Viewpoint
Security and Privacy: Twins of Different Mothers <http://go.microsoft.com/?linkid=8891842>
By Tom Gemmell, Principal Privacy Program Manager, Microsoft Corporation
Learn how security and privacy professionals can achieve beneficial results by closely aligning their efforts to manage the risks associated with collecting, holding, and using private and sensitive information about employees, customers, partners, and others.
Top Stories
Microsoft Security Intelligence Report, Volume 4, Now Available <http://go.microsoft.com/?linkid=8891844>
The latest volume of the Security Intelligence Report features sections on security vulnerabilities, exploits, malware, and potentially unwanted software. New for this volume are sections on privacy and Internet safety enforcement, along with more detailed insights into spam and phishing. Built on feedback from almost 500 million computers worldwide, this report is the most comprehensive and wide-ranging Security Intelligence Report that Microsoft has released. Download the full 105-page report or the 12-page key findings summary.
Download Forefront Security for SharePoint with Service Pack 2 <http://go.microsoft.com/?linkid=8891845>
Microsoft Forefront Security for SharePoint with SP2 can help protect Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0 from malware and inappropriate content. New features include support for Windows Server 2008 and installable key word lists for automatically blocking documents containing profanity and discriminatory words in eleven languages. Download the trial today, along with the new evaluation guide <http://go.microsoft.com/?linkid=8891920>.
Solution Accelerator Beta: Security Compliance Management <http://go.microsoft.com/?linkid=8891846>
In today's IT environment, compliance with governance regulations and industry standards such as the Sarbanes-Oxley Act is a source of deep concern for many organizations. This toolkit provides best practices about how to plan, set, get, and remediate a security baseline. It also offers tools that you can use to verify the implementation of recommended security baselines for Windows Vista, Windows XP SP2, and Windows Server 2003 SP2 plus Configuration Packs to use with the Desired Configuration Management (DCM) feature in Microsoft System Center Configuration Manager 2007 to verify and report on the security baseline deployed for these Windows operating systems. Quickly and easily use reporting functionality to demonstrate that the computers in your environment are in compliance with the best practices.
Use the New Security Enhancements of Windows Vista SP1 and Windows Server 2008 <http://go.microsoft.com/?linkid=8891847>
Want to take advantage of the new security enhancements of Windows Vista SP1 and Windows Server 2008? Download the new Microsoft Assessment and Planning tool and determine if your existing machines are ready.
Security Guidance
2007 Microsoft Office Security Guide: Threats and Countermeasures <http://go.microsoft.com/?linkid=8891848>
This guide is a comprehensive technical reference that explains the security and privacy settings for the six referenced applications, their recommended configurations, and which threats they address. It also contains Common Configuration Enumeration (CCE) IDs for all the settings. CCE provides identifiers to system configurations to facilitate fast and accurate correlation of configuration data across multiple information sources and tools.
Deploying Group Policy Using Windows Vista <http://go.microsoft.com/?linkid=8891849>
Sort through the new and updated features available in Windows Vista, and learn about best practices to help you deploy Group Policy to centrally manage a greater number of features and component behaviors than you were able to do in Windows Server 2003.
The Cable Guy: Wireless Group Policy Settings for Windows Vista <http://go.microsoft.com/?linkid=8891850>
Learn how to centrally configure and distribute wireless network settings to all the computers in your Active Directory network.
Framework-Based Regulatory Compliance <http://go.microsoft.com/?linkid=8891851>
Explore a framework-based approach to address regulations and standards related to IT controls and privacy with this chapter from the Regulatory Compliance Planning Guide.
Enable Enhanced Identity Privacy <http://go.microsoft.com/?linkid=8891852>
Enhanced identity privacy is an optional setting that you can configure on a resource partner in the account Federation Service in an Active Directory Federation Services (ADFS) deployment. Learn how to enable this setting.
Data Encryption Toolkit for Mobile PCs <http://go.microsoft.com/?linkid=8891853>
Learn how to better secure the data on your organization's mobile PCs--in a cost-effective way--using Encrypting File System (EFS) and Microsoft BitLocker Drive Encryption technologies.
How to Create a Customized Privacy Import File <http://go.microsoft.com/?linkid=8891854>
Privacy settings in Microsoft Internet Explorer can be customized through a variety of dialog boxes reachable from the Privacy tab in Internet Options on the Tools menu. Additionally, if the user chooses, privacy settings can be specified by importing custom settings using the XML syntax. Learn how with this overview.
This Month's Security Bulletins
Critical:
· MS08-026: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207) <http://go.microsoft.com/?linkid=8891921>
· MS08-027: Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208) <http://go.microsoft.com/?linkid=8891922>
· MS08-028: Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749) <http://go.microsoft.com/?linkid=8891923>
Moderate:
· MS08-029: Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044) <http://go.microsoft.com/?linkid=8891924>
Community / MVP Update
Security MVP of the Month: Aloysius Cheang <http://go.microsoft.com/?linkid=8891855>
Aloysius Cheang is an information security professional with substantial experience in managing and delivering complex, multidimensional, and strategic multimillion-dollar information security programs for Global 500 organizations across Asia, the United States, and Europe. He specializes in information risk management and development of information security strategies, frameworks, policies, and controls. He has led numerous IT security audits, security reviews, and security penetration testing engagements; provided business continuity management and disaster recovery services; and supported clients in investigations and digital forensic requirements.
MVP Article of the Month: Privacy Issues -- Business Disabler or Enabler? <http://go.microsoft.com/?linkid=8891857>
By Aloysius Cheang, CISA, CISSP, GCIH, and Microsoft MVP - Security
Stolen credit card numbers, leaked user information, merciless spamming of e-mail accounts... Issues of privacy have become a greater concern as more and more people go online to perform transactions such as purchases or banking, or to use certain online Web services. Over the past few years, the information security industry has realized the need to handle privacy issues properly, especially since leaked personal information can be disabling for both the organization conducting business over the Internet and the consumer.
Microsoft Product Lifecycle Information
Find information about your particular products on the Microsoft Product Lifecycle <http://go.microsoft.com/?linkid=8891925> Web site.
· See a List of Supported Service Packs <http://go.microsoft.com/?linkid=8891926>: Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.
Security Events and Training
Register Now for Tech·Ed North America 2008 <http://go.microsoft.com/?linkid=8891858>
Learn from Microsoft and industry experts, connect with your peers, and choose from more than 1,000 learning opportunities including Security or Identity and Access track sessions. Take a look at the 19 technical tracks <http://go.microsoft.com/?linkid=8891927> that will be featured at this year's conference, and then check out the session catalog <http://go.microsoft.com/?linkid=8891928> to design your own personalized schedule. Attend a preconference seminar and register now for the main event.
Upcoming Security Webcasts
Enterprise Information Protection: Understanding Complex Scenarios and Design Considerations <http://go.microsoft.com/?linkid=8891859>
Wednesday, May 28, 9:00 AM Pacific Time
New Identity & Access (IDA) Technologies in Windows Server 2008 <http://go.microsoft.com/?linkid=8891860>
Thursday, May 29, 9:00 AM Pacific Time
Information Protection: Protecting Sensitive Data with Active Directory Rights Management Services in Windows Server 2008 <http://go.microsoft.com/?linkid=8891861>
Tuesday, June 3, 9:00 AM Pacific Time
Interactive Security Webcast Calendar <http://go.microsoft.com/?linkid=8891862>
Find upcoming security webcasts using a dynamic, interactive format.
For IT Professionals
· TechNet Webcast: Configuration Manager 2007 and Network Access Protection (Level 300) <http://go.microsoft.com/?linkid=8891929>
Wednesday, May 14, 11:30 AM Pacific Time
Jeff Wettlauffer, Senior Technical Product Manager, Microsoft Corporation
· TechNet Webcast: Securing SharePoint End-to-End with Microsoft Forefront (Level 300) <http://go.microsoft.com/?linkid=8891930>
Wednesday, May 14, 1:00 PM Pacific Time
Noelle Mendez-Villamil, Senior Product Manager, Microsoft Corporation, and Uri Lichtenfeld, Product Manager, Microsoft Corporation
· TechNet Webcast: Forefront Security for SharePoint Content Filtering Drill-Down (Level 300) <http://go.microsoft.com/?linkid=8891931>
Monday, May 19, 9:30 AM Pacific Time
Noelle Mendez-Villamil, Senior Product Manager, Microsoft Corporation
· TechNet Webcast: Microsoft Advanced Group Policy Management (Level 200) <http://go.microsoft.com/?linkid=8891932>
Tuesday, May 20, 11:30 AM Pacific Time
Glenn Fincher, Principal Technologist, Xtreme Consulting Group, and Jeff Carlson, Principal Consultant, Xtreme Consulting Group
· TechNet Webcast: Forefront Code Name "Stirling" Technical Overview (Level 300) <http://go.microsoft.com/?linkid=8891933>
Tuesday, May 20, 1:00 PM Pacific Time
Nic Sagez, Product Manager, Microsoft Corporation, and Brad Wright, Principal Product Unit Manager, Microsoft Corporation
· Best Practices for Managing and Securing Office SharePoint Server 2007 <http://go.microsoft.com/?linkid=8891934>
Wednesday, May 21, 9:00 AM Pacific Time
Rand Morimoto, Ph.D., CISSP, MVP
· TechNet Webcast: Managing Exchange Server and SharePoint Protection with Forefront Server Security Management Console (Level 300) <http://go.microsoft.com/?linkid=8891935>
Wednesday, May 21, 1:00 PM Pacific Time
Darryl Tenzie, Security Technical Specialist, Microsoft Corporation
· Best Practices for Managing and Securing Exchange Server 2007 <http://go.microsoft.com/?linkid=8891936>
Thursday, May 22, 9:00 AM Pacific Time
Rand Morimoto, Ph.D., CISSP, MVP
For Developers
· How Do I: Export and Import Certificates? <http://go.microsoft.com/?linkid=8891943>
Available on demand
· How Do I: Get Started with Encryption? <http://go.microsoft.com/?linkid=8891944>
Available on demand
Microsoft On-Demand Webcasts
· Support WebCast: Microsoft Internet Explorer Security and Privacy <http://go.microsoft.com/?linkid=8891945>
Explore best practices for preventing viruses, security exploits, and privacy violations when you use Microsoft Internet Explorer and related programs.
Security Program Guide
· Security Awareness Materials <http://go.microsoft.com/?linkid=8891869>
Guidance, samples, and templates for creating a security-awareness program in your organization.
>
Placements ? No Problem. Register Here! Try it!
No comments:
Post a Comment