Will enterprise open source adoption trigger malware migration?

Recent reports have detailed Google’s actions to phase out the internal use of Microsoft’s operating system for security reasons following targeted attacks that the company has experienced. The targeted espionage attacks took place in January of this year and were carried out with the aim of gaining access to the Gmail accounts of Chinese human right activists.

Now as Google employees consider the option to select either Apple Macs running OS X or PCs running the open source Linux operating system, the question is whether other corporations will follow this practice.

If enterprise roll out of open source and Apple’s OS X operating system markedly increases, then will the relatively small amount of malware targeting these platforms increase by a proportionate amount?

Whether you agree with Apple CEO Steve Jobs when he talks of Windows being in “permanent decline” or not, the reality is that on balance Mac and Linux are not more secure than Windows. They’re just less targeted. For now that is.

Most would argue that Apple’s heavyweight consumer branding and advertising will always position the company’s products in the hands of the home user or the creative design field. But enterprise open source and the various “flavours” or distributions that it comes in is gaining ground fast.

The espionage Trojan that came knocking on Google’s door could easily be remodeled and re-spawned as a Linux variant of its former self.

So is this likely to become a reality and will we see a new tide of malicious content start to grow for platforms other than Windows? I spoke to Mickey Boodaei who is CEO of secure browsing services company Trusteer to get some comments on the wider implications of this story.

“Products that are widely used are more likely to be tested for security flaws and are more likely to be attacked regardless of whether they’re open source (or Apple Mac OS X) based or not. A company’s decision to adopt a platform from a security perspective should be never based on whether it’s open source or Mac or Windows. It should be based on whether you have the right tools and processes to secure the platform,” said Boodaei.

Perhaps it is no coincidence then that Trusteer does produce a security product for Mac. But Boodaei’s comments are quite even handed, so the best advice for all of us is clearly to watch what we click and, where, free security software is available for any platform (and there is plenty) that we should install that as our first move.