Skip to main content


Community and MVP Computer Security Articles

Get real-world insights, advice, and best practices—as well as step-by-step tutorials around key security technologies and processes—from active IT professionals in the security community including Microsoft Most Valued Professionals (MVPs).



  • CISO Perspectives: Data Classification (no longer available)

    A key challenge for organizations is implementing an effective data classification process. Data classification can help organizations apply the right level of control for maintaining the confidentiality and integrity of their data. It can deliver significant benefits including improved ways to manage the organization’s resources, compliance efficiencies and can facilitate migration to the cloud. This article will discuss some of the key challenges, success factors, and potential solutions regarding data classification.


  • Security Keeps the Money Flowing: A Framework for Data Loss Prevention

    The importance of protecting sensitive or important data is paramount for any business. While security technology today is amazingly advanced, so is the motivation and sophistication of the threat landscape. Explore a framework that can help you better evaluate data loss prevention (DLP) technologies for your organization.

  • CISO Perspectives: Today’s Risk (no longer available)

    In today’s rapid-change information security and data protection environment, there is a need to move from a reactive threat-based security model to a more proactive and efficient risk-based model. Gain insight from chief information security officers (CISOs) on some of the key challenges, success factors, and potential solutions for today’s risk environment.

  • CISO Perspectives: Compliance in the Cloud (no longer available)

    The shift to cloud computing provides an organization with the ability to focus on its core value proposition and allows for far greater flexibility and capital cost reductions. This shift often changes the way that organizations operate, and presents unique challenges to information security professionals. from chief information security officers (CISOs) on some of the key challenges, success factors, and potential solutions for compliance in the cloud.

  • Threat Modeling Made Easy

    Managing risk in the enterprise is of utmost importance. The good news is that threat modeling is easier than most people think and is an effective process for systematically identifying and mitigating risk. Get some quick tips to help you kick start your own threat modeling project the right way.

  • End User Education in the Real World

    Learn some valuable tips to employ when educating your users about security and privacy, and find out how to create an effective security awareness program.

  • Implementing a Secure BYOD Environment

    Is your organization considering a "bring your own device" (BYOD) policy that would allow users to connect to your corporate network from their personal devices?  Get tips to help you ensure that corporate data remains secure in spite of the introduction of these unmanaged devices into the corporate network.

  • Microsoft DirectAccess = Automatic VPN!

    Find out how to address common connectivity and security-related headaches with traditional VPNs using Microsoft DirectAccess.


  • Using System Center Endpoint Protection

    Explore the benefits of deploying System Center Endpoint Protection for Windows 8 and Windows Server 2012 computers.

  • Server Hardening with Windows Server 2012

    Learn how to enhance the security of your server infrastructure using the Security Configuration Wizard in Windows Server 2012.

  • Virus Infection Prevention Best Practices for Small and Midsize Organizations

    A surprising number of IT system administrators consider the simple use of antivirus programs and firewalls enough to provide reliable protection from trojans, viruses, and worms. This article outlines a simple, but effective infection prevention strategy that can work for even the smallest organization.

  • Small Business Does Not Mean Small Security

    Your business may be smaller in size, but that does not mean you need to protect it any less than a large enterprise. Even a small security breach or incident can have major impact on a small and medium business. Learn what you can do, as a small or medium business owner, to protect yourself when even the big enterprises are falling victim to security attacks.

  • Patch Management on Business-Critical Servers

    Software system security has come to depend on customer information technology (IT) organizations closely monitoring patches for vulnerabilities, and on the ability of those organizations to test and deploy the patches before they can be exploited. Discover best practices that can help you better manage and deploy patches, avoid downtime, and extend operating time without reboots.

  • The Evolution of Elevation: Threat Modeling in a Microsoft World

    The concept of threat modeling is not new--you can’t design a secure system until you understand the threats to it, and what weaknesses an adversary might exploit in the system. Check out one IT professional's take on threat modeling in a Microsoft world.



Microsoft Security Newsletter

Sign up for a free monthly roundup of security news, bulletins, and guidance for IT pros and developers.