Browse > Home / Business strategy, Microsoft, News / Microsoft and Security

Microsoft and Security

November 5, 2008

Not long ago, I gave a briefing to a group of people involved in operational intelligence. One of the people at this briefing made a comment about Microsoft’s increasing support of law enforcement. I can’t go into detail, but the company makes tools, information, and professional resources available to some of the operational intelligence community.

I did not take a stand on this Microsoft initiative. The reason was that it was not my role in this briefing to address the subject. My personal thoughts on this matter were that paying attention to security in 2008 is not exactly a timely response to risk. I have heard some of my contacts assert that Microsoft created much of the security hassle because the company rolled out products that made it trivial to exploit careless users or inattentive information technology professionals. I kept quiet.

A story in Good Morning Silicon Valley caught my attention on November 4, 2008. The author gave voice to some of my thoughts. I urge you to read ‘Windows Security Excellent as Long as You Don’t Run Apps’ here. The article includes links to some information about Microsoft’s security work, and it makes one key point. Users constitute the major threat to Windows security.

Keep in mind that any security system’s weakest link is a human who can either make a bad decision, be compromised, or be careless. Nevertheless, I think it is important to remember that widely used software has a security obligation. Responding to a fire after the building has been mostly destroyed makes a fine display and attracts public relations attention. The late response does not save the building.

Stephen Arnold, November 5, 2008

Written by Stephen E. Arnold · Filed Under Business strategy, Microsoft, News 

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta