Microsoft describes internal security efforts

By

Microsoft's newly appointed CIO Ron Markezich talked about the vendor's internal IT security in a presentation Thursday at Microsoft's campus in Mountain View, Calif.

Microsoft counts some 300,000 devices, including PCs and servers, 56,000 employees, more than 3 million email messages per day internally, and 7 million remote connections per month, he said.


"When I have to roll out a patch, I worry about 300,000 machines," Markezich said.

Patch management is a major focus of Microsoft's network interior security efforts. "I deploy patches at the same time as customers do," he said.

Markezich gives employees 24 hours to apply emergency patches to systems themselves. After 24 hours, he applies the patches using Microsoft's SMS (Systems Management Service).

Microsoft uses IPSec segmentation, which limits untrusted devices from accessing trusted devices, he said. The company uses smart cards for external access and is now piloting them for internal use, he added.

In its IT security program, Microsoft focuses on training employees about security policies, enforcing policies, optimizing processes such as patch management, and integrated technology, Markezich said.

www.microsoft.com

 

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Log In

  |  Forgot your password?