Microsoft Trustworthy Computing Initiative: Ten Years On!
It’s hard to believe that ten years ago today Bill Gates sent out a memo announcing the Microsoft Trustworthy Computing Initiative. The goal of this initiative was to ensure that the technology we use every day is as reliable as the electricity that powers your home and business. Around this time there were a series of high profile cyber attacks including Nimda, Code Red and the “I Love You Virus”, that was causing uncertainty amongst customers and consumers with regards to the technology they were using everyday. It underscored a need to improve security, privacy and reliability of technology. Microsoft responded with the Trustworthy Computing Initiative (TwC) and there have been many milestones along the way. The info graphic below illustrates some of this work.
There are a couple of things that stand out for me
- When was the last time we saw such widespread virus attacks such as Nimda and Code Red? It just doesn’t seem to happen anymore. The last time I had to deal with a widespread outbreak of one of these types of viruses was when I was in Microsoft IT. That was almost 10 years ago. Now it just doesn’t seem to happen on a widespread basis. But don’t get complacent. Make sure you keep your systems patched. Updates are something I rant on about but the last 10 years is proof that keeping your systems patched works!
- We’ve added better instrumentation to Windows through Windows Error Reporting which has reduced system crashes and improved reliability.
- Privacy – Microsoft was the first company to publish privacy standards for developers and to provide consumers with layered privacy notices.
- Secure and Privacy Development Practices – The Security Development Lifecycle (SDL) is probably the most well known outcome of the Trustworthy Computing initiative. It focuses on privacy development practices incorporating industry best practices for writing secure code. This is something I talk about a lot whenever I talk about security in our software. The SDL practices are embedded in how our software is now developed. It’s also become an industry leading software security assurance process that aims to help customers improve the security of their software.
- During this time we included Windows Defender as part of the Core Operating system, released free products such as Microsoft Security Essentials and the Malicious Software Removal Tool to make sure it’s easy to keep systems protected.
It’s a reality now that computing is an integral part of our lives. Bill Gates predicted that in his memo. Now the Trustworthy Computing Initiative will focus on new trends such as Cloud Computing and the proliferation of computing devices. It’s now more important that it was 10 years ago that our systems are secure and probably we be even more so in another 10 years. I guess it’s a never ending process.
Make sure you check out the Trustworthy Computing site for an update on this important work.