Trustworthy Computing Continues to Build Momentum
The third year of Microsoft’s long-term commitment saw progress in technology investments, industry leadership and customer guidance.
REDMOND, Wash., Jan. 13, 2005 — Scott Charney wants people to think of using their computer in the same way they think of using their telephone.
Scott Charney, vice president, Trustworthy Computing, Microsoft Corp.
Not that Charney, vice president of Trustworthy Computing at Microsoft, is trying to advocate voice over other communication choices. Rather, he points out that people will walk up to almost any telephone, pick up the receiver and take for granted that they will get a dial tone. Even though the phone system occasionally fails, people are still confident that they will get a dial tone, their call will be completed, and their conversation will be secure and private.
Charney wants people to think about computers in the same way. And that is why Microsoft is full steam ahead on its Trustworthy Computing initiative, which marks three years of progress on January 15. Launched by an internal memo from Chairman and Chief Software Architect Bill Gates in 2002, Trustworthy Computing is a long-term effort to create and deliver secure, private, and reliable computing experiences for everyone.
Charney says Microsoft made significant progress in Trustworthy Computing’s third year, progress reflected in its technology investments, industry leadership and customer guidance. Even so, he says, Microsoft recognizes there is a long way to go.
“Remember that the telephone evolved over several decades to reach today’s level of trust; party lines were hardly secure or private,” he says. “Computers have reached global ubiquity in only 20 years, but the industry is still maturing, and reliability, security and privacy — the things that create trust — are still improving. People recognize the value of computing, but many people still wonder if something bad will happen when they are using their personal computer.
“Trust in computing is critical if technology is to deliver on its promise. Microsoft’s leadership will hopefully help the industry generate that trust sooner rather than later.”
Technology Investment and Innovation
Microsoft offers numerous sites with information, tips and guidance for users, both corporate and consumer, in support of its Trustworthy Computing initiative. These include:
Trustworthy Computing: Complete details about this long-term initiative.
Security and Privacy Customer Assistance: More detailed information on how to deal with common security and privacy problems.
Security and Privacy reference materials: Microsoft Press publishes an extensive selection of books on computer security, privacy and safety issues.
Security Guidance Center: Major resource for IT professionals and developers.
Security home page: An extensive resource for home and small business users.
Security at Home: Home users of all expertise levels will find help and information on topics including viruses, spam, Spyware, security in laptops and mobile devices, and more. Start at Protect Your PC.
Strategies for Reducing Security Risks: How to address the computer security issues that impact the bottom line.
MSN Security: User-friendly help to protect yourself online. Includes tips on privacy and e-mail protections, and ways to keep your kids safe on the Web.
GetNetWise: Ways to help families stay one click ahead of Web bad guys.
End the Spam Epidemic: Information from the Microsoft Safety and Technology Strategy team about its work with customers, partners, and governments worldwide to address online safety issues like spam and phishing.
Technology advances in the third year of Trustworthy Computing came both in products and processes at Microsoft. For example, several groups across the company collaborated with Microsoft’s Safety, Technology and Strategy Group to integrate anti-spam and anti-phishing technology into Hotmail, MSN, Microsoft Office 2003 and Microsoft Exchange Server 2003. New error-reporting technology in Microsoft Windows XP and Microsoft Office XP automatically captures details about product or service failures and offers users the opportunity to report those details to Microsoft to help advance product improvements. Information rights management technology in both Office 2003 and Windows Server 2003 addresses information protection concerns regarding e-mail, spreadsheets and Office documents.
Development of Microsoft products that are either used in an enterprise, are routinely connected to the Internet or are used to process sensitive or personal information is now guided by the Security Development Lifecycle (SDL). The SDL is a formalized process that incorporates security checkpoints and milestones at every stage of a product’s lifecycle, from