Security News > 2024 > June > Microsoft answered Congress' questions on security. Now the White House needs to act

Feature Microsoft president Brad Smith struck a conciliatory tone regarding his IT giant's repeated computer security failings during a congressional hearing on Thursday - while also claiming the Windows maker is above the rule of law, at least in China.

Specific to Microsoft and America: The US government uses everything from the super-corp's cloud infrastructure to its operating system and productivity tools, and then also adds on Redmond's security products, which Trellix and other infosec vendors say discourages competition in the marketplace.

"Measure the security tools' effectiveness, independent of the bundle that Microsoft offers, and pick your favorite. If it's us, great. If it's CrowdStrike, more power to you. If it's Sentinel One, great."

"You have one entity responsible for national security saying here's an entity that poses a risk, and then you have DoD, another entity responsible for national security, doubling down on Microsoft," Simpson told The Register.

While the administration doesn't control the government's purse strings, it could put a pause on future Microsoft integrations while the government explores other vendors' security products, he explained.

The long-term care, on the other hand, involves Congressional action to codify best security practices and even simpler ones, such as requiring Microsoft products to be interoperable with those from its peers.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/06/15/microsoft_brad_smith_congress/