Gartner echoes concerns over Microsoft 'monoculture' | CNET News.com
This recent spate of reports and articles seems to indicate to the public that we've all contracted "mono" and it will be the death of us. I believe it's time to begin to counter the arguments and illimunate just how complex this issue is.
Most of the stronger arguments center around the monoculture of Windows on the desktop. But I think all the claims about Linux/MAC security being safer because it's harder to violate, just don't make sense.
Windows makes it easy to use a PC. If I switch to Linux, my productivity decreases since I have to jump through the hoops of a more complex system. And if I don't change the mindset of the user, they'll embrace the more difficult process and replicate their insecure behaviors in a more complex environment. This is why other methods of controlling behavior in an enterprise negate the claims made in these reports/articles. Their presence in a competent enterprise dull the sharpest of blows. Since the probem is people, people's behaviors need to be controlled through restrictions, software policy, anti-virus and other defensive mechanisms to ameliorate the risky behaviors. For example, you can't run .exe files in a monoculture if you forbid them outright to be delivered in e-mail. This is an example of a restriction which instantly immunizes an environment from executable (.exe) attacks. A switch to a Linux environment would still require a prudent policy restricting files delivered by e-mail to be in place or the same risks will be encountered a la the people who will follow the Linux procedure to execute the file. Just one example of how the problem doesn't change.
What does make sense to me now in a Windows monoculture is the delivery of more and more easy to use Windows tools to control and limit user behaviors which cause the security problems. Making the Windows environment more secure is easier because of the complexities of Linux.
Others are picking apart these claims and we need to join the chorus.
This recent spate of reports and articles seems to indicate to the public that we've all contracted "mono" and it will be the death of us. I believe it's time to begin to counter the arguments and illimunate just how complex this issue is.
Most of the stronger arguments center around the monoculture of Windows on the desktop. But I think all the claims about Linux/MAC security being safer because it's harder to violate, just don't make sense.
Windows makes it easy to use a PC. If I switch to Linux, my productivity decreases since I have to jump through the hoops of a more complex system. And if I don't change the mindset of the user, they'll embrace the more difficult process and replicate their insecure behaviors in a more complex environment. This is why other methods of controlling behavior in an enterprise negate the claims made in these reports/articles. Their presence in a competent enterprise dull the sharpest of blows. Since the probem is people, people's behaviors need to be controlled through restrictions, software policy, anti-virus and other defensive mechanisms to ameliorate the risky behaviors. For example, you can't run .exe files in a monoculture if you forbid them outright to be delivered in e-mail. This is an example of a restriction which instantly immunizes an environment from executable (.exe) attacks. A switch to a Linux environment would still require a prudent policy restricting files delivered by e-mail to be in place or the same risks will be encountered a la the people who will follow the Linux procedure to execute the file. Just one example of how the problem doesn't change.
What does make sense to me now in a Windows monoculture is the delivery of more and more easy to use Windows tools to control and limit user behaviors which cause the security problems. Making the Windows environment more secure is easier because of the complexities of Linux.
Others are picking apart these claims and we need to join the chorus.
posted by Kevin at
11:41 PM
| Digg
This!
0 Comments:
Post a Comment
<< Home