|
The continually evolving computing landscape of today has two primary
macro-level developments: more people and businesses rely on computing every
day, and the threats that can undermine trust in computing are increasingly
sophisticated and malicious. From the customers perspective, it is increasingly
important that sensitive and personal information is protected, that software
businesses adhere to business practices that promote trust amongst users, and
that the technology industry renews its focus on solid engineering and best
practices to ensure that the products and services remain reliable and secure.
Microsofts approach to this environment is End to End Trust, is a
long-term, collaborative endeavor to create and deliver a secure, private, and
reliable computing experience for everyone. End to End Trust is in Microsofts
DNA, guiding everything we do. It is more than just addressing todays
challenges. We must ensure that the innovations people will rely on in future
are designed to be secure, respectful of their privacy, and supported by
trustworthy and responsive organizations and practices.
Security
The company has been working wholeheartedly to address security issues in
its software and the industry. As a part of our focus on technology investments,
Microsoft takes a defense-in-depth approach to protection and is aligning
around three core elements.
The focus on fundamentals is making the platform inherently safer. As part of
this initiative, Microsoft has trained its developers, testers, and program
managers in how to develop more secure code, putting in place a process for
developing secure code called the Security Development Lifecycle (SDL).
Another key area of Microsofts approach is enhancing the process and tools
used in updating customer software. Microsoft has been and will continue to work
hard to make the updating process more manageable by making it predictable and
efficient, improving the quality of updates, and investing in better tools and
product enhancements to make it easier.
Microsoft strives to provide a comprehensive and integrated portfolio of
software and technologies that suit the needs of all customers. They do this by
providing central visibility and control of risk, reduced exposure to threats
through leading technologies and a defense-in-depth approach, and seamless
integration with existing IT systems within the security portfolio.
Microsofts approach will also reduce an organizations exposure to attacks
through best-of-the-breed methods for threat protection, detection, and removal.
Data collected using various feedback mechanisms, including MSN Hotmail, Windows
Online Crash Analysis and the SpyNet AntiSpyware Community, combined with a
global multi-vendor research effort, will enable fast discovery of protection
against new threats.
Tackling identity and access control is another important layer of
Microsofts in-depth approach to defense. It has three fundamental parts
namelytrustworthy identity, access policy management and information
protection.
Microsoft is focusing on innovation and integration in this area to help
ensure that users are trustworthy, to help manage policy that dictates what
resources those users can access, and to help protect information for its
lifetime, wherever it is stored.
Privacy
As ubiquitous computing becomes more prevalent, so does the amount of
information and data people transmit. Microsoft believes that its customers have
the right to control their personal information, have the right to be left
alone, and have the right to a trusted experience in which they can rely on
Microsoft technologies, services, and solutions.
At Microsoft, we recognize that privacy is a critical element of a secure
computing experience. We understand that our customers have high expectations
about how we collect, use, and store their personal information. With this in
mind, we create our policies and processes for designing, developing and
testing, to ensure that we engineer privacy enhancement into our products,
implement privacy based technology throughout our internal processes, ensure
that our privacy policies are properly implemented, and provide leadership to
the industry.
In order to create a trusted environment for our customers, we develop our
software, services and processes with privacy in mind. We provide the
opportunity for our customers to opt in or opt out when providing personal
information. We also partner with other organizations and industry professionals
to create policies and standards to safeguard the appropriate usage and security
of personal information.
Reliability
Broadly adopted technologies, such as telephony and electricity, have become
trusted parts of our daily lives. Even though they occasionally fail, the
overwhelming perception is that these technologies are inherently trustworthy.
Achieving similar confidence in technology reliability is a fundamental
objective of Microsofts End to End Trust initiative. The challenge is that
while the overall quality of technology has improved considerably, customer
expectations for end-to-end reliability have outpaced these improvements.
Compounding the challenge is the increasing complexity of software and the
computing ecosystem, plus the lack of benchmarks for reliability. Microsoft has
a vision of seamless computing, in which all types of devices work easily
together as if they were all a single device. We view reliability as a key
enabler of that vision.
We are incorporating reliability best practices throughout the software
development life cycle (from planning and design to deployment and support),
educating our engineers to write more reliable code, creating innovative new
development tools and technologies to improve software quality, and implementing
process changes to improve accountability at all levels.
From there, we work to share these advances outwardly to support a wide
variety of hardware and software partners in the larger technology ecosystem,
ultimately enabling our customers worldwide to have the most reliable and
trusted computing experience possible.
Microsoft is committed to a leadership role in the industry with the pursuit
of increased levels of software reliability. Not only is this drive a critical
part of our work internally, we also are working with our partners and industry
leaders to improve the reliability of all software.
Business Practices
At Microsoft, we are committed to deepening the trust of customers,
partners, governments and communities by demonstrating that we operate with
integrity in everything we do. We strive to meet or exceed our legal,
regulatory, and ethical responsibilities around the world and to hire and reward
employees who share our values and adhere to our standards of business conduct.
Our position as an industry leader is both an opportunity and a responsibility
to set the standard for responsible innovation and community engagement around
the world.
The creation of End to End Trust refocused Microsoft in a way that was
different from the common perception of the company. Today, End to End Trust
is no longer an initiative, its a Microsoft corporate tenet that guides nearly
everything we do. We recognize that challenges still remain and there is still
much to be done. Our journey so far has been challenging and exhilarating and we
are looking forward to build in the momentum and commitment.
Deepak Maheshwari,
The author is director, corporate affairs, legal, Microsoft
maildqindia@cybermedia.co.in
Page(s) 1
| 
Print
Comment
Email
Digg
Del.icio.us
Reddit
Twitter
