Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

From: Craig Mundie
Sent: Thursday, January 12, 2012, 7:59AM
To: Microsoft - All Employees
Subject: Trustworthy computing at 10 Years

Ten years ago, Bill Gates sent an email to all Microsoft employees announcing the creation of the Trustworthy Computing (TwC) Initiative. In that memo, Bill defined the key aspects of Trustworthy Computing, and set the company on a path toward ensuring that every computer user’s experience was secure, private, and reliable.

The impetus for Bill’s email was a growing recognition of the role of computing in society, as well as our responsibilities as an industry leader. Today, information and communications technology (ICT) underpins every aspect of our personal and professional lives. While it is indisputable that ICT has transformed for the better how we live, society still confronts some long-standing and evolving challenges. We must protect the security of the electrical power grid, the global financial system, and the telecommunications system, even as determined and persistent adversaries set their sights on these and other critical infrastructures. We must ensure that privacy is protected, even as “big data” and global data flows strain Fair Information Principles that rely heavily upon “notice and consent” to help protect the privacy of end-users. And we must ensure the reliability of our products and services as global dependence on ICT grows daily.

As the world continues to change, this TwC milestone provides an opportunity to reflect on the past and prepare for the future. Our internal and external work over the past ten years has unquestionably raised the bar in software quality, and demonstrated our commitment to building trustworthy products. In security, we are now widely recognized as a leader in secure development due to our rigorous implementation of the Security Development Lifecycle and our willingness to make it available to others. In privacy, we were the first company to publish privacy standards for developers and to provide consumers with layered privacy notices. In reliability, better instrumentation such as Windows error reporting enabled us to address system crashes, increasing productivity and alleviating user frustration. I want to thank you for the many contributions that have made this progress possible; we should all be proud of the journey we have taken together.

 At the same time, we must not rest on our laurels. In a world where we are dependent on IT in every aspect of our lives, and where Microsoft is and will be integral to the computing and cloud experiences of billions of users worldwide, our dedication to Trustworthy Computing is even more important today than it was ten years ago. For this reason, the Senior Leadership Team instructed the Trustworthy Computing Group to “extend TwC to services” to help ensure that, from box to cloud, we provide a secure, private and reliable experience that is second to none. This can only be accomplished, of course, if we remain dedicated to the TwC effort.

 “TwC Next,” the ensuing decade-plus of Trustworthy Computing, will focus on the new world of devices and services. Everyone at Microsoft and the entire computing ecosystem has a role to play. To learn more about what’s planned for TwC Next and how you can become involved, please visit: http://www.microsoft.com/twc

 Thanks again, and keep up the great work.

 Craig