What Office 2010 is Teaching About Security
PCWorld has an article about the security practices in the Microsoft Office 2010 beta and how developers can learn from them. Instead of removing or disabling features in the name of security, they are taking a new approach based on five principles. Seems simple enough but we’ll see how it translates in the real world.
As long as security procedures create a tug of war between users and software, users will always find ways to "win" -- thus, subverting the very security measures designed to protect them. By offering a gradual, multilayered security model, Office 2010 tries to make security a partnership with the user -- and that's a lesson that any application developer can take to heart.