TapTechNews August 6th news, after experiencing years of security issues and growing criticism, Microsoft is making security a top priority for every employee.
According to foreign media TheVerge report, from today, Microsoft is linking its security work to employee performance evaluations.
Microsoft's chief human resources officer Kathleen Hogan outlined the company's expectations for employees in an internal memo. Everyone at Microsoft will take security as a core priority, Hogan said. When faced with trade-offs, the answer is clear and simple: security above all else.
It is reported that if Microsoft employees lack attention to security, it may affect promotion, performance raises and bonuses. Microsoft has now put security on par with diversity and inclusion as one of its key priorities. Now both must be part of every employee performance conversation (internally known as Connect) and the priorities agreed upon between the employee and their manager.
For technical employees, this means incorporating security into the product design process at the start of the project, following established security practices, and ensuring that the product is by default safe for Microsoft customers.
In addition, all Microsoft employees need to use the company's Connect tool for performance evaluations, including executives, who will also have their own security priorities. As part of the Security Future Initiative (SFI), Microsoft has overhauled its security work to better protect Microsoft's networks, production systems, engineering systems, etc.
Many of Microsoft's internal security changes are not for the public, but some of them have already affected external products. For example, Microsoft will end support for basic authentication for Outlook personal accounts in September and delete the lite version of the Outlook Web App on August 19.
Outlook.com, Hotmail and Live.com users will need to access their email accounts through applications using modern authentication starting from September 16, which may affect some third-party email applications as well as older versions of Outlook, Apple Mail and Thunderbird.
TapTechNews noted that in November last year, Microsoft announced a Security Future Initiative (SFI) to respond to the increasing pressure faced by the company. Microsoft's executive vice president of security, Charlie Bell, explained in a blog post: We are making security the top priority at Microsoft, above all other functions. We will determine part of the compensation of the company's senior leadership team based on the progress in achieving security plans and milestones, thereby instilling accountability.
In May this year, the US Cybersecurity Review Board released a strongly worded report, concluding that Microsoft's security culture is insufficient and requires a complete overhaul.