RSA 2010: computer health check could stem spread of viruses

Microsoft has raised the idea of enforcing computer system "health checks" before they are allowed to connect to the internet as a way of curbing malware infections.

Microsoft has raised the idea of enforcing computer system "health checks" before they are allowed to connect to the internet as a way of curbing malware infections.

"Many corporate computers are scanned for malware before they are allowed to connect remotely to internal networks. But the same is not true for most other computers that connect to the internet," Steve Lipner, senior director of security engineering strategy at Microsoft, told Computer Weekly.

Scott Charney, corporate vice-president of Microsoft's Trustworthy Computing Group, said in his keynote presentation at the RSA Conference 2010 that the healthcare model could be applied in cyberspace.

A cyber equivalent of the World Health Organisation could, for example, require all computers to pass a malware check before being allowed to connect, he said.

"The healthcare analogy is a good one because malware, like disease, is not only a threat to the carrier, but to the whole online community," said Lipner.

This idea is certainly technically possible, but needs to be explored from a social, political and economic point of view to see to what degree it makes sense in these contexts, he said.

Such an initiative would involve private enterprise, but that would only be able to go so far before government involvement would be required, said Lipner.

"End-to-end security on the internet or in the cloud needs government to be in dialogue with all the other stakeholders," he said.

Government involvement also needs to extend beyond the US, because although a single country would be able to make a dent, several working together would be more effective, said Lipner.


Image: Liane Riss / WestEnd61/Rex Features

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close