Yesterday I attended a Blogger Breakfast with members of the Microsoft Trustworthy Computing team. Marteen Goet of Techlog.org already posted an overview of the event here. Man, some of you bloggers are fast.
Anyway, here's some additional information on the topics discussed during the breakfast:
Security Perception - Microsoft vs. The World
The first discussion was all about how Microsoft security is perceived by the industry and customers. One of the bloggers in the room mentioned that people might be buying into the whole Mac ad campaign (Mac is impervious to assault, etc.). However, anyone who manages security for both Macs and Windows boxes knows Microsoft's entire security posture is much more mature. I'm not saying one product is more secure than the other (no flame war please). I'm saying Microsoft has a better security communication strategy and better enterprise update management tools.
Compare for yourself... explore each site below and decide for yourself which vendor provides more actionable and enterprise-ready info:
Like anything in IT, success requires three key components: people, process, and technology. Security is no different. So forget perception and stick with what works for you and your business. If you're comfortable with Apple, or Linux... more power to you. I appreciate diversity. Just don't discount the work accomplished by the Microsoft Trustworthy Computing group. In my opinion their people/processes are ahead of the competition. The technology is MUCH better than it used to be... but still has room for improvement. Can we all agree on that much?
Vista User Account Control (UAC)
What would any Microsoft security roundtable be without a group of people bagging on UAC? After everyone got done venting Michael Howard asked a great question - "OK, if UAC is so bad how do we fix it". The room fell silent. Being the new guy I gave everyone else a few seconds to answer... then jumped in with an idea that's been floating around in my head for a while now. Improve UAC by integrating a rating system similar to the SpyNet rating for potential spyware. This way the average user can make a more informed decision about whether or not to click 'Continue'.
Here's a mock-up of what I'm talking about:
This would need to be an opt-in setting... and it should also expose hooks so 3rd parties can provide rankings if organizations don't want to rely on Microsoft's SpyNet (or whatever they'd use). However, as it stands right now UAC has limited value and needs to be improved for people to leave it enabled.
Interestingly enough, one of the Microsoft speakers said they were having internal discussions about this exact idea. Cool!
... I've gotta run to the TLC to work my shift at the WSUS booth. Will post more info re: the breakfast later today. --Jeff