Compartilhar via

E-Security Review Welcomed

  • Artigo
Robert Mcphoto_conroy

Every day the Internet transforms lives. Social networking is revolutionising how we connect and learn from each other; blogging is invigorating traditional journalism and e-commerce is giving small entrepreneurs access to global markets.

Even more dynamic changes will be seen in the years ahead - advances in medicine that create real-time monitoring and diagnostics, virtual worlds of work that save on transport and energy and new service relationships between citizens and their Governments.

Unfortunately, the same Internet that creates possibilities in our lives also creates new opportunities for criminals.

Two recent events suggested to me that it was time to say something about identity theft and on-line fraud.

The first occurred just over a week ago when a senior federal politician approached me to let me know that “half a billion spam messages were being sent on the internet and it was Microsoft’s fault” While taken aback a little at this challenge I recognised the concern the MP was expressing and was grateful that filtering technology had at least not allowed those messages to get to their targets.

Then this week the Federal Government announced a whole-of-government review of e-security. This is a timely announcement and while I have been critical of the Government’s penchant for reviews of late I think this one is both necessary and has the potential to provide real community benefit.

Personal fears about online security have the potential to slow major advances in the years to come and create a civic partition between those with access to secure net services and those without. Investing in fast speed broadband will be less productive if citizens are afraid to go on-line.

In 2006, 12 percent of EU residents aged 16 to 74 said they avoided online purchases because of security concerns. In comparison, 30 percent said they shopped online in 2007. As on-line transactions increase and more data is transported digitally across the Web the need for secure and safe environments will become paramount.

Right now there are a range of criminal devices that seek to profit from the normal activities of users online. These include:

· “Phishing” scams that try to trick us into entering personal or financial information;

· Malicious software programs that take over computers and engage in nefarious conduct, such as attacking other computers or sending spam;

· Viruses and worms that destroy data; and

· “Keylogger” programs surreptitiously implanted in computers to eavesdrop on every keystroke.

Combating identity theft has become a real challenge. Fortunately, the technology industry, government leaders and law enforcement are all working to reduce the problem. Microsoft is actively engaged at every level.

· Microsoft’s Security Development Lifecycle has produced a 45% decline in vulnerabilities—weaknesses or physical exposures that make a computer susceptible to attack—for Windows Vista® over Windows XP and produced a decline to zero vulnerabilities in SQL Server® 2005 to date.

· Innovative tools such as Phishing Filter (included with Internet Explorer® 7) and Windows® Defender (included in Windows Vista and free via download for Windows XP) and services like Windows Live™ OneCare™ are helping protect individuals on-line.

· Information at the Microsoft website: www.microsoft.com/protect can assist the average PC user protect their computer, their information and themselves.

· As this is a global issue it needs to be addressed with a global response. Microsoft has already participated with industry, government and law enforcement in bringing more than 590 enforcement actions worldwide against spammers, phishers, and spyware and other malicious code distributors.

But these efforts aren’t enough. It is time to fundamentally “change the game” on Identity Theft. A major step in this direction will be  reducing our reliance on “shared secrets” such as usernames, passwords, birth dates, mother’s maiden names, etc., which are almost easier to steal than they are to remember and update.

We need to use new technology that allows our digital identities to be authenticated and, when necessary, vouched for by real-world entities such as governments, schools, post offices, without revealing any information of any value to a thief.

Digital Information Cards create the foundation for such a system, and they are supported by Microsoft’s Windows® CardSpace™ software, along with compatible software from other companies. Information Cards enable the use of convenient encrypted, interoperable, tamper-proof digital “cards”, analogous to the plastic ones we carry in our wallet, to transmit only the information needed to enable a specific online interaction and no more.

Technology by itself can’t solve the problem. To truly change the game will require a collective effort by both the private and public sectors that combines the creation of innovative technology with a strong legislative framework that supports a new digital ID system, improved business practices, tools, training and technical support for law enforcement and expanded consumer education.

The Federal Government will be taking submissions for its review of e-security until 31 July. I’d encourage everyone with an interest to visit https://www.ag.gov.au/esecurityreview and put your ideas forward.

Opinion by Simon Edwards, National Government and Industry Affairs Lead

Comments