Microsoft Says It Is Prioritizing Security Again

Satya Nadella, in a memo to Microsoft employees since posted on the company’s blog:

Today, I want to talk about something critical to our company’s future: prioritizing security above all else.

Microsoft runs on trust, and our success depends on earning and maintaining it. We have a unique opportunity and responsibility to build the most secure and trusted platform that the world innovates upon.

Charlie Bell, Microsoft’s executive vice president of security, expanded upon the company’s specific goals and priorities, and explained a particular incentive:

We will mobilize the expanded [Secure Future Initiative] pillars and goals across Microsoft and this will be a dimension in our hiring decisions. In addition, we will instill accountability by basing part of the compensation of the company’s Senior Leadership Team on our progress in meeting our security plans and milestones.

The obvious point of comparison for these memos is Bill Gates’ ‘Trustworthy Computing’ memo from 2002:

Trustworthiness is a much broader concept than security, and winning our customers’ trust involves more than just fixing bugs and achieving “five-nines” availability. It’s a fundamental challenge that spans the entire computing ecosystem, from individual chips all the way to global Internet services. It’s about smart software, services and industry-wide cooperation.

There is a sort of MBA-type wordiness in Nadella’s memo that is not present in the more direct Gates memo despite the latter being considerably longer, but both have similar goals. Microsoft’s poor track record, especially recently, is corroding the trust of its enterprise and government customers but — and this is the catch — where are they going to go?