MIP Holdings boss says expensive security add-ons for Microsoft products are a racket

Jan

Who's the Boss?
Staff member
Joined
May 24, 2010
Messages
13,438
Reaction score
11,000
Location
The Rabbit Hole
Microsoft's expensive security add-ons for Office 365 are basically ransomware — software company CEO

Microsoft is ripping businesses off with expensive premiums on its most secure enterprise solutions, effectively holding them to ransom in exchange for getting the best possible protection, which isn’t always guaranteed.

This is the view of Richard Firth, CEO of software development firm MIP Holdings, who labelled Microsoft’s products as the largest vulnerability for cybercrime attacks on businesses.
 
scaremongering tactics, after all fear pays the bills.

ever notice how MS encourages you to do X after installation, and begs constantly.
 
90+% of my customer support queries were MS 365-related before I dropped support for it and only supported Workspace. I get as near as zero issues with Workspace. I'm not a 365 fan (for business use)
 
I wonder if Richard Firth can understand you don't get the same service from a R5000pm security guard armed with a baton only, as from a highly trained operative with an semi automatic rifle, which doesn't just cost a measly 3 times more.
 
Wow... A whole wall of text from someone just tripping over his own feet in a huge PR fail for his company.
 
This guy clearly doesnt understand how IT security works.Best he just go back to running his company and let his IT director / CIO deal with technical issues.
 
This tactic's used in Azure as well. Give you a "cheap/free" service, then watch how costs get piled on (looking at you cosmos db). It's like buying a printer for cheap, then suffering thru exorbitant cartridge costs.

What's up with everyone making excuses for MS? It's their responsibility to keep their software secure, especially since it's used by very many people and organizations. What am I missing here?
 
Kind of an odd article. Yes you get additional premium security products included in the higher packages but it isn't as if MS don't release security patches for all their supported products or include security features in the lower end products.

If they only had one offering that included everything, it would be E5 and priced out of reach of everyone but full blown enterprises and containing premium features (security and otherwise) that wouldn't be of value to many businesses that don't require them.
 
No I haven't and I do new install most days. Examples?
the local firewall, the Microsoft one,
it nags and nags you to turn it on on your local network, even though you have a firewall protecting traffic going out to the internet.

the backup to onedrive prompt, not everybody uses it, so why is it forced to come up all the time.
just a few off the top of my head of MS scaremongering
 
This tactic's used in Azure as well. Give you a "cheap/free" service, then watch how costs get piled on (looking at you cosmos db). It's like buying a printer for cheap, then suffering thru exorbitant cartridge costs.

What's up with everyone making excuses for MS? It's their responsibility to keep their software secure, especially since it's used by very many people and organizations. What am I missing here?

This tactic is used by all software and cloud providers. Its not just an MS thing.
The base software between all the different versions is the same, what you're paying extra for is additional features/modules.
 
the local firewall, the Microsoft one,
it nags and nags you to turn it on on your local network, even though you have a firewall protecting traffic going out to the internet.

the backup to onedrive prompt, not everybody uses it, so why is it forced to come up all the time.
just a few off the top of my head of MS scaremongering
Even if you have a network firewall, it's still more secure to use the Windows firewall as well on your local network and could help prevent lateral movement if an adversary got a foothold of some sort in your network.
 
This tactic is used by all software and cloud providers. Its not just an MS thing.
The base software between all the different versions is the same, what you're paying extra for is additional features/modules.
paying extra for additional features is expected. but I wouldn't expect security to be a paid-for add-on
 
paying extra for additional features is expected. but I wouldn't expect security to be a paid-for add-on
There's no one-size-fits all for security - you select the security controls according to your needs, threat model and appetite for risk rather. Not everyone can apply all possible security controls and neither is it necessary.

To be fair, Windows 10 and all Office 365 plans come with some good baseline security features and it's not actually unreasonable for them to market premium features at additional cost.
 
This tactic's used in Azure as well. Give you a "cheap/free" service, then watch how costs get piled on (looking at you cosmos db). It's like buying a printer for cheap, then suffering thru exorbitant cartridge costs.

What's up with everyone making excuses for MS? It's their responsibility to keep their software secure, especially since it's used by very many people and organizations. What am I missing here?
Nobody is making excuses, this CEO basically told us how his business lacks information security by conflating Windows with Office.

If you want enterprise solutions, then you’re gonna have to pay the enterprise price.
You’re not going to find SIEM integration in a consumer solution, that doesn’t mean you’re forced to use MS add-ons.
Neither do you or everyone else require an E5 license, you can just purchase the add-on for one user, yes PowerBI might be fun but it isn’t free.

I like how he mentioned the vulnerability in Excel but didn’t state it was an Excel 95 document, that a user had to explicitly download because Excel 95 isn’t cross platform like 365.

To put it in Azure terms, not everyone needs KeyVault but if you want to throw money at MS they won’t stop you.
 
Nobody is making excuses, this CEO basically told us how his business lacks information security by conflating Windows with Office.

If you want enterprise solutions, then you’re gonna have to pay the enterprise price.
You’re not going to find SIEM integration in a consumer solution, that doesn’t mean you’re forced to use MS add-ons.
Neither do you or everyone else require an E5 license, you can just purchase the add-on for one user, yes PowerBI might be fun but it isn’t free.

I like how he mentioned the vulnerability in Excel but didn’t state it was an Excel 95 document, that a user had to explicitly download because Excel 95 isn’t cross platform like 365.

To put it in Azure terms, not everyone needs KeyVault but if you want to throw money at MS they won’t stop you.
fact remains he's way out of his depth.He should stick to programming or whatever he does because he's technically not up to.To go on a rant about a subject he doesnt know anything about is not a very clever thing to do.
 
fact remains he's way out of his depth.He should stick to programming or whatever he does because he's technically not up to.To go on a rant about a subject he doesnt know anything about is not a very clever thing to do.
It’s not even bad PR, it’s cringy.
Firth said that many companies believe if they kept their Windows versions updated, they would be fully secure.
Never seen any business that believed that, big or small.
 
Top
Sign up to the MyBroadband newsletter