Posted by Jacqueline Beauchere, director, Trustworthy Computing Communications, Microsoft
Calling all young people between the ages of 13 and 18*: Do you sing, act, write, or otherwise create? Get those creative juices flowing; put your “mad (artistic) skillz” to work, and help promote a positive message about life online. Today, Microsoft is launching its first-ever Safer Online Teen Challenge. Teens are encouraged to submit creative works that champion one of many key messages about being smarter and more secure on the Internet. Works must be submitted by April 12, 2013, and our hundreds of thousands of thoughtful and learned Facebook fans will help select winners in five inspired categories: song, story/cartoon, skit/presentation, survey, and video. All submissions require English translations, but works are welcome in any language and from basically every corner of the world. Successful submissions may be featured on Microsoft‘s web properties – visited by millions – and cool prizes will be awarded to the most popular, compelling, and inventive entries. The contest starts right in time for the December holidays, so teens can imagine and create their visions over the school break.
By Adrienne Hall, General Manager, Trustworthy Computing
Regulatory compliance and managing security risks are two important challenges facing IT professionals today. From the Chief Information Security Officers (CISOs) we talk to, there’s steady interest in hearing more on these topics.
At Trustworthy Computing, we’re fortunate to have access to some of the best and brightest security minds – including security executives from around the world as well as our own internal experts. To help share that expertise with the broader security community, we’ve recently released two “CISO Perspectives” articles covering Risk and Compliance in the Cloud.
See more >>
Fighting security threats is a never-ending job. And Microsoft can’t do it alone.
One of our most successful partnership efforts is the Microsoft Active Protections Program (MAPP), through which we share threat information with security vendors ahead of our regular monthly security updates.
Recently, the Microsoft Security Response Center (MSRC) announced that MAPP would be expanded, adding more partners and giving our top collaborators even more time to create more comprehensive, higher-quality protections.
Posted by Kim Sanchez, director, Trustworthy Computing Communications, Microsoft
Chances are you have your mobile phone with you right now. These devices allow us to keep pace with the demands of our busy digital lifestyles. They also allow us to tell everyone, everything, all the time. There are multiple opinions on the breakdown of social etiquette due to oversharing information, but there’s no denying that certain mobile phone behaviors are not only annoying, they may even be risky.
Whether it’s loud talkers or not silencing a phone during a movie, some mobile manners like pocket dialing someone because your phone isn’t locked, or tagging photos without permission, may put personal information at risk. But who is better at protecting their personal information? Men, or women?
At Microsoft, we want to know what you think. That’s why we’re kicking off our Mobile Manners and Mayhem Facebook poll. Rank your biggest mobile phone pet peeves and tell us your own mobile mayhem story. On May 20, we’ll release the results and reveal who is better at protecting themselves online, men or women.
At a very young age, we are taught to share. Share our toys, our thoughts, our gratitude. But in today’s digital society, all this oversharing online, may put us in harm’s way. Your personal information is a valuable commodity to criminals and, just like your personal computer, your mobile phone is equally attractive to those who would misuse this information.
By Adrienne Hall, general manager, Trustworthy Computing
Are You and Your IT Staff on The Same Page?
For business leaders to make sound decisions related to ITsecurity, they need clear, timely information that maps to business goals.
Unfortunately, many IT professionals could do better in communicatingwith executives, according to a recent study conductedby the Ponemon Institute for the IT security firm Tripwire. See more >>
The second annual Cloud Security Alliance (CSA) EMEA Congress was held last month in Edinburgh, Scotland, where several hundred business leaders and security professionals participated in an interesting series of sessions and interactive demonstrations from 20+ cloud providers.
With more and more organizations moving from evaluating the cloud to actual deployment, it is not surprising that trust, transparency and compliance came up during this event. Cloud providers should be prepared to address questions in these areas.
I was invited to deliver a keynote presentation at the event, in which I outlined the investments Microsoft makes in three broad categories: 1) the development of secure cloud offerings; 2) datacenter security; and 3) incident response – communication to customers if and when the unexpected occurs.
Posted by David Bills, chief reliability strategist, Trustworthy Computing
Over the past couple weeks I have posted blogs talking about service reliability organizational goals, as well as causes of service outages and the associated mitigation strategies. Today I’d like to share some insight into just one of the methods Microsoft uses to design and build cloud services to help ensure our services can respond gracefully to outages. It’s not a new concept, but one that I believe is useful for providers and customers alike to be thinking about.
Just as threat modeling is an important step in the design process when security-related issues are being evaluated, fault modeling is an important step in the design process for building reliable cloud services. It’s about identifying the interaction points and dependencies of the service and enabling the engineering team to identify where investments should be made to ensure the service can be monitored effectively and issues detected quickly. And, in turn, even guiding the engineering team toward effective coping mechanisms so the service is better able to withstand, or mitigate, the fault.
Posted by: Tim Rains, Director, Trustworthy Computing
A big part of my job is talking to Chief Security Information Officers, Chief Security Officers, as well as VPs and Directors who manage risk for their organizations. For them, one of the top priorities that has emerged in the past couple of years is cloud computing. The businesses that these security executives support are evaluating the potential benefits of cloud computing and some have already started leveraging this new paradigm in an effort to increase productivity and lower costs. Security executives are, more often than not, involved in the evaluation and deployment processes for new online services.
Posted by: Jacqueline Beauchere, Director, Online Privacy and Safety
Before I go any further, I want to assure you that this is a legitimate Microsoft blog, and that I genuinely work for the company.
If you’ve received an unsolicited phone call from someone claiming association with Microsoft and offering technical support, or help with a security problem you didn’t know you had, I wouldn’t blame you for doubting me.
Unfortunately, in today’s day and age, a little suspicion is a good thing because increasingly devious, determined and resourceful criminals want to steal from you. Cash is what they really want, but personal information they can exploit for financial gain – that’ll do nicely, too, thank you.
By: Tim Rains, Director, Trustworthy Computing
The consumerization of IT, referred to by many people as “Bring Your Own Device” (BYOD), is a very hot topic these days as organizations grapple with the challenge of managing the risks in allowing organizational data to be placed on personal mobile devices, like smart phones. The challenge here is that some of the devices that employees decide to bring to work with them might not have the basic security or management capabilities. This challenge is compounded by the risks associated with these same devices connecting to ubiquitous social networks and the diverse ways organizations and people are choosing to connect and share data today – such as the utilization of cloud services.