Russ: This is The BusinessMakers Show, heard on the radio and seen online at http://www.TheBusinessMakers.com. It's guest time on the show, and our topic today is computer security, and I'm talking serious computer security because my guest today is Henry Goodrow of Microsoft, a technology strategist in security. Henry, welcome to The Business Makers Show.

Henry: Thank you. Thanks for having me.

Russ: Tell us a little bit about your job right upfront.

Henry: So I've been with Microsoft for 11 years, and Microsoft has two basic segments of companies that they work with. The small and medium businesses and the enterprise groups. I work with the enterprise group and work with the top 100 customers worldwide, in particular new oil and gas industry, helping to define their security strategy and mapping how Microsoft might be able to help them with them.

Russ: Okay, now security to me seems like it increases an importance in seriousness about every 20 minutes. Do I have that right?

Henry: Absolutely. I mean if you've looked at the news recently or listened to the news recently, there's been a number of incidents that have occurred. Most recently, we talked about before was Stuxnet, which is an attack that was - that occurred on the Iranian nuclear facilities. And these are very, very highly sophisticated attacks that certainly were targeted at the Iranian facility, but could also occur here on domestic property for things like core infrastructure like oil and gas facilities as well. So it's super important that we do everything in our power to make sure that our systems are protected.

Russ: Okay, so a guy in your position that focuses on security for some of these big oil and gas companies, when you saw that happen, it wasn't so much like, "Wow, our side, we think, was very successful in doing damage to the Iranian nuclear progress," but you look at it suddenly from a defensive perspective that says, "My goodness, if that technology is out there, it could be coming this direction as well."

Henry: So I won't say that it was our side that attacked because we certainly don't know who is doing that. But yes, it is -

Russ: Thanks for the clarification.

Henry: But it is very important that we take the lessons that are learned there and look at how was the attack propagated and what were the factors that they used to create the attack and protect ourselves against similar types of attacks.

Russ: Yeah, you know, it just seems like in the technology world today, and I thought about this during Desert Storm and the next Iraqi war, that when we have these cool technologies, even in those wars, it's like GPS. The other side seems to be able to get the same technology fairly quickly.

Henry: Absolutely. In fact, I was listening to a speaker inside of Microsoft recently that talked about roadside bombs and how people are actually triggering roadside bombs. And you think about most of our cars today have tire pressure monitors, and these tire pressure monitors an RF field radio frequency field. And so they're using that type of information to trigger the roadside bombs based on the things that are just in everyday cars.

Russ: Scary times. But so today in information technology, it seems like things are so sophisticated that it would be very difficult to stay up-to-date.

Henry: It is, and one of the things that Microsoft is doing to help with that level of sophistication is to talk. We produce a report, and that's the topic of our discussion today is the security intelligence report.

Russ: The security intelligence report.

Henry: It's a very long name, but what it essentially is is we have a number of sensors in the environment. We make some tools. One of them is called Windows Defender. We also have security essentials is an anti-virus tool, and I can go on and on, but essentially, we have billions of sensors in the environment, and we try to categorize those attacks into typical attack vectors. So we produce a report called the security intelligence report. The security intelligence report basically contains data from billions of sensors that we have on the internet on every PC where we have a product installed, such as Windows Defender, Security Essentials, which is an anti-virus tool. We also use our search engine, Bing, that scans millions of pages of data.

And we basically look at the types of attacks that are out there and categorize the attacks based on what technology that they're using.

Russ: Wow. So let me ask you this question. I'm a Windows user, have been forever, and continuously, you guys update my version, which is great for me. Would I have some of this technology and software on my system that helps you analyze attacks?

Henry: Absolutely. So a couple of things that we make on the consumer side, one is called Security Essentials. Many people don't realize that we actually make an antivirus product. It's called Security Essentials, and people can actually download that off our website. We also have a number of partners, McAfee and Symantec, who also make wonderful antivirus engines. These tools protect your environment, and they create signatures based on the information that we collect and help protect your system against these types of attacks.

Russ: So the security intelligence report, you guys touch more parts about what's going on in the IT world than anybody.

Henry: Absolutely.

Russ: You assess that, and you come back. "Okay, this is what's going on." So we just had a recent one that came out. Is that correct?

Henry: True. It just came out a few months ago, and the types of data that we're seeing in there is we're actually seeing an increase in the types of attacks that are coming from social networking sites. So instead of attacking the system, the attackers are looking at how can I get human information. And so we see that there's millions of millions of Facebook users. There's millions of LinkedIn users. There are millions of other social networking sites, so how do I then create an attack that goes after human information that I might be able to exploit in other ways. Our Social Security numbers, credit card numbers, information like that.

Russ: So when you say the attacks are coming from social media places, that means that there's some nefarious person out there that's saying, "Okay, where can I go get information?" And they're actually going into to Facebook or LinkedIn and doing their activity within that space.

Henry: Exactly. They might produce a link and say, "Please click here." They might send you an e-mail that says, "Please do this," and it's using the likes of Facebook or LinkedIn or other social networking sites in order to use as a transport mechanism.

Russ: Now you in your job, you know, provide security advice and recommendations in this upper end oil and gas industry. Does this industry worry about what's going on in social media spaces?

Henry: I think they do, and I think there's extremes. I think there are certain companies that will actually lock down their employees from actually going to the likes of Facebook or LinkedIn, and I think there are other companies that see that as an asset. We're certainly seeing a rise of adopting social networking technologies inside the enterprise that are separate from the external Facebooks and LinkedIns and other types of networking sites. But yeah, we're seeing an increased lockdown in terms of how they get to these sites.

Russ: So what else did you notice in the recent security intelligence report? I mean is it like every time one comes out every six months, there's obviously more attacks and more people on the other side, or are there ever less? Are they more serious? Are they less serious?

Henry: I think that the attacks change. As we start to patch certain vulnerabilities, and certainly Microsoft and other systems, the attackers have to change their strategy. Right? And so I think the other key finding in the report that just came out is there has also been an increased number of attacks on Java. Java is an engine that runs on Windows and other platforms that is a programming interface that allows applications to run. And so in addition to patching your Windows environments, then you would also need to patch your Java environment as well.

Russ: Now when you say, once again, attacks on Java, that means that a bad guy out there has realized if he gets into the Java code, he ultimately can get into your computer and get information that he's pursuing.

Henry: That's right, or you know, for example, maybe looking at you have an application that has a form on there that says, "Please fill out your name, birth date, and Social Security number." I could then use that data to steal your identity and do some really bad things.

Russ: Now in your world in Fortune 100 companies, does the employee themselves and what the employee does at home, does that carry any risk with the company itself as well?

Henry: So absolutely. So there's a term that maybe the listeners may not be familiar with called consumerization of IT, and consumerization of IT is a term that we use that identifies the trend where people are bringing their devices into work, whether those are iPads or iPhones or Android phones or Windows phones. They're bringing them into work. They also have corporate data on those devices which they then take back home, and these devices tend to be tethered to a machine at home, a PC at home. So if you're not tending to that machine, then you have the risk of exposing corporate information on those PCs.

Russ: Now before we wrap this up, it seemed like more so about six months ago, about every week, you would hear a corporation make an admission that they had released Social Security numbers and credit card numbers of 100,000 people. It always sounded like it was just a mistake from that corporation. But it made me think boy, those things are becoming so common, it might not have anything to do with a threat from the outside. It makes me wonder, though, are there threats from the outside that are semi-successful that could have caused major disruption, but somehow or another, the company was rescued that we just never hear about? I mean I wonder if that takes place in your world.

Henry: Well, I can't speculate as to whether that happens or not, but I can say that certainly there are sophisticated companies here in town that monitor the types of attacks and definitely see attacks increasing. And so they may not all make the news, but they are certainly being monitored, and sometimes, authorities are involved in pursuing the attackers.

Russ: Before I let you go, leave us with a piece of advice. A big part of our audience are small companies. What kind of general advice would you tell a person running a small 50, 100-person outfit what they should think about, do about security?

Henry: So I'd recommend a few things, and one of the easiest ones is install an antivirus product. It doesn't have to be Microsoft. Install an antivirus product, and make sure it's up-to-date. Second, use a strong password. I get a kick out of my wife uses a very simple password to make it easier to remember, but it really is important that you use a complex password and change it on a regular basis, whether that's every 60 or 90 days. I'd also say you can take a look at the security intelligence report. That's an interesting vector.

Russ: Oh, is that available to -

Henry: It's available for anyone to download if you got http://www.Microsoft.com/securityupdateguide, it has that information available to you there.

Russ: I bet that's great reading.

Henry: It is. It's a - for me, it is. And then also, make sure that you have Windows Update, which is a feature that automatically updates your system turned on on every system.

Russ: Great, okay. Well, Henry, I really appreciate you coming in and scaring the heck out of us to a degree, but we all know it's going on, so we felt obligated to bring in an expert like you and get us back up to date.

Henry: Great. Thanks for your time.

Russ: You bet. That's Henry Goodrow, technology strategist with Microsoft. This is The BusinessMakers Show heard on the radio and seen online at http://www.TheBusinessMakers.com.