So there has been a little bit of a reshuffle in the Windows group in Corp and the search teams are now sitting under the Windows team and the 'Live' branding has been removed to sit solely with the Online Services Group (OSG). So all things Search that are inside the firewall, or in other words the business stuff wont have the Live brand from now on. They will instead be referred to as Windows Search.

It is important to say at this point that this is not a branding exercise but is a fantastic statement around how we perceive and deal with search in the enterprise. All products that sit under the Windows group face some very stringent rules for product release, Many of these don't add to the sizzle of a products edginess but they do add to the reasons why businesses love our software. I will talk about one of these here briefly but for more detail there is a fantastic blog by Michael Howard, here:

 http://blogs.msdn.com/michael_howard

Michael works in Redmond as a security specialist, if you have never sat in on one of his lectures or seminars they are well worth it. Essentially, he looks after (or did) the Security Development Life-cycle. I am not an expert in this and wont pretend to be so you can read until your hearts content here:

http://blogs.msdn.com/michael_howard/archive/2005/03/18/398833.aspx

However, this is a superbly important aspect of what the Windows group does and I believe a major selling point for our business (contrary to what some developers believe) Now, in development land there are two very healthy points of friction:

1. A crusade for ultimate development and new features bringing value to users through new ways of doing things - traits this company is built upon

2.  Professional development for business - basically this makes sure the best features for business get through to development and those that may result in security holes that could be exploited or features that businesses wont deem necessary (for example a feature that may allow a user to deploy their own cryptography software etc) do not

Understandably one persons cool feature is another persons security vulnerability so procedures like the Security Development Life-cycle are a huge advantage for Microsoft. So how does this appear in real life in the search world and what is the impact of the search team falling under the Windows group?

To understand this impact, you have to put yourself in the seat of the CXO who holds delicate secrets that protect the revenues of his company and who wishes to protect those so that he or she upholds shareholder value. The professional development of software is really important to him or her as in this case the wrong person being able to get access to the wrong data can undermine his or her position. Hence, the fact that the search group now sit under the Windows division is a huge advantage to businesses deploying our software.

 So what questions should you ask of search suppliers you are evaluating:

  • What processes and systems do you have in place for the secure development of search software?
  • How do you support Access Control Lists protecting the integrity of users in our business and their data?
  • What commitments do you make to respond to vulnerabilities in software and what is your track record in this arena?

Now I am sure that some of you will be thinking that all companies will be responsible and support the software that they develop, all I will say on the matter is 'Buyer Beware'. For more information around this topic, have a little look at the Forrester article on the Get the Facts website here:

http://www.microsoft.com/windowsserver/facts/analyses/vulnerable.mspx

Certainly opened my eyes! Enjoy!