Community and MVP Articles

Get real-world insights, advice, and best practices—as well as step-by-step tutorials around key security technologies and processes—from active IT professionals in the security community including Microsoft Most Valued Professionals (MVPs).

2012

• Patch Management on Business-Critical Servers
  

  Software system security has come to depend on customer information technology (IT) organizations closely monitoring patches for vulnerabilities, and on the ability of those organizations to test and deploy the patches before they can be exploited. Discover best practices that can help you better manage and deploy patches, avoid downtime, and extend operating time without reboots.

• The Evolution of Elevation: Threat Modeling in a Microsoft World
  

  The concept of threat modeling is not new--you can’t design a secure system until you understand the threats to it, and what weaknesses an adversary might exploit in the system. Check out one IT professional's take on threat modeling in a Microsoft world.

• Ten Years of Trustworthy Computing at Microsoft: A Developer's Perspective
  

  Increased awareness of the importance of application security over the last ten years has led to an incredible number of Microsoft initiatives for developers--all of which are aimed at making it easier to implement security best practices. Explore one developer's insights on which initiatives have had the biggest impact on the Microsoft developer community.

2011

• Designing a Cloud-Based Mobile Application for Compliance
  

  For rapid development and deployment of a mobile application using federated authentication, the cloud is often the fastest and most cost-effective option available. Using real-world scenarios, this article analyzes how a solution can be deployed securely and successfully to the cloud while still complying with industry security standards and requirements.

• Virtualization: Security Best Practices
  

  Learn about best practices for virtualization strategies, and how to use virtualization to consolidate hardware and reduce equipment, energy, and management costs.

• How to Improve Network Security with Microsoft Solutions
  

  Learn how to safeguard your network data and systems, and how to reduce security risks in your environment with Microsoft Solutions.

• Why Do Security Research?
  

  Get insight into one chief technology officer's evolving motivations for conducting security research and learn why security research is important for the health of your IT organization—and the computing industry as a whole.

• Locking Down the Desktop: Client to Cloud
  

  The integrity of cloud services requires that both users' computers and the servers hosting the users' data are healthy and secure. Get insights to help you ensure the appropriate level of protection in computers that attach to cloud services.

• Why Now is the Time to Review Corporate Email Security
  

  Explore considerations that can help you keep corporate email effective and help maintain safe email habits for your employees and your customers or partners.

• Simple Firewall Best Practices for Small and Midsize Businesses
  

  Learn what to keep in mind when planning for, and suggested best practices for effectively maintaining, firewalls.

• Why You Should Consider Using IPsec Now
  

  Learn why you may want to consider using Internet Protocol security (IPsec) for more than just virtual private network (VPN) connections.

• How to Improve Security on the Edge with Windows Web Server 2008 and Internet Information Services
  

  Explore how Windows Web Server 2008 and Internet Information Services (IIS) 7.0 deliver a platform for developing and hosting websites, services and more that enables IT professionals to—with some minor configurations—help minimize the risks of maintaining a Web server directly on the Internet.

• The Napkin Sketch: An Overview of Secure Anywhere Access with Remote Desktop Services (RDS)
  

  Explore the evolution of Terminal Services, now called Remote Desktop Services, and learn how to use this framework to help provide secure anywhere access to applications, remote desktops, and virtual desktop environments.

2010

• Database Security Best Practices for the Vigilant Database Administrator and Developer
  

  Find out which key considerations you should keep in mind when planning to, optimizing the way you, store, purchase, and acquire data that are critical to your organization.

• Securing the Cloud
  

  Explore key security considerations for moving to the cloud and see why the core security requirements for your IT infrastructure will likely be the same.

• Windows Server 2008 R2 Remote Access Options
  

  Learn about the various remote access solutions available in Windows Server 2008 R2, including traditional PPTP or L2TP/IPsec VPN, SSL-encrypted HTTP VPN with SSTP, IPsec tunnel mode, and DirectAccess.

• Best-Practice Recommendations for Using BitLocker
  

  Get best practices on how to use BitLocker to protect and encrypt customer and company data, manage settings with Group Policy, and report on compliance with industry regulations.

• IT Security Requirements for the New Decade
  

  As technology innovations accelerate in the coming decade, find some best practices that may help take your IT security strategy to the next level.

• Privacy Considerations for C Language Applications
  

  Walk through some of the core aspects of privacy you should consider when developing applications, services, and Web sites using C development languages.