Microsoft Monitor Weblog A Jupiter Research Business Weblog
 
Jupiter's Microsoft Monitor Research Service helps vendors prepare for market opportunities created by new Microsoft initiatives. In addition, Microsoft Monitor helps business and enterprise users discover which strategies are most successful in dealing with Microsoft and how to best exploit the customer relationship. The Microsoft Monitor Weblog is a companion to Jupiter's Microsoft Monitor Research Service and provides additional news, analysis and insight relevant to the areas most important for Microsoft's growth in both the business and consumer marketplaces. The content on this Weblog is often based on late-breaking events whose sources are deemed to be reliable. The insight and recommendations represent Jupiter's initial analysis. As a result, our positions are subject to refinements or major changes as Jupiter analysts gather more information and perform further analysis. Feedback is welcome at mm@jupitermedia.com.

Contact Us
More information about Jupiter's Microsoft Monitor Research service is available by contacting Kieran Kelly at researchsales@jupitermedia.com or by telephone at 1-800-481-1212

Blogroll
David Card
Michael Gartenberg
Alan Meckler
David Schatsky

September 2005
Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30  
Archives
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003

Recent Entries
My PDC Post Morteum
Microsoft Office, the Server Edition, Part Two
Windows Workflow Foundation and Expression
PDC: The Big Day
Windows Vista Sleeper Announcements

December 01, 2003
Security Webcast Week

It seems like every Monday starts off some new national (fill in the blank here) week. Maybe national teachers’, reading or world hunger week. At Microsoft, Dec.1-5 is (international) TechNet Security Webcast Week. Full details are available here.

The first Webcast, focusing on how Microsoft secures its own assets, commences at 2:30 p.m. ET (-5 GMT), today. The other days, Microsoft will hold three Webcasts a day, covering such topics as mobile devices, patch management and hacker techniques, among others.

All 13 Webcasts (Will that be a lucky number for Microsoft?) cover important security topics. But, I would recommend the first for just about everybody. I’ve long said Microsoft should help customers by revealing some of its own security policies and procedures. After all, while the news media points out every suspected flaw in Microsoft software, Microsoft the company doesn’t seem to have too many security problems. Consider that Microsoft carries a big hackers’ bulls-eye and that the company runs all its own software. That mix is a combination for some heaping big security problems if Microsoft’s software truly were so security buggy. Clearly Microsoft is doing something right.

Certainly, there are legitimate issues about the number of patches and customers’ burden of patch management. But, if Microsoft has found a way to deal with that and keep its big honking bulls-eye company secure, maybe some of those security policies and techniques would be good for customers, too.

I wouldn’t expect Microsoft to reveal too many details of its secret security recipe. Some basics might surprise some customers. For example, I know that Microsoft employees accessing the corporate network remotely go through a fairly convoluted access process that includes checking to make sure virus signatures are up to date. That’s smart security policy. Rather than looking at authentication, Microsoft checks for other possible areas of vulnerability. A computer without up-to-date signatures is more likely to be infected with a virus capable of spreading to the corporate network.

By the way, late last month, Microsoft published the technical white paper "Security at Microsoft," available here, which explains some of the mechanisms the company uses to secure its network. I recommend that every company deploying Microsoft software make the white paper mandatory reading for all security professionals.

Posted by Joe Wilcox at December 01, 2003 10:11 AM
Copyright 2004 Jupitermedia Corporation. All Rights Reserved.
Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.