Original URL: https://www.theregister.com/2002/11/14/ms_touts_free_security_toolkit/

MS touts free security toolkit for SMEs

It's a start, we suppose

By John Leyden

Posted in Security, 14th November 2002 16:00 GMT

Microsoft today released a security toolkit designed to help Britain's medium-sized businesses evaluate their security needs.

The toolkit, available to order free from Microsoft's UK site, includes resources and tools which deal with both desktop and infrastructure issues.

These include the Microsoft Baseline Security Analyzer, case studies, white papers, Web casts, product information, evaluation software (Microsoft Windows XP Trial, Microsoft Windows 2000 Server and Microsoft Internet Security and Acceleration (ISA) Server 2000), security patches, and web links.

This is, of course, primarily a marketing drive (promoting the supposed security improvements in Windows XP) but let's be charitable and say there's information here that will help educate Microsoft's small business customers about security issues.

Mike Pryke-Smith, Medium Business Marketing Manager at Microsoft, said many small businesses are concerned about security but "find it difficult to decide exactly what measures they need to take to improve their security and how extensive those measures need to be".

"The toolkit allows them to easily assess where their requirements are most critical and how to meet those needs quickly and easily," he added

As well as the toolkit, businesses can subscribe to the Microsoft Security Bulletin, which keeps them updated on the latest Microsoft security risks and remedies, the company sagely advises.

That's an important point, given the almost daily stream of security risk alerts emanating from Redmond. This raises the point of whether MS is the organisation best placed to give advice on security issues. As the world's biggest software firm it clearly has some responsibility on this front, and educating small businesses on security issues is a useful first step.

It'd be even more useful if MS made its products secure, of course, but we might be waiting a long, long time for that.

Open source and Unix products do offer an arguable more secure alternative to Microsoft wares, but neither is immune to security issues. A lot depends on product implementation, and firms who're are far sighted enough to think these issues through (whatever platform they use) do us all a favour in making the Internet more secure. ®

Security 'impossible' for Win9x, buy XP now, says MS exec
Proof Win2K is still insecure by design
Of TCPA, Palladium and Werner von Braun