Update: Gates wants security top priority at Microsoft
IDG News Service - Bill Gates is getting serious about security. Microsoft Corp.'s chairman and chief software architect is calling on the software giant's 49,000 employees worldwide to make "trustworthy computing" the company's highest priority.
"In the past, we've made our software and services more compelling for users by adding new features and functionality, and by making our platform richly extensible," he wrote in the memo to employees dated Jan. 13 that was made available to the media. "We've done a terrific job at that, but all those great features won't matter unless customers trust our software. So now, when we face a choice between adding features and resolving security issues, we need to choose security."
One observer said the memo doesn't necessarily mean a new strategy for Microsoft.
"I think the announcement itself is probably more political than one of substance," said Graham Titterington, a senior analyst at research and consulting firm Ovum Ltd. "IBM has decided to make privacy one of its key themes over the next quarter or so ... so there may be a little bit of me-tooing in this announcement."
Microsoft spokeswoman Kimberly Kurseman disagreed, saying Gates statement is a "call to action" for Microsoft employees.
"This is definitely, not a 'me too,' action," she said this afternoon. "I think it is worthwhile to note that this is an issue that Microsoft, from the executive level on down, has been thinking out for some time. It is a long-term initiative for the company, and Bill's memo is a call to action to all Microsoft employees."
According to another Microsoft spokesman, Visual Studio.Net is the standard for developing more secure products.
"Visual Studio.Net, which is shipping next month, has undergone an intense code review with a focus on ensuring security," he said. "The Office team has also undergone similar training for its developing and test teams. The other product groups are also committed to executing on Bill's leadership, following the path he lays out in his e-mail."
Kuresman said the emphasis in the past had been more on producing products that customers wanted -- products with extensive features and functionality. Now, she said, Microsoft will examine the balance between "extensivity" and security.
"There will be an internal culture and mind-set change in terms of how products are developed," she said. "When we think about developing software, we need to think about security first. Customers are saying they want certain types of features, but now it's dawning on them that they want to do things securely."
Kuresman said 7,000 Windows Microsoft developers are being trained internally in security; the company is
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts