Microsoft Reinforces Focus on Improving Security for Customers Worldwide

BARCELONA, Spain, Nov. 4, 2004 — Today at the RSA Conference Europe 2004, Rich Kaplan, corporate vice president of the Security Business & Technology Unit at Microsoft Corp., delivered a keynote address in which he provided an update on Microsoft’s progress in helping improve the security of computers and networks for customers worldwide. Kaplan outlined progress to date in the areas of improving technology quality and innovation, creating opportunity in the security industry, and increasing customer guidance and engagement.

Specifically, Kaplan announced the forthcoming availability of the Windows®
Rights Management Services (RMS) Service Pack 1 (SP1) beta version, which helps customers protect their sensitive digital information; the Internet Security and Acceleration Server (ISA Server) 2004 partner validation program, which helps assure customers of the quality and interoperability of partner solutions; and the general availability of Microsoft’s Security Bulletin Advanced Notification program.

“Customers worldwide, both at home and at work, have told us that they need help minimizing the risk of malicious threats, and we believe this calls for the global IT community to band together to address these needs,” Kaplan said. “Although we’ve seen progress in addressing some of our customers’ top concerns, we remain focused on the evolving security challenges and are committed to working with our industry partners worldwide to improve the security of PCs and networks as part of our Trustworthy Computing initiative.”

Advancements in Technology Quality and Innovation

Kaplan renewed Microsoft’s commitment to helping customers address their growing needs for protecting sensitive digital information by announcing the availability of the beta version of RMS SP1. RMS is information protection technology that works with RMS-enabled applications to help safeguard digital information such as Web content, documents and e-mail from unauthorized use. SP1 provides the following to customers:

  • The ability to deploy a low-cost enterprise rights management solution without a network connection to the Internet and without an operational dependency on an external entity such as Microsoft

  • The ability to enhance the protection provided by RMS through improved authentication offered by smart cards

  • The ability to more efficiently manage group definitions by enabling usage rights to be applied based on dynamic groups in Active Directory®

SP1, which is currently scheduled to be delivered to customers in the first half of 2005, builds on the success of the first version of RMS.

“At Swisscom, we are expanding our commitment to RMS to help protect sensitive executive e-mail and internal confidential documents across the organization,” said Heinz Schr, member of management at Swisscom IT Services AG. “The integration of RMS with Office 2003, combined with the product’s ease of deployment and management, make it easy for virtually all of Swisscom’s employees to keep their critical documents and information safe without having to learn a cumbersome set of new technologies.”

Customers and partners interested in the RMS SP1 beta should contact [email protected] for complete details.

Kaplan highlighted Microsoft’s technology advancements in providing greater isolation and resiliency to systems to improve their ability to mitigate the impact of malicious code, including the release of Microsoft®
Windows XP Service Pack 2 (SP2) in August 2004. SP2 — which has been distributed to more than 110 million customers worldwide — contains innovations that provide safer browsing, stronger default security settings and new, automatically installed security features to better protect customers and their computers from hackers, viruses and other security risks.

Kaplan also noted that customer and industry response to the Windows Security Center in Windows XP SP2, which provides users with the ability to automatically check the status of essential security functionality such as firewall, Automatic Updates and anti-virus protection, has been overwhelmingly positive. Currently, 29 anti-virus vendors worldwide support Windows Security Center as a comprehensive reporting tool that offers users a single location for viewing the status of their system’s essential security components. The Windows Security Center directs customers to a Web site listing those vendors if it detects the need to install or update anti-virus software. Since the launch of SP2, 12.5 million unique users worldwide have visited the Web site, an indication of the success of SP2 in helping customers better protect their PCs. For a list of anti-virus vendors offering services that integrate with Windows Security Center, customers should visit .

“Whether it’s at home or at the office, malicious activity on the Internet is becoming more pervasive and increasingly unpredictable,” said Steve Chang, CEO of Trend Micro Inc., a global leader in anti-virus and Internet content security solutions. “Our integration with valuable new Microsoft tools like Windows Security Center in Windows XP SP2 allows for accurate detection of Trend Micro’s award-winning products, so customers are informed of the security state of their PC and can take proper steps to protect themselves.”

Creating Industry Opportunity

Kaplan also announced the ISA Server 2004 Validation Program, established in collaboration with VeriTest, which is designed to help ensure the continuity of quality and interoperability between a participating ISV’s solution and ISA Server 2004. McAfee is the first partner to complete the validation process for its McAfee®
SecurityShield (TM) for ISA Server 2004. Other companies pursuing this certification include SurfControl plc, which designs Web filtering products, and Rainfinity, whose offerings include load balancing and high availability. More information and registration for the ISA Server 2004 Validation Program can be found at .

Hardware appliances built on ISA Server 2004 continue to be of great interest to customers. In addition to the recently announced Network Engines appliance, several OEM partners in Europe are now delivering solutions based on ISA Server 2004, including Wortmann AG, Pyramid Computer GmbH and HP (EMEA).

Increased Customer Guidance and Engagement

In response to positive customer feedback, Microsoft is making its Security Bulletin Advanced Notification program publicly available to provide all customers with advanced, monthly general information on security. The purpose of the notification is to assist customers with resource planning for the scheduled monthly security bulletin. Starting in November, Microsoft will publish a general summary of planned security bulletins three business days before each month’s scheduled release date, which will occur on the second Tuesday of the month. The information will be available at and will include the number of bulletins that may be released, the anticipated severity ratings, and an overview of products that may be affected. Beginning in December, customers can also sign up on that Web site to receive notifications by e-mail.

Kaplan confirmed progress Microsoft has made in global customer guidance and engagement efforts to help build security best practices among consumers and businesses. Microsoft has provided security training to more than 540,000 IT professionals, developers and partners worldwide over the past year, including more than 170,000 in Europe alone through events, webcasts and participation in European countries’ Microsoft Security Days.

In addition, 18 European countries and NATO now participate in Microsoft’s Government Security Program (GSP), providing both source access to Windows and Office and technical information to national governments about the Microsoft Windows platform. The GSP better enables participating governments to design, build, deploy and maintain secure computing environments. The European GSP country members are Austria, Bulgaria, Finland, Greece, Hungary, Malta, Lithuania, Netherlands, Norway, Poland, Portugal, Romania, Russia, Slovenia, Spain, Switzerland, Turkey and the United Kingdom. Also, Italy has announced that it has signed a memorandum of understanding (MOU) to participate in the GSP.

More information about Microsoft and its efforts to address computer security can be found at .

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Microsoft, Windows and Active Directory are either registered trademarks or trademarks of Microsoft Corp. in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft Web page at on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at .

Related Posts