What do our customers think of Microsoft Security?

You may recall that I shared the results of the previous Security Newsletter Survey - here's the latest version.

In case you're not familiar with the survey it comprises feedback and charts from the readers of the Microsoft Ltd (UK) Security Newsletter - I think both the charts and verbatim comments are pretty interesting

 

 

Survey: (Jan 09) Security Newsletter Survey
Client: Microsoft UK
Date ranges: All dates ((Jan 09) Security Newsletter Survey)
Available dates: No restriction (all to Feb 11th 2009 09:52)
First collection: Jan 30th 2009 12:57
Last collection: Feb 09th 2009 12:44
Responses collected in period: 66
Average collection rate: 0.3 per hour (6.6 per day)

Considering security overall, to you think Microsoft is...

#
Better than other companies 48.44%
The same as other companies 39.06%
Worse than other companies 12.50%
n = 64

Could you tell us what, if anything, you really like about the newsletter and how it adds value to you?

I like the open nature of the authers. It keeps me in touch with best practices and points me at areas I may have overlooked in my busy schedule.

The newsletter is just saying that Microsoft is better than any other IT Company - Rubbish. You release bug fixes / security updates every month - if you wrote the software properly in the first place then you wouldn't need to. Also, why are all the security updates to help because someone has discovered that a program / code can cause remote access to a Windows based PC. Do you not have any other reasons why a security update is released.

Keeps me informed of new developments and new risks from virus attacks. I am a committed Windows One Care user.

I've only received one copy so far but I like the variety of articles and that it's not just a marketing exercise.

It's a useful summary/reminder of the current patches available. Some of the coding articles are useful to help avoid future pitfalls.

The magazine doesnt scare you like reading the daily news like yahoo, I like it because it seems the content can be read by anybody with interest in security topics and it comes across as a 1 to 1 tool. keep it up microsoft :).

Feedback is Good tp paraphrase Gecko.

Its informative and varied.

I get a Microsoft view on security issues re their products.

As images are blocked at the gateway by my company. A single link at the top to a web version would be really handy.

It's the best starting point to reach all needed information concerning security with Microsoft products.

Good overview of topical security issues of the day with links to additional/more detailed information on the topic.

It is regular, informative and seems honest and reasonably objective.

Useful updates on relevant security issues. Good mix of technical articles and simple tips.

Being informed.

I like the fact that is is a starting point to explore issues and solutions that are currently being mooted.

Up to date concise relevant information without having to read loads of marketing.

The newsletter is very informative and I; as an IT professional. Am dedicated in my overall approach, to security improvement. (In the sixty hours a week that I work).Always for the greater good of Microsoft. On any one, or, two or more PC's that I use. I scan and update my PC's a lot using Microsoft products and feel that the newsletter gives me an edge, overall, in my ongoing quest to improve my own and Microsoft's security policies.

Its nice to know what is going on in the world of security.

It keeps me up-to-date on current security issues.

There is information there that I would not otherwise have heard about.

The newsletter seems to have changed style from the more formal to less formal (perhaps a reflection on a change in Microsoft) albeit a little too late! Security issues generally good to have the all round aspects although I do see changes now which do not reflect the serious nature of Microsoft's security now comparing it to other OS and browsers. 2008 newsletters seemed more serious.

It gives me a fair and balanced view of the risks to Microsoft products against the other products out there. I have to say that I trust the information that I get from the Microsoft Security Newsletter, but can't say that for other sources of information.

Being kept up to date on security and abreast of the opposition (Hackers and the like)!

It is well presented and even I as an amateur can distinguish what is for me and what is not!

Notifies me of important steps to take which I might have been unaware of.

I feel that it gives an honest appraisal of everything concerned with Microsoft even the security issues.

It is straight forward.

Info on the background to security issues.

It gives mw in one place, information I might have missed in other sources.

It as general information about what microsoft is downing that I would not get from where I usually browser.

Keeps me up to date.

Nothing to improve. All is perfect.

It means Microsoft can explain its policy and also keeps me in touch with the policy and problems tackled.

The newsletter gives an insight into the thinking of MS and key people in MS - it also adds some context and extra information about whats going on, what the threats are etc - it's a good thing to receive.

Keeps me upto date with whats happening around the world with security issues.

It advises you, rather then telling you what to do. Its a very good piece of factural information aswell as entertaining.

Keeps me up to date with the bad lads out there.

It is clearly and easily laid out and understandable.

As a Systems Administrator you don't get time to research into specialised areas. The newsletter is written by security experts who can point me in the right direction as to what is currently relevant and worthy of my direct attention with regards to IT security and how I can apply it to support my meriad other responsibilities during the working day.

I don't currently work in IT so it adds very little professional value to me. But I enjoy reading it.

Gives coverage of more than microsoft, formal yet informative.

It is a question of you cannot search for information that one does not know about. It is the means of promulgating that information. At that point one then has knowledge not previously known and thus can act on it if applicable.

Helps keep me up to date on how to protect my computer against problems that may cause me to lose all my work, and is an interesting read.

Snappy headlines and feature rich. Keeps me informed on the impotanat news at a glance.

The overall view of security within the IT world and not just specifically Microsoft products.

Quick to scim-read. Issues I am unaware of tend to stick out so I click and read more.

Lots of useful information.

Can't say I "really" like anything about the newsletter - it's good to keep up to date with what's going on but much of it is not relevant.

Lets me know what Microsoft is doing to help make its products more secure and provides access to tools that help me as an IT professional protect my users and networks, making them more secure.

The newsletter is always informative and up to date. it provides infromation on security for my microsoft products which I find make things easier when I am doing security for my networks.

Summarises most of the information I need in a single place ... no need to go searching.

I like the Security Guidance section. There I can often find useful articles and documents that explain how to improve security in MS products.

A good round up of what's going on with MS security.

I read 3 computer magazines a month but they tend to be telling me about security issues after they have already been dealt with due to the speedy notifications in the newsletter (and of course the automatic downloads) that are keeping me up to date with the info behind the downloads.

It keeps security issues at the forefront of my thinking and ensures that I stay on top of the issues.

Ed Gibson's feature because of his different perspective of IT. Most people I work with and new sources are very IT.

I like every thing.


If any, what other sources of information do you use with regards to security and IT?

Online forums and web sites eg- techrepublic and paper press.

The Register. The software manufactures help sites - update site. Google.

BT Yahoo.

Various other websites, RSS feeds and newsletters.

Ubuntu Security Notices, Government ITsafe notifications and a variety of anti-virus vendor RSS feeds.

GRC.com is good - in my eyes - it should be a wakeup call to everybody. Antivirus companys are a must to keep uptodate with breaking news and lastest work arounds!

Awareness is VIP.

Infosec and various ther sources.

The Register, US CERT, BCS Security newsletter, BCS IRM.

All sources I can get hold off.

Only Microsoft Products documentations, Courses, Meetings and conferences.

Irish reporting and information security service - www.iriss.ie.

Http:/www.security-forums.com/.

Http:/www.dshield.org.

In terms of technical advice - Experts Exchange, and in terms of news - BBC Technology site. I also get books on Code security and general IT security.

Security mailing lists (e.g. CERT lists).

Pcpitstop.com, codeproject.com.

Norton security response.

NtBugtraq, SANS, Symantec.

I always look from the point of view of a potential attacker, in my strategy against intrusion and other threats to my Windows PC's. Just like we secure our homes; with locks and alarm systems. I also extensively research my potential enemies tactics. Constantly gathering information on how they operate, from many sources. The ancient saying: "Know your enemy". Is one of my main methods of defence.

Games & Computing.

Computer Shopper is my main source of these sorts of information.

I also use the government source which usually follows the Microsoft source.

Forums plus blogs as I feel the scope has changed and with the non start with Vista I feel Microsoft are trying to cover up and make themselves friendly which other blogs and forums give a better real statistic view.

Tech republic, and a host of other publications.

Nothing, I rely on microsoft for that.

What AVG provides.

Cnet, Technet, Znet.

Try to keep up to date with all the latest security threats.

Zone Alarm-Windows update-Mozillz firefox Update.

None.

McAfee, BBC website, Guardian IT news.

Just general blogs with links to the usual secruity sites. (I let others filter out all the dull stuff).

Forums, magazines, chat with other people.

Google kaspersky.

BBC's Click.

I read online stuff like the windows secrets newsletter - I browse the antispyware forums as I help my friends by removing stuff from their PCs - a number of places have gone under over time - the passing of castle cops was a blow to PC users everywhere. I regularly purchase IT related mags and stuff, like PC Advisor etc....

BBC website.

I get a Symnatec Newsletter at work.

Bbc news.

Hmg.

ZDNet group, Secunia PCI.

My other main source of info is Tech Republic which gives me a global view of security and IT.

Googling processes and virus descriptions which invariably lead me to microsoft.com.

Computer mags.

As many sources as one can obtain especially where security is concerned if ones system is relevant to business and financial activities. It is also extremeley relevant for keeping up to date in a fast moving it industry.

Anti virus software updates, other newletters, he internet, friends advice etc.

Other printed Magazines.

Windows IT Pro Magazine, The Register and various Antivirus vendor sites.

General news websites and specific computer security websites.

Schneier webiste. CESG website. DISA & NIST websites.

General web browsing; The Register; other mailing lists.

Various mailing lists and technology websites. AV and Anti-Malware vendors.

Tech republic.com, elite hackers.com.

The Register, Secunia.

Books, articles on web sites, discussion with colleagues and suppliers.

Various websites and colleagues.

The internet, I have my homepage setup with an area linked to magazines that I subscribe to.

Forums, CERT websites, AV vendor websites, Bugtraq.

Industry contacts.

Websites such as The Register, The Inquirer and BBC.


If you would like to make any other comments, including ways we can improve the newsletter to make it more useful to you, please use the box below:

No, I read it and file it away.

No. In my opinion you are the best and are doing fine.

More information on how Microsoft is being proactive on security vulnerabilities. We pay a premium for proprietary software but at present you seem to be reacting to exploits like the Open Source world. Help us justify to customers why you are worth paying for!

More infomation on BAD people who write virues and spyware, I want to see more getting locked up, .

Fien as is.

Knowing that a Computer has to be protected, sometimes we have to manually delete either a virus or some other beast from a Machine. It would be very useful and interesting being able to connect, from your newsletter, a database containing that kind of procedures concerning Microsoft products.

More tutorials would be good; the best way to inform is using practical examples of pros and cons. Competitions encourage word of mouth and interaction. Free subscriptions to Technet perhaps?

There's a spelling mistake in the first question. 'to'? I expect they've paid a lot of money to have this survey put together! Proof read it...

The most recent edition was weak - don't criticise the competition: have the confidence to stand on your own merits. Pointing out other's weaknesses just comes across as trying to distract people from one's own.

A shorter notification aimed at non technical / non professional people, would greatly enhance security, keeping the ordinary user informed would go a long way to stop the spread of viruses and hoaxes.

I like the format of the news letter, and enjoy following the links as these generally lead to other issues that can be explored.

To be totally honest with you. The best, and only way that you will ever improve this particular newsletter. Is to create a harsher, and more clinical approach in regards to security, Rather than your softly, softly, customer friendly tone. As you do not instil any fear. Or true, sober and dynamically thought out endeavours. To really shock people to the reality of the threats that are facing them.

News and information about virus outbreak, how they work and what people are doing to prevent them.

It's just the same as is happening now. Listening to users.I find it a good source of information.

Perhaps stop trying to mimic other OS as there is no way Microsoft despite mentioning Mac OS and other browsers will ever compare - life with a Mac is much superior :) learn to enjoy the computer and not fear what Microsoft will do next the new virus speaks for itself.

Not at the moment.

Maintain news for xp users.

None.

Change design of letter! Could you make something like this survey design?

Some explanations can be a bit too technical for the layman.

MS could really assist in having a tool to encrypt and save the original registry settings - I'm talking XP here as I don't know anyone using a vista PC in anger. Give us a method of getting a PC back to it's original state - without losing data - but losing all the spyware and rubbish that's written into the registry. Protect the hosts file - put an alarm on it, some mechanism that warns the user that settings are being changed. This needs to be an op system function, not some add on. The newsletter is great - you could add some brief features on security code? Or rather how to write code that isn't going to cause registry overloads with "unpredictable" consequences....

It fine for me.

Keep it easy for the new ones on the block.

I like the newsletter generally, although most of it is not appropriate for my needs, but I would prefer you not to cover too wide a range of topics, as I believe the content matter may become diluted in an effort to cover too many subjects.

I like the way Tech Republic inserts the occasional video feature. Its quick and easy to view, is almost always relevant, takes no more than 5 minutes and adds personality to the newsletter.

Well done.

Whilst I do not consider Microsoft as the B ALL and there are deficiencies in their systems etc. It would be nice if some of the other hardware and s/w providers took some note of Microsoft and were as informative in keeping their clients updated and informed automatically without having to constantly search for that information that one does not know about!

Can it be personalised to only show relevenat user specific content.

Don't particularly want the newsletter to be better; just want MS to be better. I'm not saying that MS is worse than others but it ought to be the best and yet we still seem to see exploits of stuff which seems blindingly obvious!

None, all good. Thanks.

An expansion on the immediate threats to IE8 would be great.

It could be nice to have a "security tips" section, without links to external pages, to provide quick ways to improve security. It could interesting to have a 5-10 steps procedure to configure security settings in Microsoft products.

The only problem I seem to be having with the newsletter is that not all of the hyperlinks work. Those down the right hand side usually all work but those within the text don't always work.

The newsletter pushes the 'new' technologies but gives very little for those of us who are in organisations that are on the older systems and not about to move.