For some time, Microsoft has been stumping for what it calls collective defense as a way to minimize the threat posed by inadequately protected consumer PCs. Is such a program technologically feasible?
At RSA 2011, Scott Charney, corporate vice president of Microsoft's Trustworthy Computing Group, talked about collective defense, otherwise known as an Internet health check, network access control, trusted network connect, and other permutations depending on which industry group you are talking to. Charney and Microsoft have been talking about this over the last year or more. To expand on another recent user question, the technological feasibility of performing NAC on a large scale is unknown, which Charney alluded to in his RSA keynote.
There are some large policy issues that would need to be resolved prior to ISPs or other organizations being able or allowed to check the security or health of customer or client systems on a large scale. The issue of who would determine what settings are secure enough for online banking, watching YouTube videos, accessing educational content, social networking, etc., is potentially difficult to overcome. Such a policy, if put into practice, would also need address the issue of user privacy. Many organizations, though, have overcome these hurdles to implement NAC on their networks, but have done so under the auspices of corporate usage agreements and security policies.
One of the potential information security threats involved with the Microsoft security check proposal is companies need to be able to trust the system performing the checks: If an attacker were to take over the system that controlled the health checks, he or she could perform malicious actions against every computer attempting to connect to the Internet via that ISP – obviously a serious risk. Organizations would also need to be prepared for checks that turn up false negatives, since it's possible that newer or targeted malware could subvert the health check.
Dig Deeper on Microsoft Windows security
Related Q&A from Nick Lewis
Enterprises have many options for email security best practices, ranging from deploying email security protocols to educating end users on the ... Continue Reading
Cyberattacks often begin with a port scan attack, which attackers use to find exploitable vulnerabilities on targeted systems. Learn how they work ... Continue Reading
Monitoring process memory is one way to combat fileless malware attacks. Here's what you can do to protect your network against these campaigns. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.