Partner View

Selling Microsoft's Security Story

The Trustworthy Computing initiative has brought significant improvements to some of Microsoft's technologies. Be sure you're taking advantage of them.

• By Daniel Schaan
• July 01, 2005

The latter response is the one I least like to hear because it reinforces how much work remains to be done in educating customers about security. It's been three years since a Microsoft white paper declared the company had "elevated security to the top priority for the company." During that time, Microsoft has made significant progress in its Trustworthy Computing initiative, particularly with the release of Windows XP Service Pack 2.

Let's start with features delivered in Windows XP SP2, which collectively provide better protection against viruses, hackers and worms:

• Windows Firewall—Turned on by default, the built-in Windows Firewall helps increase computer security and reduce the risk of network and Internet-based attacks as soon as you start up your computer.
• Attachment Manager—Monitors and disables potentially unsafe e-mail attachments, which could contain viruses that might spread through Internet Explorer, Outlook Express and Windows Messenger.
• Automatic Updates—Helps users automatically stay current with the latest updates for the operating system.
• Outlook Express Privacy Update—Helps reduce unwanted e-mail by limiting the possibility of your e-mail address being validated by potential spammers.
• Windows Security Center—Tells users whether key security functions, including the Windows Firewall, Automatic Updates and Virus Protection, are up to date and working property.

In January, Scott Charney, Microsoft's vice president of Trustworthy Computing, reported that 140 million copies of XP SP2 had been distributed since its release seven months earlier. That goes a long way toward making all of us safer.

Microsoft has also delivered other numerous, useful technologies that can prove valuable in helping secure customer IT infrastructures. These include:

• Windows Server 2003 SP1—SP1 provides enhanced security, increased reliability and simplified administration. A central component of the Windows server operating systems, the Active Directory service provides the means to manage identities and relationships.
• Internet Security and Acceleration (ISA) SP1—ISA SP1 provides advanced stateful packet and application-layer inspection, and helps protect organizations of all sizes from attack by both external and internal threats.
• Windows Update—Helps keep computers up to date. It scans client machines and provides a tailored selection of updates that apply only to the items on the computer.
• Office Update—Similar to Windows Update, this online extension of Office helps keep Office 2003, Office XP and Office 2000 products up to date with the highest levels of security, stability and critical functionality available.
• Baseline Security Analyzer 2.0—A free vulnerability assessment tool for Windows, designed for IT professionals.
• Systems Management Server 2003—Microsoft's strategic solution for change and configuration management of Windows-based systems. This includes deploying operating system images, managing mobile devices and easing management-tool operations.

Trust is earned—day in, day out—and should never be assumed or taken for granted. Users trust IT administrators, and administrators must believe in and trust the tools and products they deploy.

Since 2002, Microsoft has come to more fully realize just how important safe and trustworthy computing is to people and businesses. It has made real improvements for the better in both its corporate culture and products.

Let's take advantage of them, and prevent some user heartache down the road. As a close friend of mine in law enforcement often says, "If I have to show up at a crime scene, I'm already too late."