Security issues have been a thorn in the side of IT service managers for many years. Even fully qualified ITIL practitioners would be left cursing at some software vulnerabilities, which is why we want to acknowledge the anniversary of the scheme which has seen the massive improvement in Microsoft software and beyond.
It was 10 years ago that Bill Gates personally made sure that everyone working for Microsoft was well aware that security was the software giant’s highest priority. This led to the creation of Microsoft’s Trustworthy Computing (MTwC) initiative; a scheme to make sure that Microsoft product benchmark was raised to ensure that as standard their products would be private, reliable and secure.
This scheme emerged at a time where Microsoft products were looking increasingly vulnerable to online attacks with viruses, Trojans and worms becoming increasingly active on the internet and proving very effective against Windows operating systems. Malware such as the “I Love You” virus and CodeRed were making headlines and giving Gates’ products a bad name, leading to him announcing the initiative.
With MTwC increasing focus on security it led to Microsoft looking at the issue in a new way; rather than being a set of measures to protect current and future products it had to be a constant refinement and improvement to each piece of software. By treating security updates as an ongoing process Microsoft were more effective at battling ever-changing and evolving malware, showing the industry that this is the way to keep your products secure with ongoing software testing.
It is the job of the MTwC to work across the whole Microsoft organisation, building security solutions into Microsoft products from the design phase all the way through to after the product is launch through updates. It is also their role to keep abreast of emerging threats and working on ways of eliminating them; through software or even through the help of the authorities. It is their job to make computing and surfing as safe and worry-free as possible.
Using The Security Development Lifecycle, Microsoft’s policy to make sure that security features are constantly being designed, built and tested to make more secure software, Microsoft have spread their security consciousness to other companies such as Adobe and Cisco. And with the emphasis of computing moving onto the Cloud security and privacy are some of the main issues to be faced, a challenge that MTwC is set to evolve into tackling.
For more on cloud computing security take a look at this article on IBM’s efforts to improve their cloud based software testing.
There is no doubt that this initiative has done nothing but good for Microsoft, it’s customers and security conscious developers around the world, making it far harder for potential attackers to have an effect or gain control of the OS. So, while the MTwC has created the constant stream of updates most programs and operating systems require these days it has certainly made the overall computing experience far more relaxing, secure and private. And carrying on from where they started, we can expect their work to help make the still budding fields of mobile app development and cloud computing even more trustworthy and secure mediums.