Slashdot Mirror


Microsoft Security Whitepaper

An anonymous reader writes "Microsoft last week published a document on its Web site that describes how the company manages security on its own 300,000 node corporate network. The document is basically a dry discussion of IT risk management strategy, with lots of references to 'asset classes' and 'stakeholders,' and about five, nearly identical 'cycle of life' type diagrams showing how one risk management strategy leads to the next and so on, in a never-ending process. However, the document does open a window on how the biggest, richest software company in the world does security: from the deployment of 65,000 smart cards (let's see, at $50 a piece, that comes to....?), to MS's admission that 'there is a medium to high probability that within the next year, a successful attack will occur that could compromise the High Value and/or Highest Value data class.' According to the document, that includes things such as source code or human resources data."

10 of 269 comments (clear)

  1. is it ALL white? by BFedRec · · Score: 4, Funny

    cause the oxymoronic nature of using MS and Security in the same vicinity... one would think it's just an all white blank sheet of paper.

    1. Re:is it ALL white? by Fruny · · Score: 4, Funny

      one would think it's just an all white blank sheet of paper.
      No, I believe it comes triple-thickness, extra soft unscented rolls.

    2. Re:is it ALL white? by Lost+Dragon · · Score: 5, Funny

      No, no, silly. It's white text on a white background. That's part of their security layer.

  2. they by AnonymousCowheart · · Score: 5, Funny

    they recently published the bug list too

  3. No Problem by Anonymous Coward · · Score: 3, Funny

    However, the document does open a window on how...

    Sounds like somone needs to switch to Mozilla to avoid these annoying pop-ups! ;)

  4. World Domination? by SuperBanana · · Score: 3, Funny
    to MS's admission that 'there is a medium to high probability that within the next year, a successful attack will occur that could compromise the High Value and/or Highest Value data class.' According to the document, that includes things such as source code or human resources data.

    What about World Domination plans? Are those Highest Value data class? Or Really Highest Value?

    I have a friend who now works for Apple, and they had training on the various classifications of stuff - I forget what any of the acronyms were, but they were pretty oddly named. I fully expected a bunch of troopers dressed in titanium and perfectly polished clear plastic(hopefully Ti in the, uh, right places) to come storming through the door to erase my brain after being told of such things.

    Oh crap- maybe they DID!

  5. Sounds about right by SargeZT · · Score: 3, Funny

    Microsoft hit the nail on the head this time! It's security is as strong as white paper.

    --
    And why did you staple the trout to the RAM?
  6. Horrors indeed. by Fruny · · Score: 4, Funny
    Meanwhile Microsoft is stuck spending mega-bucks and lots of time trying to protect themselves from having anyone actually...gasp...see the source code. Horrors!

    Have you considered that the masses should actually be protected from Microsoft's source code ? You wouldn't want your neighbours to become stark raving lunatics after having been confronted with the lovecraftian abomination that is Hungarian Notation, would you ?

    Trust me my friend, there exist Code Man Was Not Mean to Read. Microsoft is dutifully protecting reality as we know it. We should be thankful.

  7. What I want to know by boatboy · · Score: 3, Funny

    How can they afford the all the Licenses?

  8. Easy by Mistlefoot · · Score: 4, Funny

    It's easy for them to afford 65,000 licences.

    The sell them to themselves as a loss. Therefore using them as a tax deduction twice - once for the loss and once for the cost......and if the loss is great enough they might even make a profit!