Limited access is crucial to next-generation security, Microsoft execs say

Related Links

Windows fortified

SAN FRANCISCO -- Organizations must think differently about the way networks are designed, operated and protected, and about how users are granted permission to access information in the highly connected world that is looming, said Bill Gates, chairman of Microsoft, and Craig Mundie the company’s director of research and strategy, today at the RSA Conference here.

People want to access information from many sources — computers, cell phones, TVs and even their cars, Mundie said. He and Gates gave the keynote presentation at the conference.

Traditionally, security has been used as a blocking mechanism to keep intruders out of corporate systems. The question now is how can it be used to make it simpler for people to get access to the information they need, Mundie said.

For instance, an engineer at Boeing may want to grant permission to a partner at GE Engines to get information via Microsoft SharePoint collaboration software. But “just because you can get that schematic doesn’t mean you should get at everything on the corporate network,” Mundie said. “We really don’t have that mechanism to let that person make a very prescriptive authorization. Yet that is really where the world is going to have to move to.”

The executives outlined three concepts that organizations and industry must think about in a different way: the network and how it will be constructed and operated, protection of information and user identity.

“We need evolutionary approaches,” Gates said. He noted that the foundation for a new approach to network security has already been laid with IPv6, the next generation of IP and IPsec, which focuses on certificate-based authentication that ensures a user that the person he or she is communicating with can be trusted.

Ultimately there is a need for more granular control in which a person can say, “I only trust this particular application and I only trust this particular person running that application,” Mundie said. This will require a more policy-based approach rather than focusing on network topology, he said.

The move to IPv6 will not only accommodate billions of new devices but will allow information technology managers to define logically the protection domain they want to have their policies govern, Mundie said.


  • Oversight
    President of the United States of America, Donald J. Trump, attends the 2019 Army Navy Game in Philadelphia, Pa., Dec. 14, 2019. (U.S. Army photo by Sgt. Dana Clarke)

    Trump shakes up official watchdog ranks

    The White House removed an official designated to provide oversight to the $2 trillion rescue and relief fund and nominated a raft of new appointees to handle oversight chores at multiple agencies.

  • Workforce
    coronavirus molecule (creativeneko/

    OMB urges 'maximum telework flexibilities' for DC-area feds

    A Sunday evening memo ahead of a potentially chaotic commute urges agency heads to pivot to telework as much as possible.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.