Microsoft, How can you create security if you can't implement it?

A recent article, by John Leyden from The Register titled "On the Microsoft FTP server leak", points out Microsoft's internal security policy problems. According to the article, an ftp server that was publicly visible from the internet was being used by Microsoft employees as a data exchange server. Apparently, someone was able to crack into the ftp server using standard cracking tools and obtain confidential data.

Leyden wrote: "Microsoft made customer details - along with numerous confidential internal documents - freely available from a deeply insecure FTP server earlier this month. As well as numerous PowerPoint slides, such as Linux Vs Windows comparisons and .NET strategy papers, Microsoft "published" files an estimated 11 million customer email addresses and seven million snail mail address on the server."