REDMOND, Wash., Dec. 20, 2005 – When friends and family invite Amy Roberts over for dinner, she may not always bring an extra dish, flowers, or a bottle of wine. But Roberts, director of product management for Microsoft’s Security Technology Unit (STU), rarely leaves without offering a different kind of gift.
When she spots her guest’s home computer, she always makes sure it has the most current defenses against Internet viruses, spyware and other online threats. If anything is missing, the look of concern on her guest’s face quickly turns to one of relief – and, ultimately, surprise – when Roberts shows them how to get more secure in less time than it takes to serve the hors d’oeuvres.
Microsoft hopes to achieve similar results with somewhat different methods in the coming year. The company will encourage consumers to “Protect Your PC in 2006” by maintaining a quick, four-step routine designed to increase the number of people who protect their computers with the most current defenses. A recent study by the National Cyber Security Alliance (NCSA) found that less than a third of PC consumers are not consistently protected today.
“Protect Your PC in 2006” is the latest effort in Microsoft’s ongoing campaign to help reduce online threats through increased consumer awareness and education. The broad range of educational resources, software and services that Microsoft offers at www.microsoft.com/athome/security has become one of the Internet’s largest repositories of computing and online security and safety guidance.
PressPass sat down with Roberts recently to discuss the increasing importance of Internet security, as well as how today’s online security threats compare to those in past years and prior to the emergence of the Internet.
PressPass: Why should the average consumer care about online security?
Amy Roberts, Director of Product Management, Microsoft Security Technology Unit
Roberts: The risks are far too great for anybody with a computer at home not to pay attention. Consumer Reports found that spyware has infected the computers of half of all people who use the Internet over the past six months. More than two out of three – 65 percent – have been the victim of a computer virus within the past two years.
These malicious programs can slow down, damage or hijack your computer and use it to clog up other people’s e-mail accounts with spam. They also play a role in identity theft, which more than one in ten people who use the Internet say they or someone else in their home has been a victim of, according to the online polling service Consumer Internet Barometer.
People need to take these threats very seriously. But they also need to realize that the newest generation of security tools and services are making it so much easier for even the least technical people to avoid becoming a victim. If they dedicate a small amount of time protecting their computer, people can do all of the things they love to do, such as shopping or sharing pictures, on the Internet and be more secure.
PressPass: Does the average consumer understand the need for online security?
Roberts: One thing appears to be pretty consistent among most computer consumers: The desire to know more about online security. A recent Consumer Internet Barometer survey found that 79 percent of people want to learn more about how to protect themselves from viruses and spyware.
But many of these people don’t read the technology section of their local newspaper or computer magazines. A fair number of them don’t know what a firewall is and aren’t sure what to do when they hit on a file and get an on-screen box that asks if they want to “Open,” “Save” or “Cancel.”
Microsoft and other IT companies can help by being better at providing the context and background to make these decisions simpler or more self-evident. I get just as confused sometimes when I’m trying to program my digital cable and personal video recorder (PVR). The only difference is: If I get frustrated and given up on my PVR, I miss a show I wanted to record. If our customers get so overwhelmed that they give up trying to maintain their computer’s security – they open themselves up to potentially damaging and costly threats.
PressPass: What can people do to educate themselves about online security?
Roberts: The first step is the easiest. People should familiarize themselves with the resources that are available to help them get more secure online. We’ve developed consumer-friendly information and resources, and it’s all available at www.microsoft.com/athome/security. There are quizzes to test their security knowledge; simple tips on how to avoid online scams, shop safely on the Internet and avoid identity theft; links to software security tools that they can download and a ton of other resources.
PressPass: Tell us a little about the “Protect Your PC in 2006” pledge?
Roberts: The pledge is a fun, informal way to get more people actively thinking about online security without getting intimidated.
If they aren’t already, we’re asking people to first make sure they use an Internet firewall to help keep out a large percentage of online attacks. Windows XP Service Pack 2 (SP2), the updates to the operating system that we released in August 2004, includes the Windows Firewall, which is on when you install SP2. Second, they need to make sure they stay on top of security updates. This is easy to do with the Automatic Updates feature in Windows. Third, they need to install and keep current anti-virus software. And lastly, they need to do the same with software designed to protect their computers from spyware, like using the Windows AntiSpyware beta available at no additional charge to licensed Windows users.
PressPass: How do today’s online security threats compare to those when other new forms of commerce and information exchange were introduced?
Roberts: First and foremost, threats evolve more quickly than ever. The incredible growth of the Internet has spawned a generation of hackers who can get rich feeding people spam, tricking them into sharing personal information or hijacking their PC for other purposes.
Apart from this, online criminals are much like their offline peers: They make a living by hunting for weak spots in the system and trying to exploit them. I can remember back when I worked in a retail store; we would tear up the carbon sheets from every credit card slip or hand to them to customers if they wanted them back. All that handling of carbons was to help prevent would-be thieves from digging through the store’s trash to try and get their hands on the customer’s credit card information. Most stores no longer need to do this now that we have carbonless slips and electronic card readers. But this is another example of a situation that required education, user action and technology advances to help reduce a security threat. The security precautions we all need to take online are much like ripping up the carbons – over time, we hope that a similar combination of education, user action and technology improvements can address today’s online issues.
PressPass: How are Microsoft’s software and services changing to reflect today’s online threats?
Roberts: Earlier this year, we released the first beta version of Windows AntiSpyware. It helps detect and remove spyware and other potentially unwanted software by guarding against more than 50 ways that these programs try to enter your computer. We’re still developing the latest version of this technology, which we’re calling Windows Defender.
We’re also beginning broad public testing of Windows OneCare. This subscription service takes much of the work out of online protection, by automatically helping guard against spyware, phishing attacks and other threats. It also installs software updates and does other maintenance and tuning on your PC.
These new services are in addition to the security improvements we’ve made to our other products. We’ve added protections to everything from the current versions of Windows to the Hotmail e-mail service, and we’ve changed the way we build new software and services. Every new Microsoft product and service must pass a detailed security inspection before we release it.
PressPass: How do you think the changes Microsoft has made to its products and services reflect changes in awareness and concerns about security?
Roberts: Windows XP is a perfect example. Back in the mid-90’s, people were asking us to make it easier for them to use Windows to explore all of the budding possibilities for gaming, communications and discovery online. Now that the Internet touches most every part of our lives and the number and severity of threats have increased, online protection has become a primary concern.
That’s why Windows XP SP2 switched on the firewall and added other security enhancements. These changes significantly increase the safety of all people who use Windows XP.
PressPass: You have a reputation for taking your work home with you, in a sense, by performing regular security inspections on the computers of your friends and family. Do you gain much insight from them on how well Microsoft’s security resources and products are serving the needs of consumers?
Roberts: Yes, all of the time. When my fiancé’s 11-year-old daughter can’t understand the onscreen alerts or commands used in any of the security products that we’re publicly testing, I know we need to keep trying.
My family also provides constant reminders of just how broad and distinct the needs of our customers are. On one extreme, there are people like my my dad. He researches the latest security software and is always asking me how to modify programs so they’ll better serve his needs. Then there are people like my older sister. She is aware of the threat and fully capable of keeping her family’s PC up to date and secure. But she is too intimidated by the technology to even try.
I sent her a disk with Windows XP SP 2. When I called her to ensure she’d received it, she told me she’d placed it next to the computer for my 17-year-old nephew to install. All she had to do was plop it in the CD drawer, but she was frightened of breaking something. I’ll never stop doing everything I can to make sure my sister remains protected online. And that means, when I put my work hat on, my biggest concern is finding ways to helping protect those people like my sister – but who don’t have a 17-year-old at home – or a relative who works for Microsoft.