[ISN] Microsoft's Canberra security deal

InfoSec News isn at c4i.org
Tue Apr 4 03:02:58 EDT 2006


http://australianit.news.com.au/articles/0,7204,18699718%5E15306%5E%5Enbv%5E,00.html

Simon Hayes and James Riley
The Australian 
APRIL 04, 2006 

MICROSOFT has promised to help Australia tackle threats to "national
security, economic strength and public safety" under a deal to allow
its engineers to examine attempts to hack into federal government
computer networks.

Microsoft managing director Steve Vamos and Attorney-General's
Department secretary Robert Cornall will sign the Microsoft Security
Co-operation Agreement tomorrow in a ceremony to be chaired by
Attorney-General Philip Ruddock at federal Parliament House.  The deal
is to share data on security incidents and information on critical
events and security emergencies.

Australia follows the US, Canada, Chile and Norway in signing the
agreement, aimed at improving the flow of computer security
information.

The deal builds on Microsoft's 2003 agreement to allow the government
to examine source code for Windows and Office.

That agreement followed an increase in the popularity of open source
software.

Microsoft opened its code to select governments to prove its
technology was as safe as any other, but not all governments were
happy with the access restrictions imposed by Microsoft.

China, Russia, Britain and NATO signatory countries are among other
nations to have signed that agreement.

The new agreement is expected to include access to information on
planned software patches, and data about vulnerabilities that
Microsoft is investigating, allowing the government to plan ahead for
security threats.

Also likely is an agreement for Microsoft to provide resources for a
joint response to emergencies, and to provide assistance with consumer
education campaigns on computer security.

A Microsoft Australia spokesman declined to comment on the program.

Chairman Bill Gates told a conference in February last year that
Microsoft would give governments better access to security
information, and would help protect critical infrastructure.

"We have 24-hour-a-day surveillance working with other companies, so
we see things and we can work with governments around the clock when
there is a challenge," he said.

"Having these channels of communication open, knowing exactly who to
work with, what the messaging should be, that's something we're
putting in place."

Microsoft public sector corporate vice-president Gerri Elliott last
year said the program would make it easier to track and combat
security threats to government agencies and critical infrastructure.

"The digital age creates some unique challenges for governments to
help secure their computing environments," he said.

"By taking a collaborative approach with global governments, we can
bring to bear the combined expertise from public and private sectors
and enable governments to better prepare, manage and mitigate the
impact of security incidents."





More information about the ISN mailing list