Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Is Microsoft ignoring the biggest source of security threats?

Feb 26, 2004 10:30AM PST

Peter H. Gregory discusses insider threats and the attention given to them in Microsoft's security initiatives. At the RSA Conference, Microsoft chair Bill Gates outlined new security features in the upcoming Windows XP Service Pack 2, such as two-factor authentication, new firewall components, and Active Protection Technology. These features, while certainly needed, only address external threats to a computer network; FBI (Federal Bureau of Investigation) surveys show that most security incidents are done by insiders who already have been given access to a system. However, these threats have not received the same media attention as hackers and viruses. Mr. Gregory notes that nothing in Microsoft's stated short-term and long-term plans address insider threats, and questions whether this means Microsoft is still just researching the issue, or ignoring it for bigger headline threats. Mr. Gregory believes technology to monitor suspicious changes in employee behavior should be a research priority.

http://computerworld.com/securitytopics/security/story/0,10801,90466,00.html

Discussion is locked