Today marks the 10th year of Microsoft’s Trustworthy Computing Initiative --- which started in 2002 with Bill Gates saying ENOUGH to the wave of security issues that started to explode in the new millennium as the Internet became ubiquitous. A decade later, the practices, tools and capabilities that Microsoft teams like HealthVault have at their disposal are nothing short of amazing.
TwC is part of everything we do. Beyond the obvious network stuff, we use specially-designed tools that analyze every line of code we write for known issues, and do extensive peer reviews to look for new ones. During development we build detailed threat models to predict and track risks. We have internal teams that specialize in advising and auditing the product groups. We track the hacking community, and hire the honest ones to try to break our stuff. And much more.
Look, if we’re going to improve health in the world, it’s gotta happen online. We need to share information, and it needs to be ready, complete and up to date when and where we need it. But along with those obvious benefits come real responsibility for the folks holding data.
I sleep much better knowing that we have TwC tools and processes backing us up. In fact, they’re a big part of the reason that I’m convinced there is nobody in the world better suited to help folks manage their personal health information than Microsoft.
Because our families’ health information is in those servers too.
The Trustworthy Computing team is marking its milestone today on the Microsoft News Center --- check out the info-graphic that captures points in time from the 10 year journey. Also visit the Microsoft Security Blog, the SDL blog, or the TwC blog, where you’ll find some other posts sharing perspectives on the first 10 years of Trustworthy Computing.