1 / 23

Trustworthy Yet?

Trustworthy Yet?. An examination of Microsoft’s Trustworthy Computing initiative, and what it means to enterprise security practitioners. Our Panelists. KEN TYMINSKI CISO Prudential Financial of America. JOSEPH COOPER, CISSP Chairman & CEO Digital Defense.

emmet
Download Presentation

Trustworthy Yet?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trustworthy Yet? An examination of Microsoft’s Trustworthy Computing initiative, and what it means to enterprise security practitioners

  2. Our Panelists

  3. KEN TYMINSKICISO Prudential Financial of America

  4. JOSEPH COOPER, CISSPChairman & CEO Digital Defense

  5. JONATHAN PERERASenior Director of Product ManagementMicrosoft’s Security & Technology Unit

  6. Microsoft’s Beginnings

  7. Gates’ Mandate “Trustworthy Computing is computing that is as available, reliable and secure as electricity, water services and telephony.” --Bill Gates, January 17, 2002

  8. Trustworthy Milestones 2002 • Retrained 11,000 developers and engineers • Revamped MSRC • Retrofitted XP (SP1) and Win2K (SP4) • Released MBSA • Replaced the complier in Win2003 • Released Win2003 with services off by default • Changed philosophy on shipping products

  9. Trustworthy Milestones 2003 • Released SQL Server 2000 SP3 • Improved Exchange 2003 & Office 2003 • Changed vulnerability announcements • Launched ISA 2000 FP1 • Released patching tools • Acquired AV company, formed alliance

  10. Trustworthy Ambitions • Windows XP (beta; due summer ’04) • Integrating WUS with Windows, other apps • Active defenses, synergistic strategy • Substantial more secure OSes & apps: Yukon (SQL), 2005; Longhorn (Windows), 2006

  11. Trustworthy Ambitions = End goal: 2014 or longer

  12. Microsoft is doing enough to improve its software security. Strongly Disagree 40% Strongly Agree 2% Somewhat Disagree30% Somewhat Agree 18%

  13. Will Trustworthy Computing eventually make a difference?

  14. Redmond’s Assessment “I think we have made a good start in the last two years, and I believe we will have made enormous progress 10 years from now.” STEVE BALLMER CEO, Microsoft

  15. Is Microsoft doing enough to improve the security of its products? Is it on the right track?

  16. Patching

  17. Patching Windows Is Best Characterized As: An Overblown Problem 5% Unavoidable46% Onerous 48%

  18. Microsoft Is Doing Enough To Ease The Patching Problem. Strongly Disagree28% Strongly Agree 3% Somewhat Disagree33% Somewhat Agree 20%

  19. Is the Windows patching problem getting better?

  20. Synergistic Security “There’s no one thing that’s going to solve this. Mitigation is part of it.” MIKE NASH Corporate VP, Microsoft SBU

  21. Will Microsoft’s synergistic security strategy lead to better overall security for Windows and its other applications?

  22. What does Microsoft need to do to win and retain the confidence of its enterprise customers?

  23. Users Respond

More Related