Security

Next@Norton 2010

NortonI attended the 2010 Next@Norton this past week at the Symantec World Headquarters in Mountain View, California.

Reprising the 2009 event which was held at the Norton unit location in Culver City, also in California, this event was also filled with executives who proceeded to inform us, without the cover of a restrictive embargo, of the series of Norton products coming down the pike for the 2011 era.

This is a summary of the event.

Our full review will be published in the June 2010 issue of The Interlocutor, and then syndicated here.

The 2011-series of Norton Protection
In our first session, we explored the Norton 2011 series of products.

The Norton folks delved in-depth into the vision of Norton Anti-Virus, Norton Internet Security, and Norton 360. The emphasis here, was antivirus/anti-malware scanning, and rightfully so. One of the pain points suffered by endusers during the heydays of the feature-adding arms race by Internet security companies was a series of bloated, resource-hogging security suites. Systems performance was totally subjugated to the whims of the software vendors tripping over themselves to add the latest fad to their suite. Thankfully, Norton came out of that stupor, starting with the Norton NIS2009 product and continuing with the 2010-series products.

Well, for 2011, the trend of removing stuff that is not required for scanning performance continues. Moreover, Norton has stepped up the use of reputations in addition to heuristics in order to improve detection, quarantine, and eradication.

What is a virus signature, and how is it created at Symantec’s Norton Unit?
One of the advantages of being the ‘big dog’ in the antivirus/anti-malware space and having a very substantial number of your users engaged, is the ability to get a great number of viruses reported to you for identification and inoculation.

We were walked through the process whereby Norton identifies malware and develops ‘signatures’ the help Norton’s researchers identify those threats and subsequently create the solutions that are ultimately pushed out to endusers in order to help remediate the safety of their systems. Fascinating.

Data here and everywhere
An upside of the point above is that a great amount of data is collected. However, that data, coming from several million users can create its own problems, for a deluge of data is never a good thing.

Norton, based on the length of time they have done this we are told, has been able to develop algorithms whereby a meaningful result is obtained with the use of just a statistically-useful sampling.

the continued popularity of Norton products is a testament to the value of this data, for they have continued to remain the most popular AV package even in this age of almost immediate threats

Expanding beyond computers
Norton is seeking to parlay its dominance in PC system protection to connected devices, one of the fastest growing segments in virtually everything.

To achieve that, they have targeted cellphones initially, and all connected devices subsequently, as the next market to conquer.

To this end they have started developing software for phones – Android first, and have partnered with Mocana, which has just about the most impressive portfolio of design wins I have seen in a long while.

While I am not satisfied since, as you guessed, there isn’t a Windows Mobile app yet, I am nonetheless satisfied that they are pointed in the right direction.

Follow johnobeto on Twitter
vsphere_static_468x60

Bill Gates on Trustworthy Computing

If you think security and trustworthy computing do not have the attention of the executive branch at Microsoft, think again.

From his email newsletter, Bill Gates writes:

During the last decade, digital technology has changed the world in profound and exciting ways. Today we communicate instantly with the people we care about without worrying about traditional limitations of time and location. At work, we collaborate with colleagues in distant cities. Global supply chains enable businesses to manufacture products and move them to market with incredible speed and efficiency. Mobile devices ensure that we are productive no matter where we are.

But these changes are just the beginning. As more and more of the world's information, commerce, and communications moves to digital form, it will open the door to a new world of connected experiences that link our interests and our communities into a seamless whole that extends across home, work, school, and play.

Already, a new generation of technology is transforming expectations for how we will conduct business, communicate, access entertainment, and much more. Increasingly, people envision a world of anywhere access - a world in which the information, the communities, and the content that they value is available instantly and easily, no matter where they are.

Of course we're not quite there yet. But whether we get there or not is no longer a question of the power of our devices and the speed of our connections. The real issue today is security. Ultimately, anywhere access depends on whether we can create and share information without fear that it will be compromised, stolen, or exploited.

The answer lies in trust - in creating systems and processes that are always secure so that people and organizations have a high degree of confidence that the technology they use will protect their identity, their privacy, and their information. This is an imperative that transcends any one company. Success will require hard work and extensive cooperation between companies, governments, and organizations from around the world.

Trust and security are critical priorities for Microsoft. Because you are a subscriber to the Microsoft Executive Email program, I wanted to share my thoughts with you about the changing nature of security and the work that is being done at Microsoft to advance trust in computing and to help pave the way for future connected experiences based on secure and easy anywhere access.

Connectivity and the Evolving Threat Landscape

Today, connectivity - the basic foundation for anywhere access - can be a double-edged sword. Connectivity that streamlines the flow of information and communications can also open the door to malicious users. Meanwhile, where publicity once motivated many digital attacks, criminal financial gain is behind most security threats today. So in addition to viruses and worms, we must contend with spyware that logs keystrokes; rootkits that are used to hijack computers; and social engineering threats where criminals try to trick people into divulging the personal data needed to exploit digital information.

How widespread is the problem? In the United States last year, security breaches - some inadvertent, some purposeful and criminal - exposed the personal information of more than 100 million people. In 2005, 46 percent of fraud complaints filed with the U.S. Federal Trade Commission were Internet related. A 2006 report from the Cyber Security Industry alliance noted that 50 percent of Internet users are afraid their credit card information will be stolen. No company is immune to the danger. Malware targets products from virtually every software vendor. Every business is vulnerable to the risks that come with unauthorized access to corporate information.

In this changing threat environment, striking the right balance is extremely difficult. Easy access speeds communications but increases the danger that confidential information will be exposed. Stringent security measures reduce risk, but can make it too difficult for employees to access information or communicate with customers and partners and too complex for IT professionals to deploy and manage solutions.

The Road to Trust

Achieving the levels of trust needed to make connected experiences based on anywhere access possible will require an industry-wide effort to change the way we approach digital identities, build networks, and protect information.

The evolution of identity: The proliferation of identities and identity systems is a significant problem and a difficult challenge. We all struggle to remember an ever-growing number of user names and passwords as we move between systems at work and home. Because it is unlikely that a single digital identity system or technology will be universally adopted, a different approach is required - an approach based on creating a system of systems that provides the interoperability needed to link all identity solutions and technologies. This "identity metasystem" will be able to take advantage of the strengths of existing and future identity technologies while enabling the creation of a consistent and straightforward user interface. Solutions built on top of this metasystem will enable digital identities to be managed and protected effectively and easily.

The evolution of networks: To resolve the tension between providing access and maintaining security, new technologies for managing the way people and information move between corporate networks and the Internet are essential. In the face of a rapidly evolving threat landscape, the firewall - the fundamental tool for managing network security today - is no longer adequate. A better approach is security that is based on policy. With policy-based security, the rules that govern access to networks, resources, and information can be enforced seamlessly across platforms and devices.

The evolution of protection: It is impossible to overstate the importance of providing the right levels of privacy and information protection so that users can trust that their information is secure. To achieve this, we must be able to protect information not only when it is in transit, as we do today through encryption, but also on the server, the desktop, mobile device, and wherever else it may reside. Policy will also play an important role in the evolution of protection. By applying policy when information is created, we can enable information to flow freely and safely across systems and networks while maintaining appropriate control over how it is used, and by whom.

Security, Reliability, and Privacy: Trustworthy Computing at Microsoft

At Microsoft, Trustworthy Computing provides the foundation for the work we do to create trusted computing experiences. Announced five years ago, Trustworthy Computing is a core principle that places security, reliability, and privacy at the center of all of our efforts. One example of the impact of Trustworthy Computing is the Secure Development Lifecycle, a rigorous software development process that makes security a critical focus for every line of code that we write.

Trustworthy Computing is an important reason why Windows Vista is the most secure operating system that Microsoft has ever delivered. Developed from the ground up using the Secure Development Lifecycle process, Windows Vista includes new security features that help computer users protect sensitive information and give IT administrators new ways to protect corporate networks and preserve data integrity and confidentiality.

Windows Vista also offers new controls that enable parents to manage exactly what their children can do on the computer. These controls allow parents to restrict computer use to specific times and determine which games their children can play, which programs they can use, and which Web sites they can visit.

The 2007 Microsoft Office system and Microsoft Exchange Server 2007 were also built using the Secure Development Lifecycle, and they include a wide range of new security features that help protect against phishing scams and other threats to privacy and information security.

Together, Windows Vista, the 2007 Office system, and Exchange Server 2007 represent an important step forward in Microsoft's efforts to deliver tools to help protect information and privacy. And we continue to focus on developing comprehensive security solutions for consumers and businesses that provide more secure, controlled access to information and network resources. Examples include:

Windows Live OneCare: A comprehensive service for consumers, Windows Live OneCare automatically manages important PC maintenance and security tasks.

Microsoft Forefront: Designed for businesses, Microsoft Forefront is a family of security products that provides advanced protection against the latest threats and enables secure access across client operating systems, application servers, and the network edge, with a focus on simplified management and integration with existing IT infrastructure.

Identity Lifecycle Manager 2007: Building on Microsoft Identity Integration Server, Identity Lifecycle Manager 2007 adds new capabilities for managing strong credentials such as smart cards while providing an integrated approach that links certificate and password management and provisioning across Windows and enterprise systems.

Windows CardSpace: An important component of Microsoft's efforts to create an identity metasystem, Windows CardSpace enables any Windows application to provide users with a common way to work with digital identities so that people can use their digital identities on any machine, running any operating system.

Achieving Trust Through Industry Partnership and Collaboration

Before trust can become a reality, systems, processes, programs, and applications must work together reliably and securely. That is one important reason why Microsoft is committed to interoperability: before digital identities and information protected by policy-based security can move seamlessly between platforms and devices, systems must be able to interoperate. Today we are working closely with governments, organizations, and partners to create and implement industry-wide standards that will enable systems and applications to work together so that connectivity can be seamless and pervasive, and people can access digital information more securely no matter where they are or what device they have at hand.

Examples of industry partnerships and initiatives aimed at enhancing interoperability and improving trust and security include:

Interop Vendor Alliance: Launched in November, 2006, this global group of software and hardware vendors is working together to enhance interoperability through scenario-based testing and by sharing information about interoperability solutions with customers.

Microsoft Network Access Protection (NAP): This policy enforcement platform built into Windows Vista and Windows Server "Longhorn" helps ensure that only safe devices can access networks. More than 100 technology partners in the networking and security industry have joined the NAP ecosystem and have products that work with NAP.

SecureIT Alliance: This Web-based community was created to enable companies across the industry to develop, enhance, and promote applications that interoperate with the Microsoft platform. A central clearinghouse for security technology professionals, the SecureIT Alliance includes more than 100 members from countries around the world.

In addition, during the development of Windows Vista, Microsoft worked closely with leading security companies including Symantec and McAfee to provide technical support resources, access to application testing and compatibility labs, and developer training. Our goal is to ensure that our partners have the information they need to provide consumers with a broad range of security and safety software and services that can help to make computing experiences safer from the moment they begin using Windows Vista.

Today, nearly 1 billion people use digital technology in their day-to-day lives to communicate, connect, and create. As we continue to work together as an industry to create trust, we will be able to deliver incredible new connected experiences that transform the way people explore ideas, exchange goods and services, teach and learn, and share experiences with the people they care about. In the process, we have the opportunity to bring new levels of value and excitement to each of those 1 billion people, and hundreds of millions more.

Bill Gates

Putting their money where their collective mouths are, right?

© 2007, John Obeto II for SmallBizVista.com®