I am totally stoked for the launch of the announced Microsoft Language Portal. String and term search across all Microsoft products in all languages? Umami!
Until then, you can DL a spreadsheet with "select core terminology" at http://www.microsoft.com/globaldev/tools/MILSGlossary.mspx.
Read this story about Jerome Kerviel, and get worried.
According to news reports this guy:
That's all pretty general - but, uh, when was your last security audit?
Some stuff from Microsoft that'll help you:
“The Microsoft Security Assessment Tool, known as MSAT, is a free tool in that is localized in 16 languages. It is designed to help small to midsize organizations assess security weaknesses in their current IT environment. MSAT consists of over 200 security questions using a Defense-in-Depth framework reviewing the organization's infrastructure, application, operations, and personnel. From the assessment, customer's gain great insight into their security posture through a comprehensive report that consists of Microsoft and industry noted recommendations to help them prioritize their security activities. Partners can leverage this tool to provide additional value added security services for their customers and gain partner points for uploading encrypted customer results. For more information on the Microsoft Security Assessment Tool and the download location go to the Technet Security Tools website.”
Threats and Countermeasures Guide. "The Threats and Countermeasures guide provides you with a reference to all security settings that provide countermeasures for specific threats against current versions of the Windows operating systems. Many of the countermeasures that are described in this guide are not intended for specific computer roles in the companion guides, or in some cases for any roles at all.
The Windows Server 2003 Security Guide, which is available at http://go.microsoft.com/fwlink/?LinkId=14845, "provides specific recommendations about how to harden computers that run Windows Server 2003 SP1 in three distinct enterprise environments—one in which older operating systems such as Windows NT 4.0 and Windows 98 must be supported, one in which Windows 2000 is the earliest version of the Windows operating system in use, and one in which concern about security is so great that significant loss of client functionality and manageability is considered an acceptable tradeoff to achieve maximum security. "
The Windows XP Security Guide, which is available at http://go.microsoft.com/fwlink/?LinkId=14839, provides specific recommendations about how to harden computers that run Windows XP with SP2 in three distinct environments:
Oh, and if you havent already, you'd better start looking at deploying Vista SP1 and Windows XP SP3.
Are you still reading? How about these?
You have followed all the recent annoucements about Microsoft and virtual technologies. You may have missed that the upcoming launch event will have an online "virtual" version for those who cannot attend in meatspace. Watch the blog about it here: http://blogs.technet.com/mleworthy/archive/2008/01/24/heroes-happen-here-virtual-launch-event.aspx
See a YouTube video preview of the experience here: http://www.youtube.com/watch?v=nfWYgEbUaRY
Check out new 'casts from IT Showcase on internal Microsoft security:
How Microsoft IT Manages Physical Security through Strategic IT Convergence
Join this session to gain a better understanding of the Microsoft Worldwide Security Operations and how they protect Microsoft assets in a manner consistent with corporate culture. Through the strategic deployment of security systems, the Microsoft Corporate Security group is improving the way it protects Microsoft assets, information, and employees.
and sign up for Feb:
TechNet Webcast: How Microsoft IT Uses Forefront Client Security (Level 200)
Join this webcast to learn how Microsoft has deployed Microsoft Forefront Client Security on approximately 50,000 machines. In this session, we review Microsoft IT’s experience with Forefront Client Security, and also discuss architectural considerations in deploying Forefront Client Security at Microsoft.
TechNet edge has a good new video chat with the PM for NAP and the Microsoft IT guy who ran all of Microsoft;s internal deployment (ww) on 2 NAP servers! It's a little over 33 mins long - which is longer than many of the vids. Check it out at: http://edge.technet.com/Media/Network-Access-Protection-with-Microsofts-IT/. Stars: Jeff Sigman (the one with the anime hair) from the NAP team and Brent Atkison from MSIT. The notes state:
"Microsoft turned reporting and deferred enforcement on 120,000 machines worldwide, using a very small number of servers. Very small. Less than 3. Total help desk calls as a result? Also a very small number. Oh, and he did that deployment using beta builds of Longhorn Server 2008.(this video was originally posted to Channel9 back before Edge existed, but since it's really IT content, not dev, I wanted to put it up over where it belongs)"
The third volume of the Microsoft Security Intelligence Report (SIR) is now available.
SIR Volume 3 (January through June 2007) and Key Findings Summary:http://go.microsoft.com/fwlink/?LinkID=103122&clcid=0x409
The Microsoft Security Intelligence Report (SIR) provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Each individual report focuses on data and trends observed in either the first or second half of each calendar year and uses historical data to provide context. The purpose of the SIR is to keep Microsoft’s customers informed of the major trends in the threat landscape and to provide valuable insights and security guidance designed to help customers improve their security posture in the face of these threats.
Previously released volumes of the SIR are also available for download.
SIR Volume 2 (July through December 2006):http://go.microsoft.com/fwlink/?LinkID=88436&clcid=0x409 Webcast:Security Intelligence Report (July-December 2006) Webcast
SIR Volume 1 (January through June 2006): http://go.microsoft.com/?linkid=6543860
Who loves ya baby? Microsoft Security - that's who.
The upcoming WS08 launch event has a teaser here: http://www.microsoft.com/heroeshappenhere/cool-stuff/default.mspx that promises a virtual launch event (click on virtual launch experience), complete with "virtual backpack" that'll allow you to "collect the content you want to keep".
Imagine the trees that'll be saved... this launch looks like it might have the lowest carbon footprint Microsoft has ever thrown.
The "host" looks like she might be related to Ms. Dewey...
Anyone who says either:
1) Microsoft adpersons have not sense of humor
2) No one at Microsoft is upset about Billg leaving
...should watch this.
Watch the longer version of this video (and read the story of the Lone Server) here: http://blogs.technet.com/windowsserver/pages/about-lone-server.aspx