Microsoft’s New Approach To Security – An Interview With Douglas Leland


In a recent interview with Douglas Leland, general manager of Microsoft Corp.’s Identity and Security Business Group, we are told that MS is concerned about both the security and the price of IT costs.

To me, security officers and IT leaders are the unsung heroes in their organization. They accomplish amazing things by integrating multiple solutions and securing their environments. But vendors generally haven’t done enough to make this easier. Tight budgets in the current economic environment exacerbate this tension, though security remains a top area of investment. Forrester predicts that companies will devote 12.6 percent of IT budgets to security in 2009, up from 7.2 percent in 2007.*

Indeed, I will agree about the IT leaders being the unsung heroes in organizations. He is also correct, that vendors do sell their software, not for cheap. But on the other hand, Microsoft doesn’t sell theirs cheap either do they?

Security managers are telling us they want to be more responsive to the needs of their business. They want the solutions and guidance to protect their organizations and manage compliance, but also to empower their information workers. Perhaps most important, they want to make the most of their current IT investments and the infrastructure they have today. All of this signals the need for a shift to what we think of as “Business Ready Security.”

Companies do want to make the most of their current IT investments, but how many of them really want to have to pay fees in order to be up to date with the software that is available. While it may cost a little (or lots) to move to OSS, it’s worth it in the end as licensing becomes a non-issue, and updates are free.

For example, today we are introducing Forefront Online Security for Exchange, a Microsoft Online Service, which protects e-mail from spam and malware. This is the first of our Forefront Online services to complement our software-based Forefront offerings. Note that we have expanded the Forefront brand to cover our portfolio of identity and security solutions. For example, our Identity Lifecycle Manager product is now officially named Forefront Identity Manager. We see the Forefront brand as synonymous with Business Ready Security.

Another important solution in this area is Microsoft code-named “Geneva,” a new set of technologies that make it dramatically easier for customers to build security-enhanced access into software and hosted services.

Well, this one’s easy. With a switch to Gmail, most spam will also become not an issue. No need to pay more fees yet to keep your email accounts clean. As for project “Geneva”, would it not just be easier to use Linux, as the security is pretty good to begin with. Not to mention how much it costs to use this technology, and how restrictive the licenses are going to be in how you may use the software and distribute the end result.

Three, we want to help customers extend security across the entirety of their enterprises. That means continuing to build security features into Windows and our IT software solutions. It also means interoperating with non-Windows environments through partnerships and open standards.

Security will always be an issue for an Microsoft. They designed Windows from the ground up as a one man, no internet OS. The multiple users running as admin and having internet capabilities tacked on will always result in security issues for them. And as for their partnership with open standards, we know that they aren’t friendly when it suits them best.

Well, you can read the rest of the interview at this page, as it is just Leland claiming that it’s cheaper to use MS products, and he gives a couple examples of companies using MS technology where security and price counts.