Does Vista show us the path to safer IT?

Ibukun Adebayo outlines the dangers of Microsoft's Jack-of-all-trades approach

Ibukun Adebayo outlines the dangers of Microsoft's Jack-of-all-trades approach

It is good news that Microsoft has taken the time to build a full security suite into Vista, but bad news that it has been reluctant to allow some major third-party security suppliers the access to the code that they wanted. That has effectively limited users' choice of security products.

Compare this scenario with, say, the car industry. When you buy a car you are perfectly free to buy your tyres, say, from a specialist supplier if you believe they offer you enhanced safety specifications. Imagine the outcry if car manufacturers started releasing models that took exception to tyres from other manufacturers being fitted to them.

OK, hopefully nobody is going to get killed or injured as the result of a computer security weakness, so Micro­soft could argue that it is perfectly fair to test-drive its first major security product on business customers.

The question is, does Microsoft intend Windows Vista to be adopted by serious businesses whose entire existence depends on systems security and reliability, such as financial houses, banks, and even car manufacturers?

Missing testbed

Many IT professionals use the performance of the home-user versions of Microsoft's operating systems as a testbed to determine the feasibility of adopting the business version. Microsoft's failure to offer a wide release of a home-user version of Vista that business users can test first does not bode well for the supplier or its operating system. Very few businesses will risk early adoption of Vista before the arrival of Service Pack 1 except, potentially, companies that still have to upgrade from Windows NT 4.

Hackers, however, would have a field day being "co-testers" with the early adopters to find out if all the Vista security "wrinkles" identified by Microsoft earlier in the year need further ironing out.

None but the brave

Another favoured approach in determining whether to adopt a new software version is to search the web for reported issues posted by the early adopters, to help assess the risks. But with the majority of potential Vista migrants waiting for Service Pack 1, who is going to be brave enough to deploy Vista in a mission-critical environment to test and report such issues?

It would take an extremely brave IT director to approve an early adoption of this product within a live network environment.

Microsoft should get its act together and stop trying to be a Jack-of-all-trades. It should let the security companies specialise in what they do best, and devote its own energies to perfecting its products and regaining the trust of the public on ­issues such as licensing and market dominance.

If serious disagreements persist between security companies and Microsoft on Vista's security features, then the rhetoric on trustworthy computing may largely go unheeded by the very customers Microsoft is trying to entice with its new desktop offering.

Ibukun Adebayo is director of IT at social care organisation Turning Point

More information at:

Read more on Antivirus, firewall and IDS products