Update: Rival groups debate DHS deal with Microsoft
Other software and operating systems should be considered, the CCIA said
Computerworld - The Computer & Communications Industry Association (CCIA) is criticizing a decision by the U.S. Department of Homeland Security (DHS) to use Microsoft Corp. software, arguing that recent computer virus and worm attacks against Microsoft products are evidence that such a decision is a poor choice.
The contract, awarded June 27, named Microsoft as the "primary technology provider" to the Department of Homeland Security, supplying desktop and server software critical for the agency.
In a letter yesterday to Tom Ridge, the secretary of the DHS, Ed Black, the CEO and president of the Washington-based CCIA, asked the agency to "reconsider" its decision to use Microsoft software inside an agency with critical security needs (download PDF).
The CCIA represents three of Microsoft's biggest direct competitors, Sun Microsystems, AOL Time Warner Inc. and Oracle Corp., as well as a number of computer electronics and phone companies, including Eastman Kodak Co., Fujitsu Ltd., Nokia Corp. and NTT Communications Corp.
"We believe that for software to be truly secure it must be well written from the outset, with security considerations given a high priority," Black wrote in his letter. "Unfortunately, there is ample evidence that for many years economic, marketing and even anticompetitive goals were far more important considerations than security for Microsoft's software developers, and these broader objectives were often achieved at the cost of adequate security.
"Also, from a security standpoint, the lack of diversity within a networked system amplifies the risk emanating from any vulnerabilities that do exist," he wrote. "But diversity is difficult without interoperability, and the benefits of interoperating with more robust systems can be blocked if any dominant player does not cooperate in fostering interoperability."
Jonathan Zuck, president of a rival industry group, the Association for Competitive Technology (ACT), in Washington, said in a statement today that Black's letter smacks of favoritism to the CCIA's own members. Microsoft is a member of the ACT.
"It is appalling that Ed Black and CCIA would exploit our nation's security for politics and greed," Zuck wrote. "CCIA's concerns are not based on good security or public policy, but business opportunities for the horde of Microsoft competitors it represents.To benefit its member companies like Oracle and Sun, CCIA repeatedly has attempted to hobble Microsoft using the political process here and abroad. This is just more of the same."
"Security is the No. 1 issue for the software industry," Zuck wrote. "Instead of this mercenary rhetoric, our industry needs to be focused on working together to improve security across the board and ensuring good security practices inside large organizations."
The DHS awarded Microsoft
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!