A Conversation with Ron Markezich, Microsoft’s Chief Information Officer (CIO)

Plus: His response to Microsoft’s release of IE 7.0 ahead of a new release of Windows
The Manhattan Chamber of Commerce (http://www.manhattancc.org) organized a gathering of over 50 New York City businesses to discuss a range of technology issues with Ron Markezich, Microsoft’s Chief Information Officer (CIO). The event started out with a few questions by the excellent moderator Omar Wasow, NBC Technology Report and entrepreneur followed by a Q&A session.
As Microsoft’s CIO, one of Ron’s responsibilities is to manage the information technology of Microsoft’s worldwide enterprise. Ron is also Microsoft’s first and best customer and he signs off on all Microsoft products before they are released to customers. Ron considers it a success when Microsoft employees find problems with Microsoft products before they are released to the public.
When Microsoft does not have a product that it already sells, Microsoft will use non-Microsoft applications such as SAP for Human Resource management.
Spread throughout 83 countries, Ron’s IT infrastructure includes:
300,000+ PC’s and devices
100,000+ email server accounts
80,000+ users
403 buildings
9.5 million remote connections per month
3 million internal email messages per day
Out of the 10 million email messages coming into Microsoft from outside – 9 million are spam and stopped before they ever reach a Microsoft email account holder.
Although Microsoft is a BIG business, Ron explained that many of the issues he faces such as availability, reliability, and security are the same issues a small business might face – it’s only on a larger scale.
With such a large infrastructure it’s important that Microsoft’s defense against attack is as secure as possible and to that end Microsoft implements a multi-tiered solution.
There is an anti-virus program on individual computers or clients. Microsoft uses eTrust anti-virus from Computer Associates.
Employees who need remote access to Microsoft’s network use a smartcard, which enables two-point authentication – a personal identification number and the actual smartcard.
Each Microsoft network gateway is protected via Microsoft server technology.
Addressing the charge of critics saying that Microsoft has not been aggressive enough to ensure the security of its products Ron explained that Microsoft is indeed a very secure platform but since it is so visible to the public any security hole is widely publicized. Furthermore, Ron explained that many of the security holes are in Microsoft’s older products, suggesting that Microsoft’s newer products are more secure.
Responding to a question from MCC member M5 Networks, Microsoft is moving its telephone system away from a traditional circuit based PBX network to an Internet (packet) based telecommunication system. It costs Microsoft $20 million a year just to run its phone system and moving to an Internet based phone system will not only save money but will add the enhanced communication features that “VOIP” (Voice Over the Internet) telecommunications provides.
Search is an important Microsoft initiative, as it is of its arch search engine competitor Google, Ron explained. He said that Microsoft is working to ensure that it uses one search platform across all it applications and shared that the challenge of search is building a search engine to find the right information that you want, or the taxonomy of search.
There’s not many things that Ron, as Microsoft’s CIO is worried about except for two things:
Peer to Peer technology such as Napster, which open a connection to a user’s PC to anyone on the Internet. Microsoft does not allow peer-to-peer technology on its network.
Inside threats. Microsoft can do all it can to secure its network from outsiders but there is little that can be done to secure the infrastructure from a “trusted” staff member. To heighten security even further, Microsoft will require that not only remote users use smart cards to access the network but ALL network users.
An attendee asked Ron if FireFox worried Microsoft and is Microsoft’s soon to be release update of Internet Explorer, as a separate release of the operating system, a response to Mozilla’s FireFox. Ron explained that Internet Explorer has not caused him any security concerns and that Microsoft’s release of a new update to Internet Explorer was simply continued innovation of Microsoft’s browser.
The open source, or “free software” movement is a growing challenge to Microsoft’s dominant market position in servers and desktop computing. In defense of Microsoft’s technology, Ron used the following analogy: Would you rather fly a plane built by volunteers (as Linux and other open source software is) or by paid engineers with stringent controls (as Microsoft software is). Although open source software can be freely downloaded, Ron explained that there is no FREE software but businesses must think about two things:
1. The total cost of ownership (installation, training, support, upgrades) and
2. Indemnification (will the software vendor protect you if a third party sues you for using software the third party claims is illegally using their programming code)