For some time, Microsoft has been stumping for what it calls collective defense as a way to minimize the threat posed by inadequately protected consumer PCs. Is such a program technologically feasible?
At RSA 2011, Scott Charney, corporate vice president of Microsoft's Trustworthy Computing Group, talked about collective defense, otherwise known as an Internet health check, network access control, trusted network connect, and other permutations depending on which industry group you are talking to. Charney and Microsoft have been talking about this over the last year or more. To expand on another recent user question, the technological feasibility of performing NAC on a large scale is unknown, which Charney alluded to in his RSA keynote.
There are some large policy issues that would need to be resolved prior to ISPs or other organizations being able or allowed to check the security or health of customer or client systems on a large scale. The issue of who would determine what settings are secure enough for online banking, watching YouTube videos, accessing educational content, social networking, etc., is potentially difficult to overcome. Such a policy, if put into practice, would also need address the issue of user privacy. Many organizations, though, have overcome these hurdles to implement NAC on their networks, but have done so under the auspices of corporate usage agreements and security policies.
One of the potential information security threats involved with the Microsoft security check proposal is companies need to be able to trust the system performing the checks: If an attacker were to take over the system that controlled the health checks, he or she could perform malicious actions against every computer attempting to connect to the Internet via that ISP – obviously a serious risk. Organizations would also need to be prepared for checks that turn up false negatives, since it's possible that newer or targeted malware could subvert the health check.
This was first published in August 2011