Software giant Microsoft had been notorious in the past as an easy mark for attackers, what with the many bugs and security flaws in its products and services at every turn. Microsoft made a considerable progress from there after co-founded Bill Gates implemented a month-long fixing of software and security vulnerabilities for existing products.
The transformation of Microsoft from being the perfect example of insecurity has been remarkable among the computer security community, prompting some to comment that the company is indeed taking customer and enterprise security very seriously now.
But with the continued unfolding of events where hackers never cease to perpetrate sophisticated and persistent attacks against large companies, the security community continues to urge the software giant to further bolster its products and services to make them more resilient to attacks in all forms.
Satya Nadella, the company’s chief executive officer, reiterated Microsoft’s game plan to constantly put security on top of its agenda. He stressed the company’s goal of making it extremely difficult for hackers to breach its software and infect computers.
In fact, it has begun in that direction by first removing the silos that isolated security professionals within the company from the board discussions meant to improve security. Now security managers at Microsoft have bigger roles to play in the fight against sophisticated attacks.
The company’s recognition on the importance of security comes at a time when Nadella is paying so much mind to its transition to the cloud business, and one way it sees effective to promote the cloud is to gloss over its state of security, though that remains a hot topic for discussions.
But for one, trying to convince customers that its cloud infrastructure is more critical than ever because what the cloud means is moving customer applications into virtualized storage platforms that are beyond the perimeters of the owner of the data to be stored.
This time around, it has been proven that if you do not elevate the level of security for your cloud services, customers will likely leave you for providers that offer more secure cloud.
Microsoft’s claim about cloud security is not without its grounds. As a matter of fact, the company is pumping at least $1 billion every year into investments focused on security projects such as acquisitions of security startups. Part of the investments goes to bug bounty programs, in which Microsoft pays hackers who would tell on major security flaws they found in Microsoft products and services.