Microsoft discussed progress toward enabling End to End Trust, the company’s vision for a safer, more trusted Internet first introduced at last year’s event. In his keynote address, Scott Charney, corporate vice president of Microsoft’s Trustworthy Computing Group, also issued a call to action for the public — including those in the technology industry, business and governments — to participate through dialogue, collaboration and consensus to address cybercrime and help instill trust in the Internet.
During the past year, Microsoft has advanced End to End Trust in four critical areas: security and privacy fundamentals; creation of a trusted stack with security rooted in hardware; in-person proofing based on identify claims; and social, political, economic and IT industry alignment for change.
Microsoft’s ongoing focus on security and privacy fundamentals employs the company’s best engineering and threat mitigation practices to deliver the most secure and privacy-enhancing versions of its software to date, such as Windows 7 Beta and Internet Explorer 8.
During the past year, Microsoft began sharing its fundamental security and privacy practices, such as the Security Development Lifecycle (SDL), with the broader IT community to help build more secure software and better protect customers. Programs such as Microsoft’s SDL Pro Network train and enable organizations outside the company to develop more secure applications. The Microsoft Active Protections Program, designed to provide vulnerability information to security software providers, allows Microsoft and its partners to offer more timely protections and solutions to the broadest set of customers possible.
Charney also provided an update on how Microsoft and partner technology innovations can help people better trust the security of the devices they use to access the Internet or connect to other devices. For example, Windows 7 is helping to deliver on the End to End Trust vision by providing key elements of a “trusted stack,” a concept that ensures all components of the computing environment can be authenticated and are trustworthy, including the operating system applications, people and data. Windows 7 Beta includes support for Trusted Platform Modules (TPMs), which help enable a strong security base rooted in hardware with features such as Windows BitLocker Drive Encryption; AppLocker, which helps ensure only trusted software is running; and DirectAccess, which allows customers to create trustworthy connections between compliant devices and the corporate network.
In addition, on stage, Charney demonstrated how Microsoft Forefront identity and security solutions are providing strong management and audit capabilities that help provide better “defense in depth,” through Business Ready Security solutions that help customers more easily protect the breadth of their environments, quickly respond to threats, and enable the secure access and use of critical business information.
Sharing best practices and developing more secure technology are only part of the solution. Realizing real change requires broad collaboration across the industry. To that end, Microsoft is working with partners, both public and private, to advance the state of trust online. During the past year, Microsoft has worked with the Internet Consortium for Advancement of Security on the Internet, the Internet Safety Technical Task Force led by the Berkman Center for Internet & Society at Harvard University, the Center for Strategic and International Studies Cybersecurity Commission, and the recently announced Conficker Working Group.
In his speech, Charney signaled that Microsoft is asking individuals, partners, policy-makers and the IT industry to help enable further change and take the next step toward creating a safer, more trusted Internet. Specifically, Charney called on developers to build more secure and privacy-enhanced products and services. He asked the tech industry as a whole to find new ways for people to feel safer online with their devices, their identities, their networks and any other scenarios that will affect Internet use in the future. Finally, Charney called on Microsoft partners, customers and individuals at private and public agencies to continue to come together through dialogue, collaboration and consensus to create a safer, more trusted Internet for everyone.