Microsoft Security Guru Leaves for

Jesper Johansson, a high-profile security guru at Microsoft, moves on to serve as principal security program manager for e-commerce giant Amazon.

Jesper Johansson, a high-profile security guru at Microsoft, has left the company.

Johansson, who served for five years as a senior security strategist at the Redmond, Wash., software maker, will move to become principal security program manager at, headquartered in Seattle.

A regular at security conferences and Microsoft events, Johansson served as a passionate evangelist of the LUA (least-privileged user account) concept, which is being implemented as the default in Windows Vista under the name of UAC (user account controls).

He recently made a public plea for Windows Vista beta testers to leave the User Account Control feature turned on to help Microsoft gather information so that it can reduce the annoyances of the feature in a secure manner.

Johansson is also an advocate for the use of safe-passwords techniques in the enterprise.

At the height of the WMF zero-day attacks earlier in 2006, Johansson offered measured advice on the use of unofficial patches and he was constantly on the move, traveling around the world to help customers figure out how to use Microsofts products securely.

He is considered one of the worlds leading experts on how to protect installations of Windows and recently co-wrote Protect Your Windows Network, a book that serves as the standard Microsoft security guide for system administrators, network admins and security professionals.

/zimages/7/28571.gifClick here to read more about the advantages of the "least privilege" strategy for user accounts.

Prior to working at Microsoft, Johansson was an assistant professor of Information Systems at Boston University. Previously, he was one of the core Windows instructors at the SANS institute and also founded the SANS Windows Security Digest.

His departure is a major surprise, coming ahead of Microsofts planned rollout of several new security products for the enterprise and consumer markets and the release of Vista as Microsofts "most secure operating system ever."

/zimages/7/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

"The sands of time seem finally to have run their course," Johansson wrote on his blog. "This was a very difficult decision for me and has taken a long time to make. All in all, I have had a great five years to look back at. So much has changed in security at the company since I came here. It has been a remarkable ride to see the turn-around and having been able to play part of if for this long."

/zimages/7/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.