Microsoft's developing desktop search technology will have to be complemented by a well-defined security framework, or it will become a nightmare when integrated into a corporate collaboration environment, experts say.

The company recently showed off its newest search technology, Local PC File Search, which indexes every keyword and number stored on a hard drive. With that index a user can search his hard drive for such things as e-mail, documents, contacts and calendar items.

Developed collaboratively by Microsoft's Office, Research, Longhorn and Knowledge Interchange teams, the technology is designed to help Microsoft in its battle with Google, Yahoo and other search companies to attract consumers. But the technology also is destined to be part of Microsoft's enterprise platform.

Experts say local search, which Microsoft is expected to debut next year, is a necessary tool in a day and age where 40G-byte hard drives are the norm. But the downside is that such an index creates a security and privacy risk if used as part of an information-sharing or integrated-search environment that includes multiple users, network servers and intranet sites.

"If Microsoft isn't planning to look at this as a security framework built into the platform, it will be a loaded rifle," says Peter O'Kelly, an analyst with Burton Group. "People will find that they are sharing things that they hadn't intended to share." It's not just about search, O'Kelly says: It's about everything bad that can happen after data is compromised.

For years Microsoft has been building toward such a universal search technology, which will see its first incarnation next year with the Yukon technology in SQL Server 2005. That eventually will expand with Yukon support in Exchange Server before reaching Longhorn and the WinFS universal file system, which Chief Software Architect Bill Gates calls his Holy Grail because it provides a unified repository for all data.

"The issue is you better make sure you protect that index, you better make sure there is no path to that index" for anyone other than the PC's owner, says John Pescatore, an analyst with Gartner. "Once you start to index everything you start to expose things that no one human could find on their own."