Microsoft hails "real progress" on improving security

Microsoft claims it has made "real progress" in the last year towards its goal of Trustworthy Computing but criticised businesses for failing to be more proactive on security.

Speaking at the Microsoft Worldwide Partner conference in Toronto, Mike Nash, corporate VP of the security business and technology unit at Microsoft, said key milestones include the forthcoming Windows XP Service Pack 2 and the availability of Internet Security and Acceleration Server 2004 standard edition.

The overhaul of Microsoft's security update tools and processes has also yielded results. There has been a 400 per cent growth in consumer use of Windows Automatic Update in the last 10 months, and 112,000 unique servers now connect to Microsoft's website for software update services.

But Nash said many users are still too reactive about security. "I'm still surprised how many customers have not thought about a security plan," he said.

He also urged partners and resellers to push customers into upgrading to the latest versions of Windows because of the security benefits but admitted this is unrealistic to expect.

But as a matter of priority Nash said users should look for the latest versions of Microsoft software for "servers that face the internet and machines and laptops that are mobile".

"Customers who use Windows Server 2003 are much more secure than those who use Windows 2000," he said.

Microsoft also unveiled new security technology that will allow IT managers to prevent end users connecting to the corporate network unless their machine has the correct updates and security policies installed.

The Network Access Protection (NAP) technology will detect the "health state" of a PC or laptop attempting to connect to the network and will be shipped as part of the Windows Server 2003 update release, codenamed R2, which is due next year.

Specifically NAP determines whether a networked client machine is compliant with IT-defined network access policies when they try to connect. It then automatically restricts noncompliant machines to a separate, restricted network where the necessary patch and antivirus updates are available. Once the machine is updated the client is automatically revalidated for network access.

Microsoft CEO Steve Ballmer also admitted there is still some way to go on the Trustworthy Computing road. "We're not acceptable on security but we're ahead of the other guys," he said at the conference.