Security threats Toolkit

'Security has clout' - Microsoft

Tags:
Security,
Network Administration,
Microsoft,
Clout

Published: 23 Jun 2004 08:30 BST

Microsoft's top network security manager appeared at a company road show on Tuesday to let other administrators know what the software giant is doing to help keep corporate networks safe.

Speaking at Microsoft's Security Summit, a 20-city tour to showcase the software giant's latest technologies regarding Internet threats, Richard Devenuti, corporate vice president for Microsoft's Services and IT unit, highlighted improvements in the company's software and told how those improvements had been incorporated into Microsoft's own networks.

Perhaps the biggest change regarding security at Microsoft is that the issue has clout now, Devenuti said. The information technology group now has the power to hold up development or cut off someone's network access, he said.

"If a user doesn't do what I want them to do, we whack them off the network," he said. Devenuti's IT group is also one of the last Microsoft groups to sign off on a product before it is released. The group just gave the go-ahead to Microsoft's Internet Security & Accelerator (ISA) Server 2004, which is due out in the coming weeks, he said.

The significance of security in the decision-making process is only one of the changes that has happened at Microsoft since the company kicked off its Trustworthy Computing Initiative more than two years ago. In the past year, Microsoft has continued educating its developers, moved to monthly updates and extended security support for older versions of Windows.

The Security Summit is the company's latest education initiative. By year's end, Microsoft hopes to train nearly 500,000 people worldwide in how to better protect their systems.

Although Microsoft has changed under the Trustworthy Computing Initiative, many problems remain. In April, the company released a massive patch for Windows that fixed at least six critical flaws in the operating system. Less than three weeks later, the Sasser worm appeared, taking advantage of one of the flaws on unpatched systems to spread.

Internally, Microsoft has also changed many of its practices to protect itself from threats like Sasser, Devenuti said.

Microsoft developers are now required to use virtual private networks, or VPNs, to connect to development servers in order to isolate and protect the systems from the general network. The SQL Slammer worm infected the company's internal networks, because many development systems didn't have the latest patches.

Microsoft has taken a similar step in regard to its wireless networks, creating better wireless technology in Windows that makes possible a private network using an encryption technology known as 802.1x. Microsoft made the switch after the release of AirSnort, a tool that can be used to recover wireless encryption keys on systems that use the default wireless security.

"That tool (AirSnort) released on the Internet fundamentally changed the security environment," Devenuti said. Microsoft plans to make such wireless security features easier for outside companies to use in Windows.

The software giant will also release a giant security update for Windows XP and for Windows 2003. Those much-anticipated updates will add more security to the operating systems.