Advertisement

HindustanTimes Thu,23 Oct 2014

Microsoft to invest more in security: Bill Gates

BY INVITATION | Bill Gates, PTI   May 03, 2004
First Published: 11:55 IST(3/5/2004) | Last Updated: 11:55 IST(3/5/2004)

Malicious software code has been around for decades. But only in the last few years have the Internet, high-speed connections and millions of new computing devices converged to create a truly global computing network in which a virus or worm can circle the world in a matter of minutes.

Advertisement

Meanwhile, criminal hackers have become more sophisticated, creating and distributing digital epidemics like Slammer, Blaster, Sobig and Mydoom that spread almost instantaneously, threatening the potential of technology to advance business productivity, commerce and communication.

The kinds of threats are evolving too. Blaster, for example, hijacked individual computers, turning innocent users into unknowing worm propagators. These “swarming” attacks that are coordinated to cause multiplied, cascading effects - change the landscape of security threats. They put new demands on IT professionals and consumers, and on the technology industry to continue to innovate.

Microsoft invests significantly in four areas of security: isolation and resiliency, updating, quality, authentication and access control.

Central to our security efforts is preventing malicious code from being able to exploit a vulnerability. This can be done by isolating such code, providing more effective control over what computer processes can talk to or work with, and making systems more resilient so they can stop suspicious behavior in its tracks.

Until now, software updates have been the primary way of customer protection. Although the evolving nature of threats requires a broader, multi-pronged response, Microsoft is continuing to make significant upgrades to quality. Last fall, we moved to monthly releases of updates to improve predictability and manageability.

Computer networks are no longer closed systems in which a user’s mere presence on the network can serve as proof of identity. There are many potential opportunities for unauthorised individuals to gain access to digital information. In this environment, access control and authentication are critical aspects of ensuring an organisation’s security. Users will increasingly use passwords, smartcards, public key infrastructure, Ipsec to beef up such authentication.

Microsoft has undertaken a rigorous “engineering excellence” initiative so that our engineers understand and use best practices in software design, development, testing and release. The number of “critical” or “important” security bulletins issued for Windows Server 2003, compared to Windows 2000 Server, dropped from 40 to 9 in the first 320 days each product was on the market. Similarly, for SQL 2000, there were 3 bulletins issued in the 15 months after release of Service Pack 3, compared to 13 bulletins in the 15 months prior to its release.

Reducing the impact of viruses and worms to an acceptable level requires fundamentally new thinking about software quality, continuous improvement in tools and processes, and ongoing investments in security technologies designed to block malicious code before it can wreak havoc. It also requires computer users to be proactive about deploying and managing products.


Advertisement
more from Business

HDFC profit rises 7% to Rs. 1,358 cr; revenue up 12%

India’s largest private sector mortgage lender, Housing Development Finance Corp, on Wednesday posted a 7% year-on-year rise in standalone net profit to Rs. 1,358 crore during the second quarter against Rs. 1,266 crore in the year-ago period.
markets
Advertisement
Most Popular
Advertisement
Advertisement
Copyright © 2014 HT Media Limited. All Rights Reserved