Security Free Reuse

Both Microsoft and Huawei have come under government fire recently. Chinese antitrust regulators fined the Redmond giant $31,430 for exceeding market share threshold. However, the backlash against the latter is much more serious.

Allegedy the Chinese multinational has been using its US telecommunications equipment as a front for spying. As as result, the company has been shut out of the market entirely.

Neither situation helps to build a positive reputation, and today the two have tried to remedy the situation. In a collaborative effort, the two have created a buyer’s guide for cyber security, and it’s not what you might expect.

The Cybersecurity Buyer’s Guide

Rather than reviews of various products or an explanation of the best places to go, the guide discusses security issues. It touches on technology development, manufacturing, supply chain management, and distribution.

For each, the guide seeks to abate fears about new information technology contracts, describing the current debates as initiatives triggered by political tension.

Non-profit EastWest Institute played a role in the documentation, and vice president Bruce McConnell had some words for The Wall Street Journal on the matter.

“This is an attempt to create objective criteria for buying technology products and services,” said the cyber security expert. That’s why the guide contains five core principles.

The Five Principles

Microsoft and Huawei’s main hopes are as follows:

  • “Maintain an open market that fosters innovation and competition and creates a level playing field for ICT providers.
  • Create procurement practices that utilize fact-driven, riskinformed, and transparent requirements based on international standards and approaches.
  • Avoid requirements or behavior that undermine trust in ICT (e.g., by installing back doors).
  • Evaluate the practices of ICT providers in terms of creating product and service integrity.
  • Create and use tools and approaches to address risk and assign high value to cybersecurity investments.”

The two giants then detail who is responsible for upholding these policies, including policy makers, buyers, and providers. The key, Huawei says, is thinking on a global scale.

If we simply think about the countries of origin (of technology vendors), we are not going to protect ourselves adequately,” said Andy Purdy, chief security officer of the US branch.

Despite the documentation, it’s doubtful either country will change their mind. Snowden’s revelations revealed that the US has been using tech products for spying purposes.

China is pushing regulations that would require the equipment of government and state-owned enterprises to be secure and controllable. The US, on the other hand, has pointed to China as the culprit of aggressive cyber attacks.

However, as McConnell says,“this is the first step.” Microsoft and Huawei have made their stance abundantly clear, and in doing so opened a meaningful discourse.