About five years ago, I launched my personal Blog at http://blogs.technet.com/security and entered the community of security bloggers. At that time, Windows XP was the primary version of Microsoft Windows (Vista shipped later that year), nobody yet had an iPhone (shipped in 2007), and Google had just acquired a little company called Upstartle (which was the seed which grew into Google docs).
In early days, my security blog was just that my blog. However, as a Microsoft security director, it didn’t stay that way very long. When I published the Windows Vista 90 Day Vulnerability Analysis, and got headlines like these:
- PC World – Microsoft Gives Vista Security an A-Plus
- Microsoft security report card: passing grade for Vista
- MSFN – Microsoft: Vista Safer than OS X, Linux
- Microsoft Gives Windows Vista Security a Thumbs-Up
- Microsoft: Vista more secure than Mac OS X
Well, when I write in a blog and it gets attributed to “Microsoft,” it is hard to argue that I can ignore it and share whatever personal opinion I want, with only a caveat that it is my personal blog. Over the past few years, I’ve had to treat my technet blog as an official channel and be more sensitive to that fact in deciding what I wrote about or not. Sadly for readers, no fall TV lineup reviews!
That isn’t the only reason for making a change. Computing in general has seen a lot of changes over the past several years – especially device and Cloud computing changes that are taking existing security & privacy issues and amplifying them significantly. Identity is one of those issues and it has many facets. One of those is the idea of online personas and how they are both converging and diverging at the same time. Do you have work acquaintances requesting you as a Facebook friend right alongside your old friends from high school? Then you know what I am talking about.
I plan to write quite a bit more on the identity and persona issues, but for now, let me just say that launching this blog at https://securityjones.com is just one step in many I’ll be taking this year to bring some definition and organization to my online presence.
Back in February, I announced some Changes Coming to blogs.technet.com/security and since then, we have transformed the Jeff Jones Security Blog into the Microsoft Security Blog and expanded the set of contributors and topics that we’ll be covering. I will continue to write on that blog as part of my role at Microsoft, but I will also write here in my role as a regular industry security guy.
After eight years, I admit to truly being a Microsoftie and am proud of the work we do within the Trustworthy Computing group, so I won’t pretend to be completely unbiased. Of course, everybody has their own personal biases, so I’m okay with that too.