After weeks of speculation, Microsoft has finally announced that Charlie Bell would be taking over as the head of the company’s newly formed security arm. Bell will be assuming his new role after a 23-year stint with Amazon AWS, where he oversaw engineering, operations, and product development. The news of his departure emerged first in August, followed by unconfirmed reports suggesting he had joined Microsoft.
Microsoft chief Satya Nadella in a memo to the employees said the company is preparing to deal with the next big challenge of securing digital technology platforms, devices, and clouds in heterogeneous environments. This grand ambition is what got Bell, who has a proven track record in building world-class platforms, attracted to Microsoft, Nadella added.
Bell took to LinkedIn to confirm the news. In his post, he described ‘digital medievalism’, referring to the dependency of organisations and individuals who depend on the ‘walls of their castles and the strength of their citizens against bad actors who can simply retreat to their own castle with the spoils of an attack’. According to him, there is a need to move away from this and embrace digital civilisation where safety is invariant and always true.
Bell joined Amazon in 1998 when his company acquired Server Technologies Group he had founded two years back. His company built internet commerce transaction software. Previously, he worked at Oracle, where he worked for seven years and managed transactional system projects.
Of his 23-year-old tenure at AWS, Bell spent 15 years as the top executive in the cloud unit. He reported directly to the CEO, Andy Jass (when he was AWS CEO). As part of his responsibilities, he looked over the broad AWS services, including product definition, pricing, software development, and operations. Interestingly, Bell was even considered for Jassy replacement as the AWS CEO, which ultimately went to Adam Selipsky (former Tableau Software CEO).
Bell’s move to Microsoft was shrouded in speculation as Amazon strictly enforces non-compete agreements. Microsoft said that it would be continuing constructive discussions with Amazon about Bell’s appointment. This year, many senior Amazonians have left the organisation. Prominent names include Steve Kessel, who led the physical stores business, Wei Gao, who was attached with the grocery arm, and Amazon Worldwide Consumer CEO Jeff Wilke.
Bell-ing the Security Cat
Bell has a mammoth task ahead of him as he takes over his new role. In recent times, Microsoft has faced a number of security challenges. One of the recent ones is when the Azure Cosmo DB, a fully managed NoSQL database for modern app development, was breached by security researchers of Wiz. The attackers were able to gain complete access to thousands of Azure customer accounts via Jupyter Notebook. Compromised accounts included a few high profile ones like Coca-Cola, Liberty Mutual Insurance, and ExxonMobil. The Microsoft team was able to disable the vulnerable feature within 48 hours.
In December last year, a UK-based app developer, Probase, identified an unsecured Azure cloud database that exposed medical records, recruitment data, insurance claim documents, and occupational health assessments. As per The Register, up to 587,000 files remained in an unprotected Azure blob. This blob was public-facing, and anyone with the files’ addresses could view them without any authentication.
In January, a web privacy and VPN vendor, vpnMentor, discovered a leaky cloud storage blob via their web mapping project. It was suspected that Microsoft was the owner of the storage blob.
These attacks have impacted the products of Microsoft and other companies. Microsoft has been adding new security features from the last few years, including Windows and Azure cloud services. The company has also acquired many security firms and recently established the Microsoft Threat Intelligence Centre that tracks nation-state hackers.
Subscribe to our NewsletterGet the latest updates and relevant offers by sharing your email.
I am a journalist with a postgraduate degree in computer network engineering. When not reading or writing, one can find me doodling away to my heart’s content.