Download presentation
Presentation is loading. Please wait.
Published byCornelius Ramsey Modified over 9 years ago
1
Advancing Security Progress and Commitment Stuart Okin Chief Security Advisor – Microsoft UK Delivering on security (an update on progress)
2
Leaving Messages We are at an inflection point in the internet – the companies that will succeed will be those that can show trust as a business advantage Security can only be achieved through partnership & teamwork Do you have security policies, architecture and processes?
3
The Forensics of a Virus Blaster shows the complex interplay between security researchers, software companies, and hackers Vulnerability reported to us / Patch in progress Bulletin & patch available No exploit Exploit code in public Worm in the world July 1July 16July 25Aug 11 Report Vulnerability in RPC/DDOM reported Vulnerability in RPC/DDOM reported MS activated highest level emergency response process MS activated highest level emergency response processBulletin MS03-026 delivered to customers (7/16/03) MS03-026 delivered to customers (7/16/03) Continued outreach to analysts, press, community, partners, government agencies Continued outreach to analysts, press, community, partners, government agenciesExploit X-focus (Chinese group) published exploit tool X-focus (Chinese group) published exploit tool MS heightened efforts to get information to customers MS heightened efforts to get information to customersWorm Blaster worm discovered –; variants and other viruses hit simultaneously (i.e. “SoBig”) Blaster worm discovered –; variants and other viruses hit simultaneously (i.e. “SoBig”)
4
The Forensics of a Virus Blaster shows the complex interplay between security researchers, software companies, and hackers Vulnerability reported to us / Patch in progress Bulletin & patch available No exploit Exploit code in public Worm in the world July 1July 16July 25Aug 11 Report Vulnerability in RPC/DDOM reported Vulnerability in RPC/DDOM reported MS activated highest level emergency response process MS activated highest level emergency response processBulletin MS03-026 delivered to customers (7/16/03) MS03-026 delivered to customers (7/16/03) Continued outreach to analysts, press, community, partners, government agencies Continued outreach to analysts, press, community, partners, government agenciesExploit X-focus (Chinese group) published exploit tool X-focus (Chinese group) published exploit tool MS heightened efforts to get information to customers MS heightened efforts to get information to customersWorm Blaster worm discovered –; variants and other viruses hit simultaneously (i.e. “SoBig”) Blaster worm discovered –; variants and other viruses hit simultaneously (i.e. “SoBig”) Patch QB33330 Download Over 5.5 Million (~ 5%)
5
What do I get asked? Why are there so many vulnerabilities? Why do people write worms / virus?, i.e. what are people’s motivations Why is this happening now How do I protect myself? What do you worry about? What is Microsoft doing to help?
6
Individual control of personal data Products, online services adhere to fair information principles Protects individual’s right to be left alone Resilient to attack Protects confidentiality, integrity, availability of data and systems Engineering Excellence Dependable, performs at expected levels Available when needed Open, transparent interaction with customers Address issues with products and services Help customers find appropriate solutions
7
Security Enabled Business Reduce Security Risk Assess the environment Improve isolation and resiliency Develop and implement controls Increase Business Value Connect with customers Integrate with partners Empower employees Risk Level Impact to Business Probability of Attack ROI Connected Productive
8
“Give us better access control” “Simplify critical maintenance” “Reduce impact of malware” Advanced Updating Expanded Authentication, Authorization, Access Control Isolation and Resiliency “Provide better guidance” Security Guidance, Tools, Responsiveness “Develop reliable and secure software” Engineering Excellence You’ve Told Us
9
Communicate and collaborate in a more secure manner without sacrificing information worker productivity Isolation and Resiliency Reducing the Modes of Attack
10
Advanced Isolation Clients who do not pass can be blocked and isolated Isolated clients can be given access to updates to get healthy Health Checkup Check update level, antivirus, and other plug in and scriptable criteria Isolation and Resiliency Client Inspection
11
Today Future Windows, SQL, Exchange, Office… Windows, SQL, Exchange, Office… Office Update Download Center SUS SMS “Microsoft Update” (Windows Update) VS Update Windows Update Windows only WindowsUpdateServices Updating: Roadmap Windows, SQL, Exchange, Office… AutoUpdate
12
Authentication, Authorization And Access Control Simplify adoption of robust security management Integrated secure single sign-on experience New factors of authentication Seamless data protection across layers Enable business solutions with integrated platform security technologies
13
Authentication, Authorization and Access Control Enabling Security Critical Scenarios Windows IPSec integration SSL, RPC over HTTP ISA Server 2004 Deep Windows integration WPA, 802.1x, PEAP Single sign-on, smartcards, biometrics Provision for multiple credential types Rights Management Services Comprehensive Authorization Infrastructure (AD, EFS, ACLs…)
14
Quality & Engineering Excellence Improved Development Process Threat modeling Code inspection Penetration testing Unused features off by default Reduce attack surface area Least Privilege Prescriptive Guidance Security Tools Training and Education Community Engagement Transparency Clear policy
15
Critical or important vulnerabilities in the first… Bulletins since TwC release Shipped Jan. 2003, 17 months ago 3 Service Pack 3 Bulletins in prior period 13 Bulletins since TwC release Shipped July 2002, 23 months ago Bulletins in prior period 7 Service Pack 3 1 Continued Progress …270 days …365 days TwC release? 613 3642 Yes No
16
Guidance, Tools & Response Accelerate compliance to security best practices Seminars and publications Alliances and information exchanges Corporation with law enforcement Help customers through prescriptive guidance, training, partnership and policy
17
Microsoft Baseline Security Analyzer (MBSA) v1.2 Virus Cleaner Tools Systems Management Server (SMS) 2003 Software Update Services (SUS) SP1 Internet Security and Acceleration (ISA) Server 2004 Standard Edition Windows XP Service Pack 2 ISA Server 2004 Enterprise Edition Patching Technology Improvements (MSI 3.0) Systems Management Server 2003 SP1 Microsoft Operations Manager 2005 Windows Server 2003 Service Pack 1 Audit Collection Services (ACS) Security Configuration Wizard (SCW) Windows Update Services Windows Rights Management Services SP1 System Center 2005 Windows Server 2003 “R2” Network Access Protection (“Quarantine v2”) Vulnerability Assessment and Remediation Active Protection Technologies Visual Studio “Whidbey” Longhorn Security Timeline Today H2 04 Future 2005
18
Learn: Take training, read guidance, help educate users Connect: Participate in community. Subscribe to security newsletters Manage Risk: Implement a security plan and risk management process Plan: Prepare to upgrade laptops and remote systems to Windows XP SP2 Standardize: Deploy Windows Server 2003 on edge servers Integrate: Adopt a defense-in-depth security approach Suggested call to action
19
Resources General http://www.microsoft.com/uk/security Consumers http://www.microsoft.com/uk/protect Security Guidance Center http://www.microsoft.com/security/guidance Tools http://www.microsoft.com/technet/Security/tools How Microsoft IT Secures Microsoft http://www.microsoft.com/technet/itsolutions/msit E-Learning Clinics https://www.microsoftelearning.com/security Events and Webcasts http://www.microsoft.com/seminar/events/security.mspx
20
Leaving Messages We are at an inflection point in the internet – the companies that will succeed will be those that can show trust as a business advantage Security can only be achieved through partnership & teamwork Do you have security policies, architecture and processes?
21
© 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.