In January 2002, Microsoft announced a new company-wide strategy to make its products secure. This month, PCWorld.com reports that a recent Forrester Research study shows that information technology (IT) managers believe the software giant has made strides toward its goal but feel there is room for improvement, especially in the way the company provides security fixes.
Microsoft co-founder and CEO, Bill Gates, sent an e-mail message to 49,000 employees on Jan. 15, 2002, saying that Trustworthy Computing would be the company’s highest priority. In his message he wrote, "Trustworthy Computing is computing that is as available, reliable and secure as electricity, water services and telephony." On the issue of security problems, he wrote that Microsoft must develop software "so fundamentally secure that customers never even worry about it."
So, 15 months later, how is the company faring in its quest to reach Trustworthy Computing? Good and not so good, according to 35 information technology managers that participated in the Forrester study. Although nearly 80 percent of those surveyed had experienced security issues with Microsoft products in the previous 12 months, they had some positive words for the company. The IT specialists applauded the company’s increasing use of plug-ins capable of detecting bugs in Windows applications and efforts to provide information to in-house developers about secure software coding practices.
But the IT managers see glaring security issues, which could be remedied in part with user-friendly tools, such as those capable of locking down a Windows operating system. The managers also want to see Microsoft publicize what it’s doing to tighten product security and develop a less-complicated process to distribute security patches.