Limited access is crucial to next-generation security, Microsoft execs say

Related Links

Windows fortified

SAN FRANCISCO -- Organizations must think differently about the way networks are designed, operated and protected, and about how users are granted permission to access information in the highly connected world that is looming, said Bill Gates, chairman of Microsoft, and Craig Mundie the company’s director of research and strategy, today at the RSA Conference here.

People want to access information from many sources — computers, cell phones, TVs and even their cars, Mundie said. He and Gates gave the keynote presentation at the conference.

Traditionally, security has been used as a blocking mechanism to keep intruders out of corporate systems. The question now is how can it be used to make it simpler for people to get access to the information they need, Mundie said.

For instance, an engineer at Boeing may want to grant permission to a partner at GE Engines to get information via Microsoft SharePoint collaboration software. But “just because you can get that schematic doesn’t mean you should get at everything on the corporate network,” Mundie said. “We really don’t have that mechanism to let that person make a very prescriptive authorization. Yet that is really where the world is going to have to move to.”

The executives outlined three concepts that organizations and industry must think about in a different way: the network and how it will be constructed and operated, protection of information and user identity.

“We need evolutionary approaches,” Gates said. He noted that the foundation for a new approach to network security has already been laid with IPv6, the next generation of IP and IPsec, which focuses on certificate-based authentication that ensures a user that the person he or she is communicating with can be trusted.

Ultimately there is a need for more granular control in which a person can say, “I only trust this particular application and I only trust this particular person running that application,” Mundie said. This will require a more policy-based approach rather than focusing on network topology, he said.

The move to IPv6 will not only accommodate billions of new devices but will allow information technology managers to define logically the protection domain they want to have their policies govern, Mundie said.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.