Microsoft is leaving no stone unturned in its Trustworthy Computing initiative as it searches for ways to fight viruses and hackers. But its biggest battle is to win over cash-strapped organisations this side of the pond, says Simon Moores.
The RSA Security Conference in Amsterdam this year saw Microsoft making a powerful effort to display its European credentials around privacy, PKI and information security strategy in general.
Microsoft has been working very hard to ensure that its software meets the approval of the regulators in Brussels, and PKI in Windows 2003 is just one example of how it is attempting to provide the standards framework, in this case, digital signatures, that support the EU’s plans for a more joined-up and e-capable Europe.
Detlef Eckert, Microsoft’s director of Trustworthy Computing for EMEA, conceded that much greater trust, in the computing sense, was needed to bring ICT to the next level.
“Tomorrow’s joined-up government," says Eckert, “can only be built on a secure platform of trusted relationships. It is this management of trust, which represents one of the greatest challenges in the 21st century. Without widely available, reliable and secure trust-based systems and technologies, truly joined-up government is unachievable and e-government can only be an aspiration.”
The head of Microsoft’s security business unit, Mike Nash, offered what is by now, a well-polished message, that the company is leaving no stone unturned – which includes placing a $5m bounty on the heads of virus authors - as it searches for measures to further reduce the risks faced by businesses fighting a constant battle against internet-borne threats.
What worried me a little was that Nash did not appear to fully grasp that Europe wasn’t quite the same place as the US when it came to migration. I pointed out that on this side of the pond, migrating from Windows NT 4.0 was a big deal for many organisations and that quite regardless of the security argument; they weren’t going to suddenly roll out a Windows Server 2003 and Windows XP combination just because Microsoft said so, because of the expense involved in doing so.
This makes Microsoft’s job harder and leaves business more vulnerable to the next big threat, when it arrives and arrive it will.
One question I tried to ask was, “Is Microsoft in the business of security or in the security business?” but Mike Nash could only offer the reply, “both of these."
Personally, I do not believe that Microsoft can continue sit on the fence. In my mind; the company is, increasingly, becoming a security products supplier, by default if not by intention, and NSCGB (formerly known as Palladium), the Next Generation Computing Base and many more initiatives underline this inexorable drift in strategy under Trustworthy Computing.
An interesting sound bite from Mike Nash at the RSA keynote, was the company’s comforting vision of “a place beyond patching”, a revelatory experience, which for many of us will occur, not in this world but ‘In a better place’ regardless of your religion, Orthodox Windows or perhaps even Anglican Linux.
Finally, Tony Neate from the National Hi-tech Crime Unit revealed that my web journal is now popular enough to deserve having its URL hijacked by a UK sex site. I should be flattered but while my name is being borrowed, I’m receiving none of the benefits in return.
What do you think?
Is Microsoft turning into a security company? Tell us in an e-mail >> ComputerWeekly.com reserves the right to edit and publish answers on the website. Please state if your answer is not for publication.
Setting the world to rights with the collected thoughts and opinions of leading industry analyst Dr Simon Moores of Zentelligence.
Acting globally, Zentelligence (Research) advises governments, suppliers, business and the media on the evolution, application and delivery of leading-edge technologies and specialises in the areas of eGovernment and information security.
For further information on Zentelligence and its research, presentation and analyst services visit www.zentelligence.com
This was first published in November 2003