Microsoft IT is regularly posting articles as best practices information about how Mirosoft's internal IT is operating their systems and services. I have picked out some interesting and security related posts:

Enabling Information Security through HBI Information Classification
Technical Case Study

Disclosure of High Business Impact (HBI) information might cause severe material loss to Microsoft, the information asset owner, or relying parties. By using Microsoft technologies in conjunction with a third-party solution, Microsoft Information Technology (Microsoft IT) designed and implemented a system that automatically identifies and classifies HBI information at risk, and then starts the remediation process.

Non-secure sensitive information is perhaps the greatest business risk facing many companies today. The loss or theft of HBI information is of particular concern. The loss or theft of HBI information may result in security breaches that cause losses in revenue, productivity, reputation, brand value, or even a company’s competitive advantage if the information includes key intellectual property (IP).

At Microsoft, about 100 terabytes of data is spread over 110,000 managed Microsoft® SharePoint® sites and over 30,000 file shares across the company where HBI information may reside. Microsoft must use technology to help prevent unauthorized disclosure—whether inadvertent or malicious—of this information.

This paper describes the approach, design, implementation, and benefits of such a technical solution at Microsoft. The paper also provides suggested best practices so that Microsoft customers can benefit from the lessons that the project team learned. This paper is intended for IT professionals who design and manage compliance systems, in addition to risk managers and compliance auditors.

Information Security at Microsoft Overview
Technical White Paper

The purpose of this white paper is to share the Microsoft strategy for information security. Microsoft Information Technology (Microsoft IT) provides global IT and information security services for Microsoft. This paper focuses on how the Information Security organization within Microsoft IT helps Microsoft protect its digital assets. The goal of this paper is to offer the experience and perspective of Microsoft IT to Microsoft customers who want to improve security in their own IT environments and protection of digital assets.

Microsoft IT Deployment of System Center Data Protection Manager 2007
Technical Case Study

The Microsoft Information Technology (Microsoft IT) deployment of Microsoft® System Center Data Protection Manager 2007 enabled administrators to back up more data in a shorter time frame while offering native support for Microsoft Exchange Server 2007, Microsoft Office SharePoint® Server 2007, and Microsoft SQL Server® 2005 technologies. This approach has shortened recovery times and has enabled a centralized backup approach for multiple server and application platforms.

Microsoft Corporation has operations in more than 80 countries worldwide. As more information is created through the collaborative software suites that Microsoft designs, the operations that support this global infrastructure face increasing demands. Microsoft IT supports this global infrastructure through three major data centers located in the United States, Ireland, and Singapore. These centralized data centers provide services such as document collaboration through Office SharePoint Server, Exchange Server, and numerous applications that SQL Server supports.

This case study describes Microsoft IT's deployment of Data Protection Manager 2007 to address its backup needs. This paper is intended for enterprise decision makers and chief information officers who are considering the deployment of a similar solution in their environments.

Links of ducuments, if hyperlinks in article are not working:
http://technet.microsoft.com/en-us/library/bb897856.aspx
http://technet.microsoft.com/en-us/library/bb671086.aspx
http://technet.microsoft.com/en-us/library/bb897855.aspx 

Urs