MICA Specialties Banner


 

Seven years ago, Microsoft made a commitment to a dramatic shift in the company's mission and strategy – to focus on making more secure and reliable products and services, protecting customers' privacy, and being more transparent and responsive in their business practices. They call this Trustworthy Computing (TwC), and it infuses everything they do.

 

Trustworthy Computing

by Microsoft

Privacy and Online Safety

Although we may always have to deal with some spam, we continue to make great progress in protecting inboxes through collaboration with industry and government, consumer education, and technical innovations. Industry-wide legal efforts and partnerships with law enforcement have helped stop some of the highest-volume spammers in the world. The SmartScreen filtering technology in Windows Live Mail blocks more than 3.4 billion spam email messages every day. The next version of Microsoft Exchange will include even more robust and accurate anti-spam technology that makes it easier for IT administrators to keep unwanted email out of corporate inboxes. And, across the industry, Microsoft is working to reduce spam and phishing attacks by developing technology to authenticate the identity and reputation of email senders.


While people still need to be vigilant and protective of their personal information, innovative software can be a powerful first line of defense. The Microsoft Phishing Filter for Windows Vista, Internet Explorer 7, and the Windows Live toolbar help sniff out “phishing” attacks and malicious Web sites, offering cyber criminals fewer opportunities to deceive and defraud. In addition, more than 17.5 million customers are regularly using Windows Defender to protect themselves from spyware threats; Defender will be included in every copy of Windows Vista and available to genuine Windows XP customers.

We're also working with policymakers and industry leaders in the United States to encourage federal laws that establish baseline privacy protections for consumers while still allowing commerce to flourish. And, since privacy threats know no borders, we're also working with governments around the world to make privacy laws as consistent as possible..

We've adopted a single privacy notice across all our online properties. Known as a “layered notice,” this policy explains – briefly and in simple language – Microsoft's policies and customers' rights with regard to the personal information they share with the company. Included are links to full legal statements and other relevant information so people can learn more if they choose..

The last few years have shown that privacy and data protection are also critical issues for businesses. Windows Rights Management technology is already helping companies safeguard information from unauthorized use, and with the advent of Microsoft Office 2007 we offer even more ways to protect sensitive data. For instance, Office 2007 includes a Document Inspector that helps information workers remove unwanted data (such as author names or revision marks) before they publish documents. It will also include a new Trust Center to help customers manage security settings and understand and control how and whether their applications communicate with Microsoft. BitLocker Drive Encryption, a hardware-based data protection feature, addresses growing concerns over corporate and customer data being accessed from lost or stolen machines..



Security

As software drives more of the devices we use every day and cyber criminals continue to find new ways to disrupt, vandalize and steal on the Internet, helping ensure security remains a critical part of Trustworthy Computing. Since security threats evolve over time, we must not only work to create software that is more resilient to today's threats, but also watch for new threats and work aggressively to respond to these as they emerge.


Microsoft works closely with other software vendors, the research community and security companies to find better ways to build more secure software, locate vulnerabilities, collaboratively address issues as they arise, and establish best practices across the industry. We partner with law enforcement worldwide to help find and catch individuals who write and distribute malicious software. And, when a new issue threatens customers, our Security Response Center mobilizes teams to investigate, fix and learn from security vulnerabilities. We continue to release security updates on a regular schedule.

We're also working to educate consumers about security and privacy issues, and provide new tools to help them maintain and secure their computers through various services. One such service is Windows Live OneCare – a simple and automated way to maintain the health of PCs by helping manage ongoing maintenance, including antivirus and firewall protections, data backup, and regular PC performance-tuning and software updates.

The Microsoft Windows Malicious Software Removal Tool removes Malware from over 200 million PCs every month and has helped dramatically reduce the number of “bot” infections. A worldwide education campaign on Microsoft.com provides tools and information on how to protect customers' PCs.

At Microsoft, the work of every software developer is anchored in security and privacy though practices such as our Security Development Lifecycle (SDL), and automated tools that help identify and prevent common programming mistakes that can result in security vulnerabilities and data leakages. The SDL and other engineering practices have greatly reduced the number of critical and important security bulletins for our key products. Windows Vista is the first operating system (OS) developed end-to-end under the SDL; as such, it will be the most secure, privacy-enhancing and reliable OS we've ever shipped.

Tens of thousands of customers participated in the Windows Vista beta and over 130,000 customer feedback reports were reviewed. Windows Vista features extensive security improvements in everything from user account control and smartcard support to enhanced firewall protection and encryption capabilities that help protect sensitive data if your PC is lost or stolen. By default, Windows Vista runs with limited permissions, requiring an administrator password before installing new software or changing some settings, reducing the potential for malicious or inadvertent damage. Improved firewalls will monitor inbound and outbound network traffic to block potentially risky applications and mitigate the impact of malware. Secure startup technology will monitor critical system files and prevent the computer from booting up if they have been compromised.

Microsoft Office 2007 also features significant security enhancements, including Trusted Locations that help corporate IT administrators ensure the security of the solutions they deploy across their entire infrastructure, as well as a Trust Bar that will enable computer users to review security information about the documents they receive and block potentially harmful content.



Reliability

Over the past few years, we've made great progress in improving the reliability of our products, as well as other software built on our platform, through continuous improvement technologies – software that can diagnose, report, and fix problems as they arise. For example, the error-reporting features in Microsoft Office 2007 perform thorough diagnostics when applications hang or crash, including checking the computer's hard disk and memory and verifying that the customer's software is up-to-date and uncorrupted. This version automatically diagnoses and fixes many common hardware, networking and performance issues, and works to protect the registry and user data in the event of a problem. It can dynamically keep track of system resources, and help avoid performance and reliability issues when running a large number of applications.

In corporate environments, Office 2007 provides more tools to help IT administrators keep track of performance across the network, keep users' machines up-to-date, and reduce interruptions due to software or hardware failures.



Looking Ahead

Microsoft has spent the past five years working to transform the company around Trustworthy Computing, and it has improved by an order of magnitude in each of the areas noted above. But, there's still plenty of work to do. We've only tapped a fraction of computing's vast potential, and the coming years will continue to bring new innovations that transform how we live and work.


The world of PCs and servers is evolving into a rich web of connected devices and services and computing has become enmeshed into the fabric of our lives. This is why Trustworthy Computing has to do more than address today's challenges – it must ensure that the innovations people will rely on tomorrow are designed from the outset to be reliable and secure, respectful of their privacy, and supported by trustworthy and responsive companies.

For more information about Trustworthy Computing, please visit www.microsoft.com/twc.