Companies should worry less about migrating to
new operating system and concentrate more on its security, says
Simon Moores.
Windows NT 4.0 is alive and well and at a bank, business
or hospital near you.
That's the problem, and it's one shared by both Microsoft and
business. The company may have discontinued support for Windows NT
on the desktop in June and will do the same for the Server next
year, but for a number of very good reasons NT is stubbornly
refusing to take the door marked "Exit".
This month, I had a conversation with the head of security at a
leading bank.
"Blaster was a wake-up call to all of us in the financial
services industry," he tells me. With tens of thousands of desktops
and almost a thousand servers, we were planning a gradual migration
from Windows NT, to Windows 2000 and then finally to Longhorn when
it arrives.
"Windows XP doesn't appear in our plans at all, he adds.
"However, not only did the events of the summer give us serious
cause for concern on the security front, but they also made us
worry over falling foul of the regulators, who are themselves
concerned over levels of preparedness for whatever comes next."
It appears that the reluctance to move up and away from Windows
NT to Windows 2000 or even Windows Server 2003 wasn't a software
licensing issue, but a total cost of ownership worry.
Windows NT both on the desktop and the server still runs
relatively cheaply on PCs that are more likely to be found
gathering dust in my attic.
Take 20,000 desktops, migrate these to Windows 2000 and multiply
the result across the NHS or European banking sector and the cost
in new hardware is not insignificant in an industry which claims it
is struggling to be profitable or productive.
Concerns over migration costs appear to have been left behind by
worries over security, and so, in this example, the migration
process will now be accelerated into an 18-month window, which will
see Windows Server 2003 putting in an appearance. It is robust, and
Windows 2000 rolled out to fat-desktops and mobile users and
potentially, a Linux-based thin client is deployed to the bulk of
transactional users.
Either way, this won't be cheap and credit card charges will
continue to remain outrageous in the eyes of the public as a
by-product of the banking sector's rush to make itself as immune as
possible from the threat from "the next big thing" to appear from
the "dark side'"of the internet.
One further interesting comment I gleaned from my conversation,
was that NT is no more or less insecure than any other Microsoft
operating system.
Instead, it's how the IT department manages the security of the
Windows environment that counts, and that Windows Server 2003 is
attractive because Microsoft have made the tools and policies
available that makes securing that environment easier.
Every dog has its day, and NT has had its. Banks should know
about security and they know a great deal about cost. If this is a
good example of current thinking, then squeezing the extra pennies
out of a Windows NT environment is too much of a risk.
Of course, the risk to Microsoft is whether what they choose
next has Windows written on the box, but having spent six months
talking with financial institutions here and in Europe, I suspect
that Bill Gates hasn't any reason to lose sleep over the UK.
What do you think?
What are you doing to make sure Windows is secure?
Tell us in an e-mail >>
ComputerWeekly.com reserves the right to edit and publish
answers on the website. Please state if your answer is not for
publication.
Setting the world to rights with the collected thoughts and
opinions of leading industry analyst Dr Simon Moores of
Zentelligence.
Acting globally, Zentelligence (Research) advises
governments, suppliers, business and the media on the evolution,
application and delivery of leading-edge technologies and
specialises in the areas of eGovernment and information
security.
For further information on Zentelligence and its research,
presentation and analyst services visitwww.zentelligence.com