Microsoft steps up security

Microsoft used its annual Exchange conference last week to fight back against accusations that it is weak on security.

Microsoft used its annual Exchange conference last week to fight back against accusations that it is weak on security.

The company has come under fire in recent weeks in the aftermath of the damaging Code Red and Nimda worm attacks, which both hit the same vulnerabilities in Microsoft's Internet Information Server (IIS) software. Analyst group Gartner went as far as recommending that companies look into replacing it with more secure server software.

While at pains to point out that, as market leader, Microsoft software will be the main target for virus writers, company officials admitted that security was a problem.

To this end, the company launched a security initiative, called the Strategic Technology Protection Program, which, it said, "marks an unprecedented mobilisation of Microsoft's people and resources to proactively assist customers of any size to secure their computing environments".

Brian Valentine, senior vice-president of the Windows division at Microsoft, said, "[Security] is a problem that affects the entire industry, but we recognise there is more work to do. Effective immediately, we are stepping up our efforts with the singular focus of ensuring the security of our customers' networks and businesses."

The first phase of the scheme, called Get Secure, will include free virus-related product support and an online Security Toolkit that includes a lockdown tool for Windows 2000 IIS.

A second, longer-term phase of the programme, called Stay Secure, will provide customers with the tools, technologies and resources they need to stay secure, said Microsoft. As part of this phase, the company will deliver the next version of IIS locked down by default, providing customers with an automated tool to customise and secure the server software.

Kevin McCuistion, group product manager of Exchange at Microsoft, said users also have a role to play in improving security.

"We are committed to working with customers, but users also need to be proactive - patches that would have prevented the Nimda virus were available for weeks before it struck," he said.

[email protected]

Read more on Business applications

SearchCIO
SearchSecurity
SearchNetworking
SearchDataCenter
SearchDataManagement
Close