By spending $1 billion a year on security, Microsoft went from 'worst' to 'best'
Business Insider/Julie Bort
This $1 billion annual budget includes acquisitions, hiring new execs, building a new state of the art facility and creating a new security group within Microsoft.
A few years ago, working for Microsoft Security was considered one of the worst jobs in all of tech. Microsoft's products were notoriously full of dangerous bugs, and Microsoft was considered difficult to work with when it came to patching them.
For instance, the infamous Stuxnet worm, an attempt allegedly by USA spy agencies, to take down Iran's nuclear facilities in 2010, apparently relied in part on bugs in Microsoft products, and Microsoft didn't fully fix the vulnerability until this year.
But over the past couple of years Microsoft has changed its attitude and its security, especially within Windows 10, Windows Server and Microsoft's cloud Azure.
Some former critics of Microsoft security applaud the change, such as Mikko Hypponen, a world renowned security expert at security company F-Secure.
"They've changed themselves from worst in class to the best in class," Hypponen told the New York Times' Nick Wingfield. "The change is complete. They started taking security very seriously."
To prove that point, Nadella on Tuesday launched a new, state-of-the-art facility called the Cyber Defense Operations Center where Microsoft will monitor security threats 24x7, tapping into thousands of security professionals, data scientists, engineers, developers and others as the need arises.
He also created a new group inside Microsoft called the Microsoft Enterprise Cybersecurity Group (ECG). It houses all of Microsoft security professionals, even if they are assigned to specific teams or products (cloud, Windows, Windows Server, etc.).
He also showcased all the new security products Microsoft has in the works, many of which were previously announced but not yet available, such as Lockbox for Office 365 (available Dec. 1). It allows companies to lock away their Office 365 files so that no one, not even a Microsoft cloud engineer, can access the stuff without the company's knowledge. The service may help Microsoft calm some customer fears over government snooping sparked by Edward Snowden's NSA revelations.
Plus, Nadella talked about Microsoft's security partnerships. For instance, Box, Adobe and SAP are baking in support for Microsoft Intune into their apps. Intune is Microsoft's device and app management service for protecting corporate data/devices. The idea is to prevent employees from sharing or losing sensitive Office 365 data, even if it's stored in Box, or Adobe's document cloud (a popular way to sign documents) or is created by a custom app via SAP's app-building tool Fiori.
Microsoft is also in beta tests for a new service called Azure Security Center, that taps into tech from partners like Checkpoint, Cisco, CloudFlare to add security layers to data stored in Azure.
That's not to say the whole world is treating Microsoft like a warm-and-fuzzy security hero. Google tangled with Microsoft earlier this year when its famous security guru found some holes in Microsoft products and felt Microsoft wasn't patching them fast enough.
- Elizabeth Holmes ordered dinners for Theranos staff but made sure they weren't delivered until after 8 p.m. so they worked late: book
- The CEO of software giant Intuit, which has avoided mass layoffs, says tech firms axed jobs because they misread the pandemic
- I flew cross-country with my 5-month-old son on my lap. Next time, I'm paying full price for him to have his own seat.
- Major train accidents that India witnessed in last 15 years
- Odisha rail crash: Rescuers try to raise buried coach, death toll at 238
- Largest road networks in the world – India beats China to take the second spot
- Manoj Bajpayee joins the league of on-screen lawyers like Pankaj Tripathi, Shriya Pilgaonkar & more
- List of famous things to buy in Lonavala