Microsoft lets EU governments inspect source code for security issues

European governments will be able to review the source code of Microsoft products to confirm they don’t contain security backdoors, at a transparency center the company opened in Brussels on Wednesday.

The center will give governments the chance to review and assess the source code of Microsoft enterprise products and to access important security information about threats and vulnerabilities in a secure environment, said Matt Thomlinson, Vice President of Microsoft Security in a blog post. By opening the center, Microsoft wants to continue building trust with governments around the world, he added.

“Today’s opening in Brussels will give governments in Europe, the Middle East and Africa a convenient location to experience our commitment to transparency and delivering products and services that are secure by principle and by design,” said Thomlinson.

It is the second of its kind. Last June, the company opened a center in Redmond, Washington. The centers are part of Microsoft’s Government Security Program (GSP), launched in 2003 to help create trust with governments that want to use Microsoft products.

National governments and international organizations that are part of the program can in principle inspect the source code of a list of 10 core products including Windows 8.1, 7 and Vista. They also get access to the source code of various versions of Windows Server and Office, as well as instant messaging client Lync, SharePoint 2010 and versions of Windows Embedded, according to Microsoft.

Depending on specific needs though, source code of other products such as Windows 10 may be accessed, a Microsoft spokeswoman said. Participants are able to run analysis tools against the source code in a controlled and secure environment, she said.

Currently there are 42 different agencies from 23 different national governments and international organizations who take part in GSP. In Europe, participants include the governments of the U.K., Austria, the Czech Republic, Estonia, Finland, the Netherlands, Poland, Spain, and Sweden as well as organizations including the European Commission, the spokeswoman said.

Microsoft plans to expand the range of products included in these programs and to open other centers in Europe, the Americas, and Asia.

To comment on this article and other CIO content, visit us on Facebook, LinkedIn or Twitter.
Download the CIO Nov/Dec 2016 Digital Magazine
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.