Google: Workspace Is a More Secure Alternative to Microsoft, Citing CSRB Report
Google is seizing the opportunity to promote its services to government agencies by attacking Microsoft’s reputation for enterprise security. Google cites a recent report from the US Cyber Safety Review Board (CSRB) that found Microsoft has “deprioritized” enterprise security. Google believes it can fill the gap.
Google’s pitch
Google’s pitch is pointed: the company suggests governments avoid relying on a single vendor for all their technology needs. Microsoft, of course, offers a comprehensive suite of products, including operating systems, email, office software, and security tools.
Google urges governments to adopt “systems and products that are secure-by-design” and to regularly evaluate their tech products and services for security. The company also recommends against using the same vendor for all their technology needs.
Microsoft’s response
Microsoft is still dealing with an ongoing breach from Midnight Blizzard, a Russian hacker group that has gained access to its executive communications and stolen source code. Microsoft has expressed concern and is attempting to regain trust. CEO Satya Nadella has emphasized the importance of security.
The CSRB report
The CSRB report criticized Microsoft’s handling of the June 2023 attack on Exchange Online, finding that the company lacked knowledge of how and when the attackers gained access. The report also highlighted Microsoft’s inaccurate public statements regarding the breach.
Google’s takeaways
Google has released a white paper outlining its views on Microsoft’s security practices and highlighting the advantages of its own Workspace platform. Google emphasizes its security measures, such as regular key rotation and shortening the validity period of keys.
The company also points to its experience with the 2009 Operation Aurora breach as an example of how it has learned and improved its security practices.
The takeaway
Google is using the CSRB report to promote Workspace as a more secure alternative to Microsoft’s products. The company argues that governments should consider diversifying their technology vendors and adopting more secure systems. Microsoft is working to address its security challenges and regain trust.