experts inside and outside of Microsoft. Based on customer feedback, Microsoft made some major improvements in 2005 to its security communications to help customers protect their PCs, including providing additional guidance for customers through 15 security advisories as well as 96 entries on the Microsoft Security Response Center blog. Other new tools in 2005 include advance notification for monthly bulletins, notifications through RSS feeds and MSN Messenger Alerts and monthly technical webcasts. These new offerings have helped address the need for customers to have timely and prescriptive guidance from Microsoft on security issues. For consumers, Microsoft partnered with the U.S. Federal Trade Commission (FTC) and the National Consumers League to promote awareness of phishing scams, and with the National Cyber Security Alliance to increase consumer awareness about security through National Cyber Security Awareness Month in October 2005. Microsoft continues to provide additional outreach and educational programs on a global basis to consumers and to enterprise customers. Industry Partnership Progress In 2005, Microsoft continued to expand upon its partnerships with governments and industry leaders to address the important challenges of IT, including security, privacy, children’s online safety, phishing and spam. In terms of partnerships, one key announcement during 2005 was the creation of the SecureIT Alliance, a group of security partners that are working together to develop innovative security solutions for the Microsoft platform for the benefit of common customers. This announcement was the latest in a number of partnerships Microsoft has formed with the public and private sectors, including the Virus Information Alliance, the Global Infrastructure Alliance for Internet Safety and the Security Cooperation Program for governments. Additionally, Microsoft is an active member of the Anti-Phishing Working Group and the National Cyber Security Alliance. On the issue of spyware, Microsoft is a founding member of the AntiSpyware Coalition, which includes some of the country’s largest technology companies and public interest groups. Microsoft is also working with the FTC and other agencies using current law to find purveyors of fraudulent and destructive software. In 2005, Microsoft participated in Black Hat briefings and hosted two Blue Hat events, with the goal of enhancing communications and relationships with the security researcher community, learning how researchers attempt to find vulnerabilities, and applying those learnings to developing more secure software. Microsoft continued its support of law enforcement efforts worldwide to deter cyber crime. Major law enforcement activity during the year included arrests in August by Turkish and Moroccan law enforcement authorities of the alleged authors of the Zotob and Mytob worms, less than two weeks after the worms were unleashed. Microsoft helped law-enforcement agencies by providing technical support in the investigation. In July, Microsoft announced an award of US$250,000 to two individuals who helped identify the creator of the notorious Sasser worm in 2004. The author of the worm, arrested in May 2004, was found guilty this year by a court in Verden, Germany. Because data privacy remains a focal point for any discussion around information technologies and computer security, in a speech before the Congressional Internet Caucus in November, Brad Smith, senior vice president and general counsel for Microsoft, detailed Microsoft’s support for a “comprehensive” legislation approach to data privacy at the federal level that would provide meaningful protections for individuals, focused on preventing actual harm, and set clear guidelines for businesses while still allowing commerce to flourish. Microsoft also worked on a broad range of issues with lawmakers to pursue and support legislation to protect customers and combat online consumer fraud, spyware, spam and privacy breaches. A Look Ahead Microsoft plans to continue on the momentum from 2005, with a continued emphasis on security for the year ahead. This will require continued investments in technology, educational outreach and work with industry partners to help increase customers’ trust in computing. One major technology element in the 2006 security picture for Microsoft will be the release of Microsoft Windows Vista. Specifically, customers of the Windows Vista platform will experience security improvements in everything from user account control, better support for smartcards, enhanced firewall protection, and improved security and privacy capabilities in Microsoft Internet Explorer 7.0. Customers will also benefit from enhanced information protection functionality in Windows Vista such as BitLocker Drive Encryption, a hardware-based feature that addresses the growing concern over corporate and customer data on lost or stolen machines. Given the increasingly sophisticated nature of software attacks and security threats, Nash says that while 2005 was a positive year in terms of industry advancement in security, there is more work ahead. “The complexities around security require a broad approach, so we will continue to enhance solution offerings like Windows OneCare Live and Microsoft Client Protection," he says. "Microsoft will continue to push on all fronts towards our goal of trustworthy computing, but it will take a strong and focused effort from industry partners, government and law enforcement if we are going to reach our long-term goals of providing a more safe and secure computing experience for every one of our customers.” News Source: Microsoft Press Release Links | ||
Pagina Precedente | News successiva | Pagina Successiva |
Versione per desktop di atizone.it
Copyright 2024 - atizone.it - E' vietata la riproduzione del contenuto informativo e grafico. Note Legali. Privacy