News

Microsoft Kicks Off Massive Security Training Push

• By Scott Bekker
• 04/07/2004

Billing the Microsoft Security Summit as an extension of CEO Steve Ballmer's commitment last fall to increase security training and education, Microsoft officials are using the events to promote security best practices and discuss the company's security roadmap with IT administrators and developers.

"We're committed to training 500,000 customers," said Susan Hauser, Microsoft's general manager for the New York/New Jersey district, before introducing keynote speaker Mike Nash, the corporate vice president for Microsoft's Security Business Unit, on Wednesday.

Nash provided the keynote at two kickoff events in New York this week. The free events will also be held in Anaheim, Atlanta, Boston, Charlotte, Chicago, Dallas, Denver, Detroit, Houston, Minneapolis, Orlando, Philadelphia, Phoenix, Raleigh, San Francisco, Santa Clara, Seattle, St. Louis and Washington, D.C. (Click here for schedule and event information).

Details of Microsoft's strategy, recommendations and roadmap for security laid out in the Nash keynote were little changed from other recent Microsoft officials' speeches. However, there is one change to the familiar script -- Nash is beginning to emphasize return on investment and business opportunities in security.

Rather than talking only about the avoidance of risk and economic catastrophe as a reason to invest in security, Nash said there is business value to be derived from security. Improving security can allow customers to connect and share information with more confidence, integration with partners including the exchange of sensitive documents and information, and empowerment of employees through self-maintenance of HR data.

As for the basic product roadmap, according to Nash, Windows XP Service Pack 2 is still on track for the first half of this year, along with the broad training and education effort that the security summits are part of and the release of Internet Security & Acceleration Server 2004. Coming in the second half of 2004 are Windows Server 2003 Service Pack 1, advanced client inspection and updating enhancements.

Delivery of advanced client inspection seems fluid. It is described at times as part of Windows Server 2003 SP1 and at other times as separate technology. In any event, the capability would allow laptops and remote systems to be checked upon log-in to the corporate network for proper configuration and up-to-date security. Any shortcomings in those areas would result in the system being quarantined until the necessary updates and changes could be made.

The updating enhancements coming in the second half include the consolidation of Windows Update, Office Update, Download Center and VS Update into a catchall Microsoft Update, according to Nash's PowerPoint presentation. Meanwhile, Nash said, Microsoft continues its work to reduce its current eight update installation technologies down to two -- one for the operating system kernel and one for anything layered on top of the kernel. But Nash said the company will pursue a single installation experience to make the differences in technologies transparent to users.