Lead Analyst: Michael Cherry [bio]
Posted: Mar. 1, 2004

In the two years since introducing its Trustworthy Computing initiative, Microsoft has focused substantial resources on mitigating and eliminating security vulnerabilities in its products, as well as addressing customers’ reliability and privacy concerns. While the company has made laudable progress, it still suffers from the occasional major glitch, and much work remains to achieve the ultimate vision of having computers be as ubiquitous and dependable as telephones.

Although the initiative is about more than security, ongoing events have kept security foremost on customers' minds, and continuing to improve the security of existing and future products remains a necessary first step toward attaining Trustworthy Computing. This report examines how Microsoft is addressing the situation by reengineering the design, coding, and testing practices for its software and services. It also provides guidelines for taking advantage of the security improvements Microsoft has already made and describes the security-related advances to expect in the future. Finally, the report studies Microsoft's efforts to bolster the other three pillars of Trustworthy Computing (beyond security)—improving product reliability, strengthening and clarifying privacy controls and choices, and raising the public’s assessment of the company's overall integrity.