For some time, Microsoft has been stumping for what it calls collective defense as a way to minimize the threat...
posed by inadequately protected consumer PCs. Is such a program technologically feasible?
At RSA 2011, Scott Charney, corporate vice president of Microsoft's Trustworthy Computing Group, talked about collective defense, otherwise known as an Internet health check, network access control, trusted network connect, and other permutations depending on which industry group you are talking to. Charney and Microsoft have been talking about this over the last year or more. To expand on another recent user question, the technological feasibility of performing NAC on a large scale is unknown, which Charney alluded to in his RSA keynote.
There are some large policy issues that would need to be resolved prior to ISPs or other organizations being able or allowed to check the security or health of customer or client systems on a large scale. The issue of who would determine what settings are secure enough for online banking, watching YouTube videos, accessing educational content, social networking, etc., is potentially difficult to overcome. Such a policy, if put into practice, would also need address the issue of user privacy. Many organizations, though, have overcome these hurdles to implement NAC on their networks, but have done so under the auspices of corporate usage agreements and security policies.
One of the potential information security threats involved with the Microsoft security check proposal is companies need to be able to trust the system performing the checks: If an attacker were to take over the system that controlled the health checks, he or she could perform malicious actions against every computer attempting to connect to the Internet via that ISP – obviously a serious risk. Organizations would also need to be prepared for checks that turn up false negatives, since it's possible that newer or targeted malware could subvert the health check.
Dig Deeper on Microsoft Windows security
Related Q&A from Nick Lewis
Can Structured Threat Information eXpression improve threat intelligence sharing? Nick Lewis breaks down the evolution of the STIX security framework.continue reading
A new type of WordPress malware, WP-Base-SEO, disguises itself as an SEO plug-in that opens backdoors. Nick Lewis explains how it works and how to ...continue reading
A new exploit of CLDAP servers can be used for a DDoS reflection attack that gives attackers a 70x boost. Nick Lewis explains how to defend against ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.