Update: Rival groups debate DHS deal with Microsoft
Other software and operating systems should be considered, the CCIA said
Computerworld - The Computer & Communications Industry Association (CCIA) is criticizing a decision by the U.S. Department of Homeland Security (DHS) to use Microsoft Corp. software, arguing that recent computer virus and worm attacks against Microsoft products are evidence that such a decision is a poor choice.
The contract, awarded June 27, named Microsoft as the "primary technology provider" to the Department of Homeland Security, supplying desktop and server software critical for the agency.
In a letter yesterday to Tom Ridge, the secretary of the DHS, Ed Black, the CEO and president of the Washington-based CCIA, asked the agency to "reconsider" its decision to use Microsoft software inside an agency with critical security needs (download PDF).
The CCIA represents three of Microsoft's biggest direct competitors, Sun Microsystems, AOL Time Warner Inc. and Oracle Corp., as well as a number of computer electronics and phone companies, including Eastman Kodak Co., Fujitsu Ltd., Nokia Corp. and NTT Communications Corp.
"We believe that for software to be truly secure it must be well written from the outset, with security considerations given a high priority," Black wrote in his letter. "Unfortunately, there is ample evidence that for many years economic, marketing and even anticompetitive goals were far more important considerations than security for Microsoft's software developers, and these broader objectives were often achieved at the cost of adequate security.
"Also, from a security standpoint, the lack of diversity within a networked system amplifies the risk emanating from any vulnerabilities that do exist," he wrote. "But diversity is difficult without interoperability, and the benefits of interoperating with more robust systems can be blocked if any dominant player does not cooperate in fostering interoperability."
Jonathan Zuck, president of a rival industry group, the Association for Competitive Technology (ACT), in Washington, said in a statement today that Black's letter smacks of favoritism to the CCIA's own members. Microsoft is a member of the ACT.
"It is appalling that Ed Black and CCIA would exploit our nation's security for politics and greed," Zuck wrote. "CCIA's concerns are not based on good security or public policy, but business opportunities for the horde of Microsoft competitors it represents.To benefit its member companies like Oracle and Sun, CCIA repeatedly has attempted to hobble Microsoft using the political process here and abroad. This is just more of the same."
"Security is the No. 1 issue for the software industry," Zuck wrote. "Instead of this mercenary rhetoric, our industry needs to be focused on working together to improve security across the board and ensuring good security practices inside large organizations."
The DHS awarded Microsoft
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts