While those nice people from Microsoft are frantically plugging the gaps, there is a very real possibility that Windows is applying a new meaning to ‘Open’ Systems – meaning that your corporate data is open to view.
It almost seems churlish to denigrate Microsoft, considering the way in which the corporation has liberated computing. After all, it wasn’t really IBM that made personal computing possible – it just provided the platform.
It was Bill Gates’ genius that made the PC respectable to such an extent that it has become the de facto workstation for the overwhelming majority of corporations worldwide.
It was Microsoft that broke down the fortresses of ‘proprietary systems’, which invented intuitive computing and revolutionized the whole concept of personal productivity. Within a couple of decades an incredibly young computer geek has turned the computing world on its head and made the transition from a single brilliant idea to possibly the most innovative influence on the way business is conducted. Eat your heart out Leonardo da Vinci!
Inevitably, though, there has been a price to pay. Unfortunately, Microsoft suffers from the legacy of its origins – personal computing – which means that security has been seen as a workstation issue rather than a network-wide issue. That’s why managing security across enterprise networks has become a nightmare. To put some scale to the problem, every two years PricewaterhouseCoopers carries out a survey of UK IT security breaches on behalf of the DTI. The most recent report reveals 44 per cent of UK businesses have suffered at least one malicious security breach in the past year – almost double the figure reported two years earlier.
In fact, the design concept of ‘usability’ is just one of two systemic weaknesses in the Windows environment. The second is the way in which Microsoft has tried to address the problem for corporate users; the concept of vesting all responsibility with an individual known as the Systems Administrator. It means that ‘Kevin’ has supreme control over every user – from board directors to essential knowledge workers – and the keys to every recorded piece of information from competitive intellectual rights material to the very latest corporate strategy. Just to add an extra frisson, in an outsourced environment, Kevin isn’t even on your own payroll and it possibly not even working in the same hemisphere of the globe.
Even Microsoft has recognized the problem and has a long-term objective of what it calls ‘trustworthy computing’. Unfortunately, the Palladian project as it’s code-named, will be a root and branch reappraisal of the whole approach to computing, going right down into the heart of the hardware – reinventing the PC architecture. An admirable objective and I am sure it will get there, but I believe it is a decade away. Meanwhile, Kevin has the keys.
It is no wonder then, that according to a recent Forrester report, 77 percent of IT managers list security as their principal concern and remain to be convinced by Microsoft’s ‘Trustworthy Computing’ security message.