Microsoft has released a great slide deck and Word document discussing what the Microsoft Corporate Security group does to prevent malicious or unauthorized use of digital assets at Microsoft.
It is very interesting to see how their asset protection takes place through a formal risk management framework, risk management processes, and clear organizational roles and responsibilities. The basis of the approach is recognition that risk is an inherent part of any environment and that risk should be proactively managed. They say that the principles and techniques described can be employed to manage risk at any organization.
Its well worth your time to see how they present the information. Although this is not really “new” information, its interesting to see Microsoft so open about it. And man.. their slide decks sure are looking much better now adays. [Dana Epp's ramblings at the Sanctuary]