Trustworthy Yet?

  • View

  • Download

Embed Size (px)


Trustworthy Yet?. An examination of Microsoft’s Trustworthy Computing initiative, and what it means to enterprise security practitioners. Our Panelists. KEN TYMINSKI CISO Prudential Financial of America. JOSEPH COOPER, CISSP Chairman & CEO Digital Defense. - PowerPoint PPT Presentation

Text of Trustworthy Yet?

  • Trustworthy Yet?

    An examination of Microsofts Trustworthy Computing initiative, and what it means to enterprise security practitioners

  • Our Panelists


    CISO Prudential Financial of America


    Chairman & CEO Digital Defense


    Senior Director of Product Management Microsofts Security & Technology Unit

  • Microsofts Beginnings

  • Gates MandateTrustworthy Computing is computing that is as available, reliable and secure as electricity, water services and telephony.

    --Bill Gates, January 17, 2002

  • Trustworthy Milestones 2002Retrained 11,000 developers and engineersRevamped MSRCRetrofitted XP (SP1) and Win2K (SP4)Released MBSAReplaced the complier in Win2003Released Win2003 with services off by defaultChanged philosophy on shipping products

  • Trustworthy Milestones 2003Released SQL Server 2000 SP3Improved Exchange 2003 & Office 2003Changed vulnerability announcementsLaunched ISA 2000 FP1Released patching toolsAcquired AV company, formed alliance

  • Trustworthy AmbitionsWindows XP (beta; due summer 04)Integrating WUS with Windows, other appsActive defenses, synergistic strategySubstantial more secure OSes & apps: Yukon (SQL), 2005; Longhorn (Windows), 2006

  • Trustworthy Ambitions=End goal: 2014 or longer

  • Microsoft is doing enough to improve its software security.Strongly Disagree 40%Somewhat Disagree 30%Strongly Agree 2%Somewhat Agree 18%

  • Will Trustworthy Computing eventually make a difference?

  • Redmonds AssessmentI think we have made a good start in the last two years, and I believe we will have made enormous progress 10 years from now.STEVE BALLMERCEO, Microsoft

  • Is Microsoft doing enough to improve the security of its products?

    Is it on the right track?

  • Patching

  • Patching Windows Is Best Characterized As:Unavoidable 46%An Overblown Problem 5%Onerous 48%

  • Microsoft Is Doing Enough To Ease The Patching Problem.Strongly Disagree 28%Somewhat Disagree 33%Strongly Agree 3%Somewhat Agree 20%

  • Is the Windows patching problem getting better?

  • Synergistic SecurityTheres no one thing thats going to solve this. Mitigation is part of it.MIKE NASHCorporate VP, Microsoft SBU

  • Will Microsofts synergistic security strategy lead to better overall security for Windows and its other applications?

  • What does Microsoft need to do to win and retain the confidence of its enterprise customers?

  • Users Respond