Microsoft Corp. has stepped up its commitment to security with plans to fit its upcoming Windows 2000 operating system with 128-bit strong encryption, and to work with users and vendors on security issues, a high-ranking company official said in a speech at the RSA Conference 2000 show last week.
User privacy is also a paramount concern to ensure the safety of Internet commerce, said Brian Valentine, senior vice president of Microsoft's Windows 2000 product group.
"The reason I'm here today is to do an industry call to action," for developers, vendors, and others to boost computer security, Valentine said.
A consumer privacy and security Web site will be set up, Valentine said.
Microsoft already has a Web site for these issues that is tailored to IT professionals, at www.microsoft.com/security.
Included in Microsoft's plans are 24-hour security hot lines and consultations, Valentine said. Microsoft will re-launch its security response centers to provide the around-the-clock responses and will respond to problems within 24 hours, Valentine said.
"We can't just trust the end-user to solve these problems themselves," Valentine said.
Microsoft security efforts for Windows 2000 have included having a staff of 15 people study the code for breaches, denials of service, and bugs. Windows 2000 ships Feb. 17.
A preliminary version of the product was put on the Internet to enable users to study for security concerns, Valentine said. Within two weeks, four denial-of-service bugs were found, but no breaches were found, he said.
"We put it completely naked on the Internet," Valentine said.
Security efforts will be extended to other Microsoft products as well, such as the SQL Server database, Valentine said.
Microsoft in the latter half of this year plans to hold a summit meeting with other vendors, customers, and parties to discuss privacy and security issues.
"We believe as a company that if we don't deal with some of the privacy issues ... it will affect commerce to where people won't trust" the Internet, Valentine said.
A conference attendee -- a software project manager at a computer-related vendor who requested anonymity -- said Microsoft was making all the right statements, but whether the company can live up to its commitment remains to be seen.
"I don't think anybody has been satisfied" with the security of Microsoft products, the attendee said.
Microsoft's success in marketing its products to the masses has made it a favorite target of virus writers and hackers, the attendee said.
Microsoft Corp., in Redmond, Wash., is at www.microsoft.com.
Microsoft's security blanket
Microsoft is planning to introduce a range of security capabilities.
* 128-bit encryption for Windows 2000
* Around-the-clock security response centers* Summit meeting on security and privacy issues later this year* Consumer privacy and security Web site