Computerworld
Home News Blogs ReviewsWhite Papers Newsletters IT Careers

resource center


Ads by TechWords

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Print edition

Microsoft's Report Card

By Carol Sliwa
January 13, 2003 12:00 PM ET
Recommended
(0)
Digg
Share/Email

Computerworld - Grades ranged from B+ to D- when Computerworld asked IT managers, analysts and security professionals to rate Microsoft's progress on its Trustworthy Computing initiative during the past year. Excerpts follow:


Charles Emery, senior vice president and CIO, Horizon Blue Cross Blue Shield, Newark, N.J.

Grade: B

Reason: "The automatic updates within the operating system are helpful and timely. Anything that receives as much focus as Microsoft is giving this issue is bound to improve, but sadly, there are people who are constantly trying to find new ways to break in."




Paul Lanham, senior vice president and CTO, Jones Apparel Group, Bristol, Pa.

Grade: D

Reason: "In the short term, I wouldn't give Microsoft high marks for now focusing on security issues that should have been embedded in their development process to begin with. They have a lot of history to deal with in the short term. Of course, it's easy to criticize their current state, but they at least get a good grade for recognizing the current reality that their market position could erode if basic measures in this area are not undertaken."




Andre Mendes, chief technology integration officer, the Public Broadcasting Service, Alexandria, Va.

Grade: B+

Reason: "On one side, they have obviously identified a lot of the problems that existed with their legacy environments and have aggressively addressed them. On the other side, there were a couple of occasions where they still reverted to minimizing the criticality of some of the holes."




Russ Cooper, security consultant, TruSecure Corp., Herndon, Va.

Grade: D-

Reason: "In my opinion, Microsoft hasn't made any perceivable progress in the last 12 months with respect to security. The security bulletin process has been up and down. Their responsiveness has been good and bad. Windows Update has been augmented by a lame sister known as Software Update Services."




Jason Fossen, a SANS Institute lecturer and president of Fossen Networking & Security, a Windows security consultancy.

Grade: B+

Reason: "Never before have Microsoft's future profits been so at risk by the security or insecurity of their products. Microsoft's entire XML/SOAP/.Net project to make the Web services business model a reality will sink if IT decision-makers believe it is insecure. Microsoft is betting the farm on .Net Web services; hence, they're motivated to shape up, and so far, they're following through."



Marc Maiffret, co-founder and chief hacking officer, eEye Digital Security, Aliso Viejo, Calif.

Grade: B

Reason: "At least when Microsoft makes a claim that they are doing something about security, they are making a little bit of effort. I wouldn't say it's enough to where it needs to be. But the effort they're putting into it is far more than other companies out there. I'd give almost every software company out there an F."



Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints

Additional Resources

Xerox
Win a color printer!
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Upgrade to Internet Explorer 8 today.
Save time and mitigate security risk. Deploy it now.
Sybase
NEXT-GENERATION MOBILITY PLATFORMS
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

How Controlling Access to Privileged Accounts Can Keep Insider Threat from Hurting Your Bottom Line
This white paper explores insider attacks and insider risk, and shows how to control them by controlling and monitoring access. The paper describes...  

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

Military Uses Bit9 Parity to Defend Against New Generation Attacks
When a military organization faced an exercise, in which there was an attempt to breach and infect the network, they decided to use...  

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

Eliminate Spam, Gain Productivity
In this exclusive whitepaper, learn all about the dangers of spam and the cost to your business....  

SaaS at Flextronics, Inc.
Dave Smoley, CIO of Flextronics, discusses the real value of software-as-a-service and why he chose Workday for his HR solution....

Accelerate SSL Encrypted Applications
The amount of SSL traffic is growing in the enterprise. Because it is encrypted, it cannot be properly controlled and accelerated. Blue Coat...  

Why Compliance Pays
This OnDemand webcast explores the relationship that firms with best compliance records have higher revenue, greater customer retention, lower financial losses from data...

ESG Lab Field Audit
Many companies have successfully implemented Riverbed WAN optimization solutions within their Cisco networks. This ESG Lab Field Audit document explores the success that...  

Agile Enterprise Content Management (ECM) for Rapid ROI
Find out how combining ECM and BPM will help adress issues about content rich business processes....

All White Papers | All Webcasts

Computerworld Reports

An Interactive eBook: Enterprise Security

The Business Case for Server Virtualization

Computerworld Technology Briefing: Intelligent Users Use Business Intelligence

All Computerworld Reports
 

Symantec Report on the Underground Economy
The Symantec Report on the Underground Economy examines activity on underground economy servers observed by Symantec between July 1st, 2007 and June 30th, 2008. It includes analysis and discussion of the goods and services advertised, advertisers participating in the economy, the servers and channels that host the trading, and a snapshot of piracy activity observed.
Download this white paper 
Data Loss Risks During Downsizing
With the dramatic increase in lost jobs, companies should be aware of the possibility that these employees may be walking off with their sensitive and confidential data. An independent study done by the Ponemon Institute surveyed employees leaving their jobs and taking company data with them. This type of data loss problem may be putting companies at risk for a potential data breach. This study will help you to understand what employees are doing with the data on the laptops their employers provided them.
Download this white paper 
3 Steps to Protect Confidential Data on Laptops
Learn how to avoid being part of the one-third of security breaches that occur due to laptop theft. This report outlines specific steps to help you secure confidential data and minimize the impact of data loss resulting from stolen or missing laptops.
Download this white paper 
Managing Spend on Information Security and Audit for Better Results
The benchmarks conducted by the IT Policy Compliance Group show almost all organizations have financial incentives exceeding 100 percent to make improvements to reduce financial risk from data loss, downtime and regulatory audit. This report includes findings covering the principal operational outcomes being experienced by organizations, financial risks, losses and returns, and the practices making the most difference to control risks, reduce costs, and improve results.
Download this Report! 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.