Users should not use Windows NT for hosting electronic commerce applications until the end of 2001 because the operating system (OS) is not yet secure enough to cope.
The same applies to the introduction of any other system where security is critical because, while security is an important issue to Microsoft, it is only important to the extent that it inhibits the uptake of NT in the enterprise, according to Neil MacDonald, Gartner Group analyst at the market research firm?s ?Windows NT in the Enterprise? conference in Palm Springs on Wednesday.
As a result, for the next couple of years, users should deploy other mature midrange OSs such as Unix if they want to introduce secure environments into their enterprise.
?NT?s security is not the best, but it is good enough for most organisations. At this stage, however, NT is inappropriate for secure applications - it?s fine if it?s behind a firewall, but I don?t recommend it for security intensive applications and with ecommerce, when its on the Internet outside the firewall, the probability of facing a sophisticated attack is 99.999 per cent,? MacDonald said.
?I would advise users to introduce not just Unix, but hardened Unix for ecommerce. NT is just not secure enough, especially with the new vulnerabilities that are likely to appear with Windows 2000,? he added.
NT?s security remains suspect, he continued, because the OS is still relatively immature. Unlike Unix, however, it has not so far hosted enough interesting content for hackers to bother attacking it, although this is now changing.
Such hackers have also until now lacked the necessary NT expertise to do their worst, but the lack of security skills surrounding NT Server both in the industry and in individual enterprises leaves many organisations open to breaches.
This means that throughout 2000, some 80 per cent of NT security problems will be down to administrative or configuration errors.
The security situation has also not been helped by the rapid rate of change in the OS and the quality of Microsoft?s development process, where shortcuts are common.
New security issues have been introduced with each new version of the OS and Windows 2000 will replace many core security services with new unproven code - a situation that is likely to be made worse by the increasing complexity of the source code base.
to comment on this story, email [email protected]
Wikileaks Vault 7 suspect Joshua Schulte fingered by FBI after re-using smartphone passwords on his PCs
Joshua Schulte indicted on 13 counts relating to Vault 7 leaks and trading in images of child abuse
Alexa for Hospitality will link with existing systems so guests can order room service and control the air con
Massive volcanic eruptions could have warmed Mars' surface sufficiently for oceans to form
Examination of fruit flies' brains generated more than one billion data points for scientists to analyse