Users should not use Windows NT for hosting electronic commerce applications until the end of 2001 because the operating system (OS) is not yet secure enough to cope.
The same applies to the introduction of any other system where security is critical because, while security is an important issue to Microsoft, it is only important to the extent that it inhibits the uptake of NT in the enterprise, according to Neil MacDonald, Gartner Group analyst at the market research firm?s ?Windows NT in the Enterprise? conference in Palm Springs on Wednesday.
As a result, for the next couple of years, users should deploy other mature midrange OSs such as Unix if they want to introduce secure environments into their enterprise.
?NT?s security is not the best, but it is good enough for most organisations. At this stage, however, NT is inappropriate for secure applications - it?s fine if it?s behind a firewall, but I don?t recommend it for security intensive applications and with ecommerce, when its on the Internet outside the firewall, the probability of facing a sophisticated attack is 99.999 per cent,? MacDonald said.
?I would advise users to introduce not just Unix, but hardened Unix for ecommerce. NT is just not secure enough, especially with the new vulnerabilities that are likely to appear with Windows 2000,? he added.
NT?s security remains suspect, he continued, because the OS is still relatively immature. Unlike Unix, however, it has not so far hosted enough interesting content for hackers to bother attacking it, although this is now changing.
Such hackers have also until now lacked the necessary NT expertise to do their worst, but the lack of security skills surrounding NT Server both in the industry and in individual enterprises leaves many organisations open to breaches.
This means that throughout 2000, some 80 per cent of NT security problems will be down to administrative or configuration errors.
The security situation has also not been helped by the rapid rate of change in the OS and the quality of Microsoft?s development process, where shortcuts are common.
New security issues have been introduced with each new version of the OS and Windows 2000 will replace many core security services with new unproven code - a situation that is likely to be made worse by the increasing complexity of the source code base.
to comment on this story, email [email protected]
The new framework could enable supercomputers that reach exascale levels
Danish Ministry of Higher Education and Science offers £1.3 million to reveal secrets of the universe
The grant will be used to upgrade particle detectors at CERN
It's the second time that Alexa has been called on to testify in a court case
So-called ghost galaxies aren't necessarily small but can be difficult to detect due to their very low star power