Update: Gates wants security top priority at Microsoft
IDG News Service - Bill Gates is getting serious about security. Microsoft Corp.'s chairman and chief software architect is calling on the software giant's 49,000 employees worldwide to make "trustworthy computing" the company's highest priority.
"In the past, we've made our software and services more compelling for users by adding new features and functionality, and by making our platform richly extensible," he wrote in the memo to employees dated Jan. 13 that was made available to the media. "We've done a terrific job at that, but all those great features won't matter unless customers trust our software. So now, when we face a choice between adding features and resolving security issues, we need to choose security."
One observer said the memo doesn't necessarily mean a new strategy for Microsoft.
"I think the announcement itself is probably more political than one of substance," said Graham Titterington, a senior analyst at research and consulting firm Ovum Ltd. "IBM has decided to make privacy one of its key themes over the next quarter or so ... so there may be a little bit of me-tooing in this announcement."
Microsoft spokeswoman Kimberly Kurseman disagreed, saying Gates statement is a "call to action" for Microsoft employees.
"This is definitely, not a 'me too,' action," she said this afternoon. "I think it is worthwhile to note that this is an issue that Microsoft, from the executive level on down, has been thinking out for some time. It is a long-term initiative for the company, and Bill's memo is a call to action to all Microsoft employees."
According to another Microsoft spokesman, Visual Studio.Net is the standard for developing more secure products.
"Visual Studio.Net, which is shipping next month, has undergone an intense code review with a focus on ensuring security," he said. "The Office team has also undergone similar training for its developing and test teams. The other product groups are also committed to executing on Bill's leadership, following the path he lays out in his e-mail."
Kuresman said the emphasis in the past had been more on producing products that customers wanted -- products with extensive features and functionality. Now, she said, Microsoft will examine the balance between "extensivity" and security.
"There will be an internal culture and mind-set change in terms of how products are developed," she said. "When we think about developing software, we need to think about security first. Customers are saying they want certain types of features, but now it's dawning on them that they want to do things securely."
Kuresman said 7,000 Windows Microsoft developers are being trained internally in security; the company is
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!