ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Software

Desktop platforms Toolkit

Steering Microsoft clear of hackers

Charles Cooper CNET News.com

Published: 14 Oct 2003 11:25 BST

He's not a household name, but Bob Muglia is part of a small constellation of executives that Bill Gates and Steve Ballmer have repeatedly entrusted with important projects over the years.

During the course of his 15-year career with the company, Muglia has been given such responsibilities as managing the development of the MSN network, the Microsoft Office suite and Windows Server applications. These days, Muglia is running the storage business he started some 22 months ago while at the same time overseeing Microsoft's enterprise management division.

But outside events may have conspired to turn this into one of his toughest assignments.

During the last couple of years, hackers have repeatedly compromised Microsoft software by exploiting Windows vulnerabilities. The company contends that its software security is improving but allows that it remains a target for the foreseeable future.

The $64,000 question is whether this studied ambiguity will hinder Microsoft's ambitions to sell more of its software to information technology directors with big corporate data centres. Muglia spoke with CNET News.com about the steps Microsoft is taking to foster better enterprise management and how the security issue is affecting the company.

Q: Microsoft has been talking a lot about interim steps -- such as getting users to turn on firewalls -- before making broader changes in the software. Is that the extent of what you can do about security in the near term?
A: Many things go into securing systems. Clearly, we've been working on eliminating problems, and as we continue to find them, we'll make sure to get patches out there. But that's not the only thing we have to do.

For instance?
With Blaster (also known as MSBlast), customers who had the Internet firewall turned on didn't get hit. In general, the idea of having that kind of level of defence is very useful. So we're looking at ways to get the (Internet Connection Firewall) turned on and finding ways to make it as effective as it can be -- in addition to offering tools that prevent people from getting into the system. The way I like to think of it is that you need multiple levels of defence. Like with a house, you need a gate, which is one level of defence. Then you need your doors locked -- and maybe an alarm turned on as well.