By Ron Grattopp …..Back in September, I did a post called “The greatest browser security technology you probably never heard of…” which was a security focused post around the idea that socially-engineered (SE) malware is a far more prevalent threat today than the classic vulnerability exploit (aka drive-by attack) and, of course, extolling the virtue of our SmartScreen technology as offering the best protection against this form of malware. So this post is something of a continuation of that but on a different tack – how important is browser security to you and your customer? Of course, as usual, my main purpose in my blog is to provide our Microsoft partners with ideas and talking points that they can use in customer conversations around motivating “our” customers to deploy and depend on the Microsoft platform, in this case browser security. But it’s also another example of the attention and focus that Microsoft puts on security “all up” (as we like to say internally) as a follow on to my “Happy birthday TwC” post (Jan 2012).
Some weeks back, NSS Labs (an “Independent Security Research and Testing” organization) released an updated browser security analysis and report, NSS Labs 2-6-2012 Browser Security Analysis Brief. Of course copyright prevents me from actually showing you (reproducing) screenshots of their graphics depicting the data, but in their graphic labeled “Socially Engineered Malware Protection over time - North America (December 2, 2011 — January 5, 2012) on page 2, I can tell you that I think you’ll be impressed with the apparent disparity between the capabilities of the various browsers. I should note that the title of the report is: “Did Google pull a fast one on Firefox and Safari users?” and the majority of the report is centered on something called the “Safe Browsing API v2” which Google owns and is (presumably) shared among the Chrome, Firefox, and Safari browsers – so this is definitely NOT a recommended read <grin> unless you want to of course. With that in mind, however, I’m going to distill out what I think are the key take-aways from this report for your customer conversations:
In closing, I know you’re not selling IE, so this isn’t so much about convincing your customers to use IE as it is about helping your customers understand the impact of Microsoft’s ongoing and deep commitment to security as a compelling reason to bet on the Microsoft platform for their IT needs. That’s the aspect you want to weave into the customer conversation you might have around any of our solutions and technologies that your customer might be using or investigating. Case in point, I know many of your customers have questions about the security of the cloud – this, and the TwC, and other proof points should at least help them understand that no one else is going to be as equipped as Microsoft to understand and provide the protection and privacy that businesses need in this new online age.
Cheers, as always, Ron