Gates Urges Top Priority for Product Security
Microsoft Corp. Chairman Bill Gates said in a rare companywide memo that employees need to make increasing the security of the firm’s products their top priority.
The memo e-mailed Tuesday substantially raises the internal profile of security issues, an area in which Microsoft has faced mounting criticism from customers, analysts and even national politicians.
“If we don’t do this, people simply won’t be willing--or able--to take advantage of all the other great work we do. Trustworthy computing is the highest priority,” Gates wrote.
Gates compared the significance of the communique to his earlier sweeping strategic calls to embrace the Internet and to move toward a vision of software as a service.
Alluding to security breaches, viruses and attacks in Windows and other operating systems, Gates said Microsoft has done a good job in responding quickly.
“But as an industry leader we can and must do better,” he said. “Our new design approaches need to dramatically reduce the number of such issues that come up.”
In the last month, a gaping hole was found in Microsoft’s newest operating system, Windows XP, that could allow hackers to take control of a PC through the Internet. The discovery brought a rare FBI warning to the general public. And a flaw in its Internet browser was found to expose data on a PC.
The issue is crucial for Microsoft because it needs more consumer confidence to establish a bigger market for Web services. It also wants to sell more to businesses, which are making software buying decisions based on security.
And the company is beginning to lose political capital as well. Last week, a panel of technology experts assembled by the National Academy of Sciences said lawmakers should consider ending software companies’ special protection from product liability lawsuits. Rep. Rick Boucher (D-Va.), who co-chairs the Congressional Internet Caucus, said last week that he is looking into the matter.
Gates made clear in the memo that the company should jettison new features in products if including them would mean decreasing security.
