Windows is the security problem
In an era of constant outsourcing, slashed budgets and increased expectations, is the answer to spend more on something we paid for previously? Or is the answer to look at our current solutions and ask if we can do better?
The Internet isn't inherently insecure, as Jon Oltsik asserts, but the foundation of most business networks is. Let's stop passing the buck and examine the source of every major security leak for the past four years: Microsoft Windows is insecure software. Each new version is touted as being the most secure, but clearly this isn't true. When asked for an explanation, Microsoft has always pointed to the user.
We should know better than to open e-mail attachments, view Web pages or trust default settings. Instead of fixing these security issues Microsoft delivers new versions of Internet Explorer, Outlook and Outlook Express with features hidden or functionally crippled. Users can't be relied upon to download each patch, so we are given Windows Update. This wouldn't be too bad if the updates weren't near daily events. What's more, this system breaks down completely when Microsoft sits on a problem for six-plus months.
The answer isn't more security products and consultants to deploy them. The answer is to end the computing monoculture and support diverse, secure systems built on open standards. The answer was just beyond our fingertips a few years ago; the answer is less Microsoft.
Bob Bolin
North Royalton, Ohio