Update: Gates wants security top priority at Microsoft
IDG News Service - Bill Gates is getting serious about security. Microsoft Corp.'s chairman and chief software architect is calling on the software giant's 49,000 employees worldwide to make "trustworthy computing" the company's highest priority.
"In the past, we've made our software and services more compelling for users by adding new features and functionality, and by making our platform richly extensible," he wrote in the memo to employees dated Jan. 13 that was made available to the media. "We've done a terrific job at that, but all those great features won't matter unless customers trust our software. So now, when we face a choice between adding features and resolving security issues, we need to choose security."
One observer said the memo doesn't necessarily mean a new strategy for Microsoft.
"I think the announcement itself is probably more political than one of substance," said Graham Titterington, a senior analyst at research and consulting firm Ovum Ltd. "IBM has decided to make privacy one of its key themes over the next quarter or so ... so there may be a little bit of me-tooing in this announcement."
Microsoft spokeswoman Kimberly Kurseman disagreed, saying Gates statement is a "call to action" for Microsoft employees.
"This is definitely, not a 'me too,' action," she said this afternoon. "I think it is worthwhile to note that this is an issue that Microsoft, from the executive level on down, has been thinking out for some time. It is a long-term initiative for the company, and Bill's memo is a call to action to all Microsoft employees."
According to another Microsoft spokesman, Visual Studio.Net is the standard for developing more secure products.
"Visual Studio.Net, which is shipping next month, has undergone an intense code review with a focus on ensuring security," he said. "The Office team has also undergone similar training for its developing and test teams. The other product groups are also committed to executing on Bill's leadership, following the path he lays out in his e-mail."
Kuresman said the emphasis in the past had been more on producing products that customers wanted -- products with extensive features and functionality. Now, she said, Microsoft will examine the balance between "extensivity" and security.
"There will be an internal culture and mind-set change in terms of how products are developed," she said. "When we think about developing software, we need to think about security first. Customers are saying they want certain types of features, but now it's dawning on them that they want to do things securely."
Kuresman said 7,000 Windows Microsoft developers are being trained internally in security; the company is
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!