Interview

Microsoft has high hopes for Vista security

SearchSecurity.com Staff

    Requires Free Membership to View

RSA Conference 2007

Can't make it to the show? SearchSecurity.com staff members are on the RSA floor, on hand to deliver the latest RSA Conference 2007 news and updates.
What are the early returns like from customers on the new security features in Vista?

The feedback has been almost universally positive. We've had a huge number of beta customers, something over a million of them, running the earlier versions of Vista, so we've received a lot of security, performance and reliability feedback from them. There are a number of utilities in Vista that can send data back to us automatically whenever something hangs or crashes and we can collect and analyze that and look for spikes that indicate problems. Talking to customers, the security aspects of Vista get a lot of mentions. We've spent a lot of time improving the usability of the security controls like User Account Control to reduce the number of pop-ups customers get.
"Obviously zero vulnerabilities would be great...I'm hoping for a reduction of at least 50 percent over XP."
Ben Fathi,
vice president of the Security Technology Unit at Microsoft
If we have another conversation in six months, what kind of security performance would you like to see from Vista at that point?

Obviously zero vulnerabilities would be great. I'd be dancing in the streets with that. But the number should be very small. I'm hoping for a reduction of at least 50 percent over XP. One thing that happens when a new OS comes out is that the research community shifts its attention to the new version. But because of the defense in depth approach that we've taken, it improves the end-user experience so that if there is a vulnerability, they're protected. With big vendors such as Microsoft and Cisco building more security into their products, does that reduce the opportunity for independent security vendors over time?

I hope and believe that there's plenty of opportunity for them to innovate and add protections both on top of and underneath the system. There are a lot of categories that we're not going to get into. But as we improve the security of the base product, some of the other vendors' products may not be as interesting as they once were.

<< Return to our special coverage of RSA Conference 2007


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: