Microsoft Talks Trust
Microsoft is, of course, a leader in the arena of IT and software development.
And yet, I often feel that Microsoft runs the business the way I drive in rush-hour
traffic -- an abrupt, panic-filled drama punctuated by angry shouting and the
occasional triple-lane change. Still, the company almost always seems to get
where it's going.
In the mid-'90s, Microsoft reworked its entire MSN strategy and launched Internet
Explorer in response to the rise of the World Wide Web and Netscape. Just six
weeks ago, Redmond suddenly announced a strategic
interoperability pledge in response to competitive and regulatory pressure.
And now today, at the RSA
Conference keynote in San Francisco, Microsoft Chief Research and Strategy
Officer Craig Mundie talked about what the company calls its "End to End
Trust vision."
We've heard this word "trust" before. It emerged in January 2002
in the now-famous Bill
Gates e-mail that, for the first time, placed security ahead of functionality
in the Redmond product development stack. As Gates wrote at the time:
"Trustworthy Computing is the highest priority for all the work we
are doing. We must lead the industry to a whole new level of Trustworthiness
in computing."
That e-mail helped launch the Security Development Lifecycle (SDL) at Microsoft,
and was critical in cleaning up the mess in such strategic products as Microsoft
Office, SQL Server and IIS.
Now, Microsoft is broadening the challenge, seeking to drive a strategic discussion
of privacy and security to the larger Internet. In the months ahead, you'll
hear a lot of talk about the "trusted stack" and what it will take
to achieve what Microsoft calls a "more secure and trustworthy Internet
ecosystem."
This is a big topic Microsoft is taking on, and one that we should all make
a point to pay very close attention to. The idea of a trusted stack certainly
brings with it a host of integration, leverage and lock-in opportunities for
Microsoft. But it also invites a true "lift all boats" scenario, where
Microsoft may stand to profit most by working closely with, rather than competing
against, its fiercest rivals.
If there's one truism in all of these developments, it's this: The work is
never done. On the same day Microsoft announced its End to End Trust vision,
the company sent out a Patch Tuesday security bulletin detailing five
critical security vulnerabilities.
What do you think of Microsoft's End to End Trust vision and its push for a
trusted stack? Speak up at mdesmond@reddevnews.com.
Posted by Michael Desmond on 04/08/2008