280 likes | 510 Views
Microsoft's Security Strategy. Adrian Anwar Server Business Division Lead Microsoft Indonesia. Agenda. Evolving Security Threat Landscape What is Microsoft Doing?. 3 Types of Cybercrime. Hardware Thief Social Engineering Exploitation of Software Vulnerabilities. The Facts.
E N D
Microsoft's Security Strategy Adrian Anwar Server Business Division Lead Microsoft Indonesia
Agenda • Evolving Security Threat Landscape • What is Microsoft Doing?
3 Types of Cybercrime • Hardware Thief • Social Engineering • Exploitation of Software Vulnerabilities
The Facts Source: 2006 Australian Computer Crime and Security Survey
Primary Threats to Online Safety Phishing E-mail sent by online criminals to trick you into going to fake Web sites and revealing personal information Spam Unwanted e-mail, instant messages, and other online communication Identity Theft A crime where con artists get your personal information and access your cash and/or credit Hoaxes E-mail sent by online criminals to trick you into giving them money www.microsoft.com/protect
Primary Online Risks for Children Disturbing Content If kids explore unsupervised, they could stumble upon images or information you may not want them exposed to. File-share Abuse Unauthorized sharing of music, video, and other files may be illegal, and download malicious software. Cyberbullies Both children and adults may use the Internet to harass or intimidate other people. Predators These people use the Internet to trick children into meeting with them in person. Invasion of Privacy If kids fill out online forms, they may share information you don’t want strangers to have about them or your family. www.microsoft.com/protect
Primary Threats to Computer Security Viruses/Worms Software programs designed to invade your computer, and copy, damage, or delete your data. Trojans Viruses that pretend to be helpful programs while destroying your data, damaging your computer, and stealing your personal information. Spyware Software that tracks your online activities or displays endless ads. www.microsoft.com/protect
Brands and Industries Anti-Phishing Working Group
Password Stealing Anti-Phishing Working Group
Reports and Sites Anti-Phishing Working Group
Trojan Attacks - Top 5 by industry Counterpane Internet Security and MessageLabs
Spyware - Top 5 by industry Counterpane Internet Security and MessageLabs
Direct Attacks - Top 5 by industry Counterpane Internet Security and MessageLabs
Vulnerability Timeline Why does this gap exist? Attacks occur here
331 Days between update and exploit 180 151 25 14 SQL Slammer Welchia/ Nachi Blaster Sasser Nimda Vulnerability Timeline
Microsoft Security Strategy Digital PhishNet LawEnforcement Global Phishing Enforcement Initiative Public Policy IndustryPartnerships ConsumerAwareness Microsoft Security Response Alliance
Microsoft Security Strategy Microsoft Malicious Software Removal Tool SecurityTools Microsoft Windows Defender Microsoft Windows VistaSecurity Whitepapers SecurityReadiness Educationand Training Microsoft SecurityIntelligence Report Learning Paths forSecurity Professionals www.microsoft.com/security
Key Investments Security Response Center Security Development Lifecycle
Security Development Lifecycle Product Inception Design Threat Modeling Standards, best practices, and tools Security Push Final Security Review RTM and Deployment Signoff Security Response
Services Edge Server Applications Encrypting File System (EFS) BitLocker™ Network Access Protection (NAP) Information Protection Client and Server OS IdentityManagement SystemsManagement Active Directory Federation Services (ADFS) Guidance Developer Tools Microsoft Security Portfolio
What is Forefront? A comprehensive line of business security products that helps you gain greater protection through deep integration and simplified management Microsoft® Forefront™ Client and Server OS Server Applications Edge
Security with Forefront for Exchange • Multiple Engineer Approach • Protection against viruses, worms, and spam • Ships with 8 engines from leading Anti Virus vendors from around the globe • Use up to 5 engines at one time • What one engine misses, another will more then likely detect • Performance & Availability • AV Transport Stamp Support - if a message is scanned once at the Edge or Hub server, it does not need to be scanned again at the Mailbox server • Bias setting allows percentage setting of engines for scan jobs so not to impact server performance • In-Memory Scanning makes use of available application memory instead of spool all data to disk • Multi-Threaded Scanning - in high-volume mail environments, including virus outbreaks, Forefront can also establish multiple, simultaneous scanning threads to process more traffic at once, improving throughput • Enhanced Protection - SPAM Filters & Worm Removal • SPAM filters - IP block list that is offered exclusively to Exchange 2007 customers provides premium spam protection which also includes automated updates for this filter. • Matches messages against known worms lists, immediately deletes them, reducing workload on the Mailbox Server & preserving disk space for critical business information • Secure Content • File Filtering allows administrators to block files based on attachment file extension, type, name & size including individual files within zip or container files • Keyword filtering - scan message body text & subject lines to block messages that contain keywords with inappropriate content. Create or import lists.
Antispyware & Antivirus Software FOR INDIVIDUAL USERS FOR BUSINESSES Microsoft Forefront Client Security Windows Defender Windows Live Safety Center Windows Live OneCare MSRT Remove most prevalent viruses Remove all known viruses Real-time antivirus Remove all known spyware Real-time antispyware Central reporting and alerting Customization IT Infrastructure Integration
Security Is Only As Strong As The Weakest Link • Technology is neither the whole problem nor the whole solution • Secure systems depend upon Technology, Processes and People
© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.