As federal security and industry officials conduct conferences around the nation this week about cybersecurity concerns and homeland defense, Microsoft
is making security its main focus too.
The software company’s TechNet division has planned between three and five Webcasts each day on major topics around computer security.
The Webcasts will run through Friday. In all, about thirteen different
topics are planned, ranging from Microsoft’s own security tools,
providing security for handheld devices and managing patch deployment and installation. The Webcasts are available in real-time or on-demand downloads.
As part of the security focus, Microsoft published a white paper called “Security at Microsoft.” It detailed how the company protects its global network, which includes 300,000 computers and 4,200 servers, and the “medium to high probability that within the next year, a successful attack will occur that could compromise the high value and/or highest value data class.”
The announcement includes news that it receives some 2,500 to 3,000 attempted intrusions on its systems each day, which rounds out to about 100,000 attacks each month.
The extent of the attacks might help explain Microsoft’s ongoing partnership with Computer Associates eTrust EZArmor firewall and anti-virus software it includes with customers, noted Joe Wilcox, Microsoft analyst for Jupiter Research.
As part of Microsoft’s renewed emphasis on security, CA is giving away its consumer antivirus/firewall product with 12 months of free updates, Wilcox wrote on his MicrosoftMonitor Weblog. (Jupiter Research and internetnews.com are owned by the same parent company.)
In the meantime, Wilcox added, customers looking for operating system security improvements need to wait for updates to Windows XP and Windows Server 2003. Windows XP Service Pack 2, which is chock full of security enhancements, is expected to enter beta testing by the end of the month. It is expected to ship during the first half of 2004.
Wilcox also noted that the release of Windows Server 2003 Service Pack 1 has been pushed back until second half of 2004.
Microsoft is going to great lengths to improve its security measures as IT administrators brace for an increase in attempts to breach their systems. Last month for example, research group Internet Security Systems’ issued a report that said security threats increased by 9 percent in the third quarter of
2003. In addition, ISS said more serious incidents grew by 15 percent. Security software player Symantec
also reported an increase in security threats and attacks in 2003.
“Computer resources cannot be made completely invulnerable,” Microsoft said in its TechNet section. “Risk is an inherent part of networks. It is therefore important to implement a risk management process that identifies cost-effective security controls to mitigate these risks.”
Among the Webcast topics on tap for Tuesday are: “Using Portable Handheld Devices in a Secure Manner,” which will focus on data protection of PDA’s. Also on tap: “Secure Network
Access,” which will detail providing security for applications and network infrastructure using Windows Server 2003 and ISA Server. This session will discuss security for wireless, wired and remote access environments. And, not to be overlooked, Webcast entitled “Designing a Secure – Reliable – and Usable Patch Management Infrastructure.”
On Wednesday, Microsoft plans to Webcast “Securing Your Exchange 2003 Environment,” which will address security issues for servers, messages and communications. This session will cover the prevention of denial of service and virus attacks, and securing Exchange 2003 across LAN’s and remote connections.
Other topics for Wednesday include “Penetration Testing, Vulnerability Scanning and Security Auditing,” and
“10 Things Hackers
Don’t Want You to Know,” which is slated for Friday.
The security focus comes as the Markle Foundation’s second report on national security is being released. The report has concluded that the U.S. government has not yet taken advantage of America’s technology expertise to fight the war on terrorism.
The Foundation, a private philanthropy group whose mission is to “focus on using information and communications technologies (IT) to address critical public needs,” issued its second Task Force on National Security in the Information Age report Tuesday. It called on President Bush to issue guidelines to clearly define the security interests in the data mining research of private information and to provide controls to address the privacy implications of such programs.
Also this week, the Business Software Alliance is holding its U.S. Department of
Homeland Security Cyber Security Summit with the department’s chief, Tom Ridge.