Microsoft is pledging a firm commitment to security with measures such as equipping its upcoming Windows 2000 operating system with 128-bit encryption and interacting with users and rival vendors to detect software breaches and bugs, a high-ranking company official said in a keynote speech at the RSA Conference 2000 show here last week.
User privacy is also a paramount concern, said the official, Brian Valentine, who is senior vice president of Microsoft's Windows 2000 product group.
`The reason I'm here is to do an industry call-to-action,' for developers, vendors and others to boost computer security, Valentine said in his opening remarks.
Included in Microsoft's plans are 24 x 7 security hotlines, consultations, and collaboration with other vendors on security issues. Microsoft will relaunch its security response centres to provide the around-the-clock responses and will respond to issues within 24 hours, Valentine said. `We can't just trust the end user to solve these problems themselves.'
Microsoft has made a comprehensive effort to build Windows 2000 with security in mind, including having a staff of 15 people study the code for breaches, denials of service, and bugs.
A preliminary version of the product also was put on the Internet to enable users to look for security breaches, Valentine said. Within two weeks, four denials of service bugs were found, but no breaches were discovered, he said. `We put it completely naked on the Internet,' Valentine said.
Additionally, Microsoft in the latter half of this year plans to hold a summit meeting with vendors, customers, and other interested parties to discuss privacy and security issues. Also part of Microsoft's efforts is its security advisory council.
A consumer privacy and security Web site will be set up, Valentine said. Microsoft already has a Web site for these issues that is tailored to IT professionals, at [ital]www.microsoft.com/security[ital]`We believe as a company that if we don't deal with some of the privacy issues . . . it will affect e-commerce to where people won't trust,' what is on the Internet, Valentine said.
A conference attendee said that Microsoft officials were making all the right statements pertaining to security, but it remains to be seen whether the company can live up to its commitment.
`I don't think anybody has been satisfied,' with the security of Microsoft products, said the attendee, a software project manager at a computer-related vendor who requested anonymity.
Microsoft's success in marketing its products to the masses has made it a favourite target of virus writers and hackers, the attendee said.