Microsoft software routinely collects information from millions of computers around the world, quietly, and often without the owner's explicit knowledge.
Harvesting this kind of private information may seem intrusive, but Microsoft claims it is done for a good reason--the more information the company has on users, the better it can protect them.
For example, the Sender ID system, backed by Microsoft, checks tags on an e-mail to make sure it really is coming from the purported sender. That technology can help people avoid phishing attacks, Microsoft says.
Cullen spoke about what Microsoft is doing to help counteract identity theft, the increasing threat of phishing attacks and the ever-present menace of spam.
How do you differentiate your role from that of chief security officer or equivalent?
Cullen: At the core definition level, security is about how to keep information confidential, and privacy is about the use of information. But the two are very related. Look at a phishing event. What started off as a security event--something that caused the customer's information to be collected inappropriately--ended up the with customer's information being used, perhaps for identity theft, which is a privacy issue. Around the world, all privacy information has a security component to it.
On an issue like identity theft, what can Microsoft do to help people guard against that?
Cullen: We approach it from a number of angles. Look at the fight against spam as an example. There were really four buckets of things we had to look at. One was technology solutions. The second is education, and there are two strands: One is consumer education, so we help them by showing how to interact with online vendors and when not to.
The other area that we focus on is partnerships with industry. So if we think about spam, it is about working with other industry players on ways to combat spam.
And then there is government, and in particular, working with government on the law enforcement side of things. We have launched about 120 actions against spammers, phishers (and) spyware purveyors around the world.
Two years ago, (spam) was about marketing and offering us body parts we didn't need. Today, it is about a delivery mechanism for
Page 1 | 2
4 commentsJoin the conversation! Add your comment