By spending $1 billion a year on security, Microsoft went from 'worst' to 'best'
Business Insider/Julie Bort
This $1 billion annual budget includes acquisitions, hiring new execs, building a new state of the art facility and creating a new security group within Microsoft.
A few years ago, working for Microsoft Security was considered one of the worst jobs in all of tech. Microsoft's products were notoriously full of dangerous bugs, and Microsoft was considered difficult to work with when it came to patching them.
For instance, the infamous Stuxnet worm, an attempt allegedly by USA spy agencies, to take down Iran's nuclear facilities in 2010, apparently relied in part on bugs in Microsoft products, and Microsoft didn't fully fix the vulnerability until this year.
But over the past couple of years Microsoft has changed its attitude and its security, especially within Windows 10, Windows Server and Microsoft's cloud Azure.
Some former critics of Microsoft security applaud the change, such as Mikko Hypponen, a world renowned security expert at security company F-Secure.
"They've changed themselves from worst in class to the best in class," Hypponen told the New York Times' Nick Wingfield. "The change is complete. They started taking security very seriously."
Command center
To prove that point, Nadella on Tuesday launched a new, state-of-the-art facility called the Cyber Defense Operations Center where Microsoft will monitor security threats 24x7, tapping into thousands of security professionals, data scientists, engineers, developers and others as the need arises.
He also created a new group inside Microsoft called the Microsoft Enterprise Cybersecurity Group (ECG). It houses all of Microsoft security professionals, even if they are assigned to specific teams or products (cloud, Windows, Windows Server, etc.).
He also showcased all the new security products Microsoft has in the works, many of which were previously announced but not yet available, such as Lockbox for Office 365 (available Dec. 1). It allows companies to lock away their Office 365 files so that no one, not even a Microsoft cloud engineer, can access the stuff without the company's knowledge. The service may help Microsoft calm some customer fears over government snooping sparked by Edward Snowden's NSA revelations.
Plus, Nadella talked about Microsoft's security partnerships. For instance, Box, Adobe and SAP are baking in support for Microsoft Intune into their apps. Intune is Microsoft's device and app management service for protecting corporate data/devices. The idea is to prevent employees from sharing or losing sensitive Office 365 data, even if it's stored in Box, or Adobe's document cloud (a popular way to sign documents) or is created by a custom app via SAP's app-building tool Fiori.
Microsoft is also in beta tests for a new service called Azure Security Center, that taps into tech from partners like Checkpoint, Cisco, CloudFlare to add security layers to data stored in Azure.
That's not to say the whole world is treating Microsoft like a warm-and-fuzzy security hero. Google tangled with Microsoft earlier this year when its famous security guru found some holes in Microsoft products and felt Microsoft wasn't patching them fast enough.
- I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
- Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
- One of the world's only 5-star airlines seems to be considering asking business-class passengers to bring their own cutlery
- From terrace to table: 8 Edible plants you can grow in your home
- India fourth largest military spender globally in 2023: SIPRI report
- New study forecasts high chance of record-breaking heat and humidity in India in the coming months
- Gold plunges ₹1,450 to ₹72,200, silver prices dive by ₹2,300
- Strong domestic demand supporting India's growth: Morgan Stanley