|
|
ADVISOR RADAR
Microsoft's Ubiquity Guarantees Security Trouble
The Computer & Communications Industry Association argues that for IT security to improve, customers must be able to change how they deploy Microsoft software such as Office.
The pervasiveness of Microsoft software has led to an IT "monoculture" and serious security risks, according to a published report from the Computer & Communications Industry Association (CCIA), a nonprofit that promotes fair open markets, open systems, and open networks. The group, which has generally been critical of Microsoft in the past, argues that a software monopoly is inherently dangerous due to a "cascading failure" -- computers running the same or similar OSs fall victim to a single attack.
It says market share for Windows tops 90 percent, and Office, and Internet Explorer (IE) hold similar monopolies.
One of the problems, according to the group, is that Microsoft has added features to the operating system without giving users an easy way to remove them. In addition, the tight integration between Microsoft applications and Windows (via complex interfaces) makes it hard for consumers to find alternatives to Microsoft products.
Because most computers run Microsoft OSs, they're vulnerable to the same viruses and worms (NIMDA and Slammer, for example) at the same time, the authors argue. The only way to avoid the problem is to diversify IT environments.
The CCIA report says that even Microsoft's work to improve security (the Trustworthy Computing Industry) might be dangerous because it could strengthen user lock-in (for example, a Trusted Outlook might only be able to communicate with a similarly Trusted Exchange Server).
The organization offers several potential solutions. The main message is that governments should impose regulations. Specifically, the group says, Microsoft should be forced to make applications and interfaces available on non-Microsoft platforms, such as Linux and Mac OS. The report also suggests breaking up Office into components so that Microsoft can't continue adding products to the suite. These measure could let companies practice risk diversification: using more than one type of OS brand to prevent cascading failure.
Regulations such as these would not only boost security but could also help customers financially, according to the report.
"For many organizations the only thing keeping them with Microsoft in the front office is Office," the authors write. "If Microsoft was forced to support Office on, say, Linux, then organizations would save substantial monies better spent on innovation."
You can read the report in its entirety at http://www.ccianet.org.
Microsoft recently reported security problems in its Office software. A fault in the Visual Basic for Applications languages -- which lets developers tie applications into Word or Access -- (see http://Advisor.com/doc/13002).
ARTICLE INFO
Web Edition: 2003.10.07, Doc #13099
 FREE ACCESS
Keyword Tags: Apple, Apple Mac OS, Budget Technology, Business Software, IT Industry, Linux, Microsoft, Microsoft Access, Microsoft Internet Explorer, Microsoft Office, Microsoft Office System, Microsoft Windows, Microsoft .NET, Microsoft .NET Framework, Security, System Management, Technology Management, Tech: Software, Virus Protection
ADVISORAMA Is sloppiness in speech caused by ignorance or apathy? I don't know and I don't care. -- William Safire |
|