Microsoft's chairman tells RSA Conference 2007 attendees that a combination of authentication and access management strategies is what it takes to protect corporate data, but information security pros are willing to wait for the proof.