Google thinks the public sector can do better than Microsoft’s ‘security flaws’

Google is attacking Microsoft’s battered reputation for enterprise security by offering its services to government institutions. Pointing to a Rrecent report from the US Cybersecurity Review Board (CSRB) which found that Microsoft’s security problems are the result of the company “deprioritizing” corporate security, Google says it can help.

The company’s speech isn’t as direct as Microsoft CEO Satya Nadella’s speech saying he made Google dance, but it’s spicy nonetheless. Repeatedly referring to Microsoft as “the vendor” in its Monday blog post, Google says the CSRB “showed that a lack of a strong commitment to security creates preventable errors and serious breaches.” Platforms, he added, “have a responsibility” to follow strong security practices. And of course, who is more responsible than Google?

The company recommends that governments use “systems and products that are safe by design” (using new principles that recently committed to) and that public sector entities regularly submit their technological products and services for security recertification. More specifically, Google says governments should avoid “using the same vendor for operating systems, email, office software, and security tools.” Microsoft, of course, offers all this and more to its huge base of enterprise customers.

Microsoft is concerned and trying to regain trust. It’s unclear what he will do to that end, but Nadella urged employees to “play it safe” whenever faced with a choice between this or other priorities, which seems like a good start.