Code flaws push up cost of IT security


Code flaws push up cost of IT security

Karl Cushing
UK companies face a multimillion-pound bill as the number of flaws in Microsoft Windows software escalates, analyst firm Gartner has warned.

John Pescatore, an analyst with Gartner, said implementing personal firewalls to guard against Microsoft security flaws is a critical enterprise requirement.

However, businesses would have to pay about £100 per user to roll out personal firewalls to corporate PCs. Ongoing support costs could be an extra £30 a year per user.

"The growing use of corporate desktops on broadband connections means that corporate PCs, particularly laptops used by remote workers, are more exposed to direct internet-based attacks," said Pescatore.

Microsoft agreed that laptops and desktops should be loaded with their own firewall, which is not yet standard practice.

Graham Titterington, a senior analyst at Ovum, said corporate network security was particularly at risk from vulnerabilities in laptops and homeworkers' PCs with always-on broadband connections. He said the risk has been there for years but it is gradually increasing.

Pescatore pointed out that this is the first year when more laptops have been sold than desktop PCs. In-built security provided by Microsoft, such as the Internet Connection Firewall in Windows XP, is "not sufficient" as it only blocks incoming connections, he said.

Microsoft has released six Windows patches in the past fortnight and 13 "critical" patches this year. Pescatore said it was not unusual for firms to take 18 months to deploy such a large number of patches to all of their PCs, and the situation is set to get worse.

Suppliers should be ashamed >>

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy