Security First: Microsoft Overhauls Corporate Policy After Years of Criticism

Security Core Priority

The technology giant Microsoft is making sweeping changes to its corporate policy, elevating cybersecurity as its paramount priority. Now, every employee, regardless of position, must prioritize data protection in their daily work.

Kathleen Hogan, Microsoft’s Chief People Officer, issued an internal memorandum outlining the new strategy: “Everyone at Microsoft will have security as a Core Priority. When faced with a tradeoff, the answer is clear and simple: security above all else.” This decision follows years of criticism directed at Microsoft regarding vulnerabilities in its products.

The new policy is not merely declarative—it will directly impact career advancement and financial well-being. Contributions to the company’s security will now be a key factor in consideration for promotions, salary increases, and bonuses.

Microsoft is also implementing a new performance evaluation system, where cybersecurity will be one of the primary factors alongside diversity and inclusion. These aspects will now be integral to regular meetings where managers discuss each employee’s progress individually. The company refers to this practice as “Connect.”

For technical specialists, this means integrating appropriate measures at the earliest stages of product design, adhering to established protocols, and ensuring robust default protection for customers.

Microsoft is also introducing new regulations at the executive level. Even senior leaders will have their cybersecurity tasks to accomplish.

These changes are part of Microsoft’s broader initiative, the Secure Future Initiative (SFI), aimed at enhancing the security of the company’s networks, manufacturing, and engineering systems.

Some of these innovations are already impacting Microsoft products. For example, the company will discontinue support for basic authentication for personal Outlook accounts in September. Additionally, on August 19, the simplified version of the Outlook web app will be retired.

Starting September 16, users of Outlook.com, Hotmail, and Live.com will need to access their mailboxes through apps that use modern authentication. This may affect the functionality of some third-party mail applications and older versions of Outlook, Apple Mail, and Thunderbird.

In her memorandum, Hogan emphasized the global significance of these innovations: “When we empower every person and organization on the planet to achieve more, we take on society’s biggest challenges and empower the world. What a big, bold, and meaningful mission we have, and yet none of us can take this for granted. We are here because our customers trust us, and we must continue to earn their trust every day.