| | | Note from the Editor
|  Maintaining the security of an organization's network isn't something that a single technology or "the administrator" can take care of all by themselves. Successfully managing the security of a network is a collaborative effort that requires a combination of security products, tools, practices, and most importantly, the cooperation of the people using the network.
As the saying goes, a chain is only as strong as its weakest link. If you have fortified your network with security technologies and processes, but don't have the cooperation of the network's users, the chain is probably weaker than you think. The importance of end user education cannot be overstated in this context. If the people using your network don't know about the risks and some of the ways they can help mitigate them, they won't be able to help you protect the network. Certainly technologies like BitLocker, Group Policy, and virtualization can help, but security-conscious end users can also be very effective at avoiding threats and/or recognizing and reporting them.
Microsoft offers free tools to help you educate your end users and add another layer of defense for your network. The Internet Safety Toolkit can help you teach employees how to protect company information, customer information, and their own personal information. The Microsoft Security Awareness Toolkit provides actionable guidance, sample training materials, and templates to help you create a security awareness program for your organization. We also recently launched "Tools and Guidance for Managers," a single-page experience for IT managers offering a consolidated view of the latest security research, guidance, and training materials available from Microsoft. Read on for more details on this new experience and other resources to help you continue to evolve your security measures.
Best regards,
Tim Rains, Group Product Manager,
Microsoft Trustworthy Computing | |
| | | Want an easy way to plan, deploy, operate, and manage your security baselines for the most widely-used Microsoft technologies? Download the latest evolution of the Security Compliance Management (SCM) Toolkit and take advantage of centralized management, a baseline portfolio, customization capabilities, and security baseline export flexibility to better balance your organization's needs for security and functionality. | In order to more quickly deliver information on emerging security issues affecting Microsoft customers, the Microsoft Security Response Center (MSRC) team has launched an official Twitter channel. Follow us @MSFTSecResponse. | | The Microsoft Desktop player allows you to access technical security content (videos, webcasts, podcasts, guidance, etc.)-plus links to security resources such as Microsoft IT Evangelist or Developer Evangelist, training opportunities, and user groups in your area-all directly from your desktop. Download an offline version or view the player online. | |
| | | Learn how to use FIM 2010 to facilitate self-service password resets and group management with this quick, step-by-step tutorial from IT Content Architect Alan Le Marquand. | | Start preparing for FIM 2010 deployment with this overview of the various factors that affect capacity, topology, and performance. | | Version 5.0 of the Microsoft SDL process guidance is now available for download. The new version offers added security requirements and recommendations for secure software development at Microsoft as well as SDL guidance for Waterfall and Spiral Development, Agile development, Web applications and line of business applications. | | Whether your company already has a solid security strategy in place, or needs guidance to get started, quickly access the tools and resources that can help. We've gathered a wide variety of valuable information you can use to understand the current threat landscape; speed up the development of internal security awareness and training programs; and ensure your IT and developer staff have the information they need to help manage your risk. | | Explore early adopter experiences, best practices, and lessons learned from Microsoft's own deployments of security solutions within its global enterprise. By leveraging our best practices, you can make decisions about how best to plan for, deploy, and manage Microsoft solutions in your own environment. | | Explore the world of browser and Internet Explorer security from out-of-the-box security features to new options for privacy protection. | |
| | This Month's Security Bulletins | Critical: | | Important: | | Moderate: | | Security Bulletin Overview for April 2010 | Learn more about MS10-018, released out-of-band on March 30th due to increases in attacks against Internet Explorer 6 and Internet Explorer 7 using the vulnerability discussed in Security Advisory 981374. | |
| |  Security MVP of the Month: Harry L. Waldron, CPCU, CCP, CSP, AAI, AIM, AIS, AIT, AAM, ARP, API
With more than 37 years of experience in IT, Harry Waldron shares security developments and best practices in several technical forums as well as his TechNet Blog. Professionally, he works as a senior developer for Fairfax Information Technology Services, where he provides technical, business, and leadership support on key projects. He has earned 10 professional designations in insurance and technology.
MVP Article of the Month: IT Security Requirements for the New Decade
Technology advancements in the new decade will challenge organizations, due to the fiduciary responsibility of protecting customer information and corporate records. Explore why true protection is only achieved with strong technical defenses, meaningful corporate policies, awareness programs, and an active security team. |
| | Microsoft Product Lifecycle Information |
| | Security Events and Training | Available on demand
Learn how to better address your day-to-day security and privacy challenges, drawing from the experience of some of our top security industry experts. Discover products and solutions, the latest and greatest security features, prescriptive guidelines, and relevant tips. | | June 7-10, New Orleans, LA
Check out the Security, Identity, and Access Track at Tech•Ed North America 2010 for the latest guidance and demonstrations of Microsoft Forefront products, identity-based access technologies, Windows security technologies, and more. | |
| | Upcoming Security Webcasts | Upcoming security webcasts in a dynamic, interactive format. | | For IT Professionals For Developers | | Now On Demand | |
|
