Gates Calls For New Focus on Security at Microsoft


Microsoft chairman Bill Gates on Wednesday called for a fundamental shift within the software giant to focus on what many consider the company's Achilles' heel--security against hackers and viruses.

In a memo sent to Microsoft's 47,000 employees and made available to media on Wednesday, Gates said locking down the company's products--a strategy he calls "Trustworthy Computing"--was vital to the success of its .NET strategy to roll out Web-based services.

"If we don't do this, people simply won't be willing--or able--to take advantage of all the other great work we do," Gates wrote. "Trustworthy Computing is the highest priority for all the work we are doing."

Computer security experts have criticized Microsoft over the years for what they say are inherent vulnerabilities in its products, such as the Windows operating system and Outlook e-mail program.

Microsoft acknowledges security problems often hit its products, but has said the popularity of its software makes it an attractive target. It also maintains there is a trade-off between offering ultra-tight security and making software easy to use.

But Gates' memo indicates he now believes bells and whistles cannot compensate for vulnerable products.

"All those great features won't matter unless customers trust our software," he wrote. "So now, when we face a choice between adding features and resolving security issues, we need to choose security."

The Trustworthy Computing program would also emphasize reliability and privacy, two areas analysts have said are essential for .NET to have a shot at succeeding.

While Microsoft has won praise for the stability of its latest operating systems, Windows XP, analysts have been less sure how it can protect the privacy of .NET customers, who could have data like passwords and credit cards stored on Microsoft-powered networks.

"Trustworthy Computing is computing that is as available, reliable and secure as electricity, water services and telephony," Gates wrote.

The Sept. 11 attacks and a series of damaging computer viruses last year drove home the need for security, he wrote. The company has also seen embarrassing outages of its instant messaging service, Hotmail e-mail and MSN network of Web sites.

A Microsoft spokesman says the memo was not in response to a particular incident or attack.

"It's a continuation of what we're doing on security and the recognition of the importance of meeting the critical challenge of making safe and secure software," spokesman Jim Desler says.

Gates says his call should be seen carrying the same weight as two earlier major strategy shifts for the company--when .NET was outlined two years ago, and a now-famous Internet "tidal wave" memo Gates penned in the mid-1990s that led to the company finally tackling the Web head on.

"Over the last year it has become clear that ensuring .NET is a platform for Trustworthy Computing is more important than any other part of our work," he wrote.

Copyright 2000 Reuters Limited. All rights reserved.

Republication or redistribution of Reuters content, including by framing or similar means, is expressly prohibited without the prior written consent of Reuters.

Reuters shall be not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.