Is Software Security important?
Since I joined a vanpool, so, I end up chatting with other MS employee for about an hour per day. They usually talk about everything, for example, how is their trip to Europe and what interesting thing they experienced. It is very cool.
However, because we are all technical person. Most of the time our conversation will related to technology. One time, we talk about whether security is important. The conversation goes pretty interesting.
You may think creating secure software is not profitable. It is not a feature, how could you sell it?
But we are very convince that writing secure software may be is the key for Microsoft to success after 10 years.
Here are why....
Software like window and office are mature. Also, there are other competitor who could offer product with similar functionalities and not every one require to use the new advance features. On top of it, some of the competitor s products are free.
So, how could we compete? To compete, we could offer high quality and secure product which other competitor cannot match. Majority of our competitors didn't follow something like Security Development Lifecycle (SDL) to develop their software. Their secure development model is highly depend on luck. In here, we have an un-matchable advantage.
Software/service like live. If we produce high quality and high secure service, we could minimize our down time against hacker attack.
Think about it.... If you are running a web site who sell oranges, and your web site is down for 10 days or even for a month. How many of your customers will go to your competitors web site and buy oranges there instead?
Nowadays, the functionalities of a lot of online web sites are similar and they are all virtually free. So, to lure customer go from one web site to another one is not easy. Your either require to introduce break through product which the other competitors can't match, or you need to produce consistent high quality and secure product which could give people confidence.
I guess it is similar to why people willing to pay more to buy product with a brand name. And create secure software will help us to build our brand name and separate us form our competitors.
