News

Microsoft Rolls Out Security Partner Program

Microsoft Corp. added a security specialty Thursday to the Microsoft Gold Certified Partner Program it set up earlier this year.

Microsoft also positions the program as fitting into its recent initiatives to bolster security in Microsoft environments -- a campaign that arose during intense industry criticism involving the susceptibility of Microsoft products to security problems such as e-mail worms and distributed denial of service attacks.

"The launch of this partner program dedicated to security solutions further underscores Microsoft's commitment to work with others in the industry to ensure that every customer can work, communicate and do business securely over the Internet," Steve Lipner, director of security assurance at Microsoft, said in a statement.

The new program is called the Microsoft Gold Certified Partner Program for Security Solutions. The idea is to give customers a Microsoft stamp of approval to look for when they're trying to hire outside help for a security issue.

Firms that want to earn the gold security certification must submit at least three project references and have on staff at least four Microsoft Certified Systems Engineers or Microsoft Certified Solution Developers and three Microsoft Certified Professionals who have passed specific exams.

The new security program is the ninth category of the Microsoft Gold Certified Partner Program. Others include Business Intelligence, Collaborative Solutions, E-Commerce Solutions, Enterprise Systems, Hosting and Application Services, Learning Solutions, Software Products and Support Services.

Microsoft says 850 Microsoft Certified Partners have achieved gold partner status.

The addition of the security solutions program follows two recent and major Microsoft security moves.

Scott Culp, the manager of the Microsoft Security Response Center, released a controversial white paper in October labeling the practice of many in the security community of releasing step-by-step instructions for exploiting security vulnerabilities as "information anarchy." "It's high time the security community stopped providing blueprints for building these weapons," Culp wrote. "The relationship between information anarchy and the recent spate of worms is undeniable."

Then on Nov. 8, Microsoft and five other companies unveiled a plan to form an organization for proposing standards for handling security vulnerabilities. Other members of that group are @stake, Bindview, Foundstone, Guardent and Internet Security Systems.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.