V3.co.uk: As the boss of Microsoft's consumer security
business, how much is consumer security and corporate security these days one
and the same?
Amy Barzdukas: We all like to talk about the consumerisation of
IT, as more consumers are making use at work of the same technologies as at
home. This creates interesting challenges for IT teams, who don't want to be the
most unpopular people on the block, so they're motivated to keep us happy. They
can't just ignore what end users want, although I've run into a fair few chief
information officers who are quite good at that, and they can't pretend the
problems don't exist. There are technology solutions and there are other kinds
of solutions that can help. Things are simpler when you talk to consumers
because, with the exception of the 'technology consumer', it's about raising
awareness and improving their education.
At what point can awareness raising stop?
We need them to be aware but they don't need to become IT experts. It's
important that we remember they're consumers, not IT experts, and need to take
some basic precautions, like regular updates, firewalls and so on. Consumers
don't distinguish much between privacy, security and even reliability sometimes.
As an industry we need to hold to a higher bar and not ask people to make
trade-offs that they're not aware they're making.
When does this happen?
A number of places where consumers are making a trade-off where they don't
understand the decisions they're making is with privacy. When installing a
toolbar, for example, they don't understand what they're giving up from a
privacy perspective in installing that toolbar. The industry is taking advantage
of people's lack of awareness in order to further its business goals.
Where are the other key threats likely to come from in the
future?
As we look forward in the next couple of years the number of internet-connected
PCs in emerging markets will outstrip those in developed markets, creating a
different security challenge. These unsophisticated users won't have grown up
using PCs, so they'll be less familiar with what can go wrong, so there is a
need for education without terror. The infrastructure and environment may also
be such that they're unwilling or unable to pay for anti-virus subscriptions.
What does 'education without terror' mean?
It's important that people are aware, but the ability of rogue security software
to be as successful as it has been is down to the success we've had as an
industry in educating consumers. We need to pay attention to how people interact
with computers. One trend is the divide between the threat levels that, say, my
teenagers perceive versus my father.
How does this affect how your products work?
Well, if my father was presented with a dialogue box saying: 'We don't recommend
you download this' he'd probably stop, but my 11-year old wouldn't. As people
spend more time online, especially young people, we must ensure that they don't
have a false sense of security, and we have to think about presenting the
warnings in a way that will protect them. It's about balancing when security
warnings should be noisy and making sure people feel protected, but it shouldn't
be so often that the warnings get ignored. Security is not a destination,
because as long as the bad guys are doing this for financial gain, they'll
continue to evolve their tactics.
At this point in the journey do you think Internet Explorer has
caught up in security terms with its main rivals in the browser market?
I believe it compares extremely favourably to any other browser in its ability
to protect our customers. Our most difficult competitor is our own past
versions, so it's really important to make people aware that, if they're using
IE6, they shouldn't be, and in order to take advantage of our latest
improvements they need to be on the latest version.
Opera recently launched
Unite,
a feature which seems genuinely game-changing. How is Microsoft trying to
innovate to get ahead in the browser market?
Our approach is to look at what our customers are doing and listen to what they
tell us. It's easy when you're in technology and love it to get distracted by
the cool things which may or may not have anything to do with what people are
actually trying to do. So with IE what you get is the best browsing experience
possible on Windows.
del.icio.us
Digg this
reddit!
