Safenet Privacy and Security Summit - Yenra

Policy and Practice in the Internet Age

Microsoft Chairman and Chief Software Architect Bill Gates today addressed privacy and security leaders from the areas of technology, government, law enforcement, policy, academia and consumer protection, challenging the community to jointly address some of the most pressing issues facing security and privacy today. During a keynote speech that opened SafeNet 2000: Policy and Practice in the Internet Age, Gates shared his belief that in order for the next generation of the Internet to succeed and thrive, the industry must provide a level of trust and control to consumers, businesses and network providers through technology, tools and practices built around industrywide agreement on the critical issues surrounding security and privacy.

"Microsoft is committed to building the technology and tools customers demand for safe and secure computing and to leading the discussions necessary to move forward on critical security and privacy issues," Gates said. "In an era where the Internet is increasingly central to our lives at work, at home and at school, it is more important than ever that our industry gives customers the assurance that their information will remain secure, respected and private. SafeNet 2000 provides a forum for some of the best minds in industry, government and research to collaborate on resolving these complex and crucial issues."

Trust, Convenience and Control: Security and Privacy in a Connected World

Gates emphasized that as business on the Internet becomes more pervasive, industry must tackle the challenges of customer trust and control or risk losing customer confidence. At the same time, Gates noted, products and services must be designed and integrated in a way that does not make them difficult to operate in a secure fashion. In his speech, Microsoft's co-founder called on the industry to acknowledge that the solutions to security and privacy challenges, which are often comingled in the minds of consumers, cannot be driven by one single group; rather, the future lies in how vendors, government and academic groups come together to arm customers with the technologies, tools and standards necessary for assuring trust and secure computing in the digital age.

Technology

Gates pointed to the launch of Microsoft(R) Windows(R) 2000 as a milestone in the Microsoft commitment to security and privacy technology. Windows 2000 is the most secure operating system Microsoft has ever shipped, with security standards such as Public Key Infrastructure and Kerberos built in. Gates also highlighted some of the security features in upcoming versions of Windows, which will allow customers to keep unsigned code from running, helping to limit the damage that can be caused by malicious programs.

During his keynote, Gates demonstrated the smart card pilot program currently underway on Microsoft's campus. Gates showed the audience how some employees are using Windows Powered Smart Cards to access buildings and securely log into their computers. Smart cards illustrate the importance of adding two-factor authentication to further secure a corporate network environment. Last spring, Gates had called on the industry to begin the move away from passwords as the sole form of authentication, and today Gates announced that Microsoft had moved out of its pilot phase and would begin the deployment of smart cards in the Microsoft corporate network in the coming year.

Finally, Gates outlined some of the work Microsoft is doing to provide software developers around the world with better tools to achieve the goal of designing and shipping secure software. In the upcoming Visual Studio(R).NET development system, Microsoft will ship a language called C# (pronounced "C Sharp") that will include features to catch some of the most common security vulnerabilities, such as buffer overruns, in the development process. Visual Studio.NET is scheduled to ship next year.

Community Leadership

In his address to the group, Gates noted the importance of industry leaders "stepping up to the plate" on promising solutions that can move the online world closer to more complete and consistent privacy and security. Gates highlighted the industry's past six months of progress on Platform for Privacy Preferences (P3P) efforts and Microsoft's commitment to both client- and server-side implementations of P3P, including incorporating the specification into the next Windows operating system, code-named "Whistler."

Gates demonstrated a P3P implementation and user interface scheduled to be unveiled with the beta 2 version of "Whistler" early next year. The implementation allows for the efficient exchange of information between Internet Explorer 6 technologies in "Whistler" and a statement of the privacy practices of the Web site visited.

SafeNet 2000 will continue over the next two days, charging panelists and working groups with the development of best practices and standards of care for information protection. Topics will range from "Information Sharing and Infrastructure Protection" to "The Future of Privacy Self Regulation." Additional keynote speeches will be delivered by John McCarthy, group director of politics and government at Forrester Research Inc., speaking on the future of privacy in an increasingly wireless world; and Richard Clarke, national coordinator for security, counter-terrorism and infrastructure protection for the National Security Council.

Founded in 1975, Microsoft is the worldwide leader in software, services and Internet technologies for personal and business computing. The company offers a wide range of products and services designed to empower people through great software -- any time, any place and on any device.