1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

For security ask yourself...what would Microsoft do?

Discussion in 'News' started by SimonV, Nov 23, 2003.

  1. SimonV

    SimonV Petabyte Poster Administrator

    [​IMG]<font size="3">For security ask yourself...what would Microsoft do?</font>

    Despite taking a beating in the press and from customers for security holes in its products, decision makers at Microsoft appear to think the company still has something to teach the world about computer security. The Redmond, Washington company this week published a technical white paper that describes its internal security practices, which Microsoft hopes will "help customers successfully secure their environments," the company said. The paper, simply titled "Security at Microsoft," details the methods and technologies that the company's Operations and Technology Group (OTG) use to secure the company's global corporate network of more than 300,000 computers and 4,200 servers.

    In the paper, Microsoft describes its risk management strategy, which involves classifying different computing resources according to their "value class" -- from servers hosting the Windows source code down to test servers. Microsoft also provides guidance on how its security group assesses the potential risks and threats to those assets and creates policies to secure the assets that are appropriate, given the value of the data they contain. Just as interesting are the tidbits of information about Microsoft's security operation that can be gleaned from the document. For example, Microsoft discloses that the company experiences more than 100,000 intrusion attempts each month and receives more than 125,000 infected e-mail messages.

    View: Security at Microsoft Paper
    News source: InfoWorld
    Certifications: MOS Master 2003, CompTIA A+, MCSA:M, MCSE
    WIP: Keeping CF Alive...


    1. tripwire45
      If it's people complaining about them...they blame the victim. If it's there own security, put a "hit" out on the hackers and spammers.
    2. Sandy
      I may be an old die hard but I still think it is the System Admins role to work out the security model for their own org. rather then running round blaming everybody apart from themself.

      Well done MS. Hopefully some of the people who run systems will start taking this stuff serously.

      I run MS, UNIX & Linix they ALL need patching they ALL need thought about as far as security goes.

    Share This Page