Digging into Microsoft’s search efforts

Microsoft‘s developing desktop search technology will have to be complemented by a well-defined security framework, or it will become a nightmare when integrated into a corporate collaboration environment, experts say.

The company recently showed off its newest search technology, Local PC File Search, which indexes every keyword and number stored on a hard drive. With that index a user can search his hard drive for such things as e-mail, documents, contacts and calendar items.

Developed collaboratively by Microsoft’s Office, Research, Longhorn and Knowledge Interchange teams, the technology is designed to help Microsoft in its battle with Google, Yahoo and other search companies to attract consumers. But the technology also is destined to be part of Microsoft’s enterprise platform.

Experts say local search, which Microsoft is expected to debut next year, is a necessary tool in a day and age where 40G-byte hard drives are the norm. But the downside is that such an index creates a security and privacy risk if used as part of an information-sharing or integrated-search environment that includes multiple users, network servers and intranet sites.

“If Microsoft isn’t planning to look at this as a security framework built into the platform, it will be a loaded rifle,” says Peter O’Kelly, an analyst with Burton Group. “People will find that they are sharing things that they hadn’t intended to share.” It’s not just about search, O’Kelly says: It’s about everything bad that can happen after data is compromised.

For years Microsoft has been building toward such a universal search technology, which will see its first incarnation next year with the Yukon technology in SQL Server 2005. That eventually will expand with Yukon support in Exchange Server before reaching Longhorn and the WinFS universal file system, which Chief Software Architect Bill Gates calls his Holy Grail because it provides a unified repository for all data.

“The issue is you better make sure you protect that index, you better make sure there is no path to that index” for anyone other than the PC’s owner, says John Pescatore, an analyst with Gartner. “Once you start to index everything you start to expose things that no one human could find on their own.”

The index could become a treasure-trove for hackers who target Microsoft’s client operating system. Today’s Windows desktop file sharing technology already has proven it can be a security risk.

Pescatore says any search technology that peeks into a local hard drive will have to be corralled by an “opt-in” model that lets users pinpoint what is exposed and what is hidden.

That is just the technology currently under development by desktop search vendor X1. The company is a competitor to Lookout Software, which Microsoft acquired last month.

“We are working on indexes that can be subscribed to,” says Mark Goodstein, founder of X1. He says the company put X1, which indexes e-mail, files, attachments and contacts, on its network with an index to Temp Folders stored on local PCs. Goodstein says the test revealed that even with only one folder exposed, sensitive data including salary information was available on the network.

“This data was protected before just because it was opaque. Once you create an index you find some interesting things,” Goodstein says.

He says the issue needs a solution today because companies are asking for integration of X1 with collaboration tools such as Groove and Microsoft’s SharePoint Services.

Microsoft already has developed some protection features such as in SharePoint, which lets users set up protected file shares, and with digital rights management technology to protect documents and data. The vendor also is building an identity management platform around Active Directory for sophisticated authentication and authorization access controls.

“I don’t think these security issues are any worse than they are today with search,” says Peter Pawlak, an analyst with research firm Directions on Microsoft. “Sure there is a huge security aspect to desktop search, but Microsoft is putting too much work into security to be sloppy about this.”

The issue that really concerns Pawlak is improving the overall search features in Windows, which he calls primitive compared to the concept of Longhorn’s WinFS.

“I’m more worried if it will be fast enough, capable enough,” he says.