TechEd 2005 - Raising the Security Bar Briefing

The first breakout/briefing session I attended was the Security one. Gordon Mangione, Corp VP - Security and Business Technology Unit gave the presentation . I wonder if he's any relation to Chuck? - ok that was bad but I'll bet he got asked that all time..... ok not really since Chuck Mangione's not as popular now as he was in the late 70's. Guess that makes me a bit old - ok, now I'm rambling.

I was impressed by the things he presented and here's some of the highlights:

1. Microsoft Engineers take the Trustworthy Computing training every year now.

2. 17,000,000 downloads of the beta of the Anti-Spyware product they released this winter. He said that an Enterprise version would be coming (we need that in the business world so we can manage the tool from one location and touch all of our desktops no matter where they are in the world).

3. Microsoft is finding that of those who are using the software, 10% of them are ignoring the warning when spyware is about to be installed and the software tries to warn them. I guess there is no helping some users.

4. The Microsoft Update Catalog is now available that combines several updates all in one location now. Things like Office, SQL, Exchange, and the OS are all in one location now.

5. Mike Chan then gave a demo on the new MBSA, WSUS and the new Microsoft Update web site. One nice thing to note is that the new version of MBSA can now detect if a patch has been deployed but the reboot has not occured yet.

6. Gordon then touched on some of the new things they want to enhance in IE7 (no date given on a target for release in the presentation). Things like IE will run as a lower privledged application than the current one does.

7. Gordon also mentioned that Microsoft gets 100,000 hacking attempts a day. Their E-mail servers get 12,000,000 messages sent to it a day and their filters block all but about 1,000,000 of them (that's a lot of messages going off to the bit bucket).

8. Gordon mentioned that Microsoft is in the middle of working on acquiring Sybari (it may not be news to you but I've been so busy lately that I didn't know it).

9. Lastly, Gordon talked about the upcoming Longhorn. He talked about some of the secuity changes that they are trying to make to make the end user experience more secure. He also shared info that Gartner has published stating that a managed desktop cuts the TCO from about $5400/year to $3400/year.