Industry Comment: Should We Trust Bill's Trustworthy Computing?
Bob Rubin is cynical about the motives behind Bill Gates epiphany--and about the effect it'll have on your IT budget.
You have to hand it to Bill Gates. He understands the risk and potential rewards of change. Some predecessors founded high-tech companies but lost them because they insisted on fighting the last war (Ken Olsen of Digital comes to mind). Instead, Gates runs scared of what a misstep can do to Microsoft. Gates was late in understanding the Internet's importance, but when he did, he battled furiously against Netscape and anyone who would attempt to wrench from him control of personal computing.
You can trace Gates' troubles with the Department of Justice directly to his no-holds-barred reaction at the thought of letting another company threaten his creation. Based on past experience, it's hard not to conclude that his latest epiphany--the importance of security and privacy--is motivated more by a desire to win than by concern over his customer's welfare.
Microsoft has staked a significant part of its future on its .Net initiative. However, two factors stand in Microsoft's way as it attempts to convince us to let it provide services over the Internet and to entrust it with a significant amount of our personal data. The first problem is that the Internet as now constituted, and the software that we use on it, is grievously flawed. It is full of holes that are exploited by hackers and the Typhoid Mary virus spreaders. The second and perhaps harder problem is that Microsoft, as a result of its court battles with the government, has lost its reputation as trustworthy. Bill Gates' image has gone from an American icon of success to a somewhat nerdy--but definitely greedy--individual who cares only about triumphing, regardless of the contest or the arena.
Motive Power Thus, it is unsurprising that Mr. Gates issued his troops a call to arms to correct both these conditions. In a memo entitled Trustworthy Computing, he defines regaining the confidence of the customer as job No. 1 for Microsoft. The memo says, "Over the last year, it has become clear that ensuring .Net is a platform for Trustworthy Computing is more important that any other part of our work. If we don't do this, people simply won't be willing--or able--to take advantage of all the other great work we do. Trustworthy Computing is the highest priority for all the work we are doing."
He goes on to state that the components of trustworthy computing are availability, security, and privacy. Perhaps the most important line in his memo is, "So now, when we face a choice between adding features and resolving security issues, we need to choose security."
His goals are admirable; what he is saying is comforting. It is also good business. Complaints about Microsoft products' instability and poor security are accepted as an industry truism. The haphazard security of the present product line, coupled with customer concern about the company's trustworthiness, makes Mr. Gates' memo the right thing to do at the right time if the .Net strategy is to succeed.
Why am I concerned with his motives? What difference does it make what his reasons are, so long as he is now doing something that will help the customer? I have no doubt that the Microsofties will get religion; in a few years, perhaps sooner, they may deliver stable and secure products. For that, we can all be thankful since much of our computing power depends on Microsoft software.
One thing bothers me, though--and greatly so. Will we see fixes to existing products to aid people who chose not to spend more money with Microsoft? Or are we involved in solely an initiative to sell more new code?
If a company (other than a software manufacturer) sells a product that contains a serious defect, the company either fixes it or recalls it. Sometimes it does so because of Federal Trade Commission demands; other times it's because of the company's desire to maintain a good reputation. Whether we are talking microwaves, baby carriages, or SUV tires, the consumer has advocates and gains protection. Not so with software. At best, we get patches, but when it is time for the new version more often than not we are faced with the option of living with what we have or upgrading to a new version--for a price.
Microsoft has a real opportunity to regain the trust of the consumer, if it incorporates its new security and reliability patches (to the extent possible) in its products from the past few years--Windows 98, NT, Millennium, 2000 and XP; Office 97, 2000, and XP. It may give up some revenue, perhaps even significant revenue, but if the company does so, it will be a true mark of Microsoft's trustworthiness. If not--well, then the original take on the company's motives and its founder will be deemed to be correct.
Robert M. Rubin is CEO of Valley Management Consultants, a firm specializing in E-business and information-technology strategy, organizational design, and evaluation. Prior to joining VMC, he was senior vice president and CIO for Elf Atochem North America, a $2 billion diversified chemical company. The recipient of multiple industry awards, he is a contributing editor to InformationWeek and a member of its advisory board.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.