I understand the frustration Valdis has with the Microsoft situation. I've done my share of patching and updating and crawling under desks and wrestling with Exchange Server and all the rest, and fortunately (for my sanity) I'm not managing a few dozen M$ desktops anymore. My observation had more to do with the posturing of the "security" vendors (anti-virus, firewall, IDS, etc.) and the broad range of highly important experts who are all clamoring for attention on this and on all the other everyday security issues out there. There is certainly a need for security services and products and activities, but I am just not enamored of the "security mindset." This is just a part of what our job is so let's get on with it. And if we can convince the PHBs that moving off of Windows is (1) feasible, which is obvious; (2) manageable for them, which is not so clear, so much the better. I've broken my hammer pounding this particular nail, so having failed at moving management away from Windows, I moved myself away from management. Fred
I understand the frustration Valdis has with the Microsoft situation. I've done my share of patching and updating and crawling under desks and wrestling with Exchange Server and all the rest, and fortunately (for my sanity) I'm not managing a few dozen M$ desktops anymore.
My observation had more to do with the posturing of the "security" vendors (anti-virus, firewall, IDS, etc.) and the broad range of highly important experts who are all clamoring for attention on
All the markets are up. Almost all the security companies are down. Outbreaks cost money. They suck up resources. How are the ISP's that are competing on TV as secure networks fairing on this? Are their customers calling their call centers?
this and on all the other everyday security issues out there. There is certainly a need for security services and products and activities, but I am just not enamored of the "security mindset." This is just a part of what our job is so let's get on with it.
And if we can convince the PHBs that moving off of Windows is (1) feasible, which is obvious; (2) manageable for them, which is not so clear, so much the better. I've broken my hammer pounding this particular nail, so having failed at moving management away from Windows, I moved myself away from management.
Realistically, it's irrelevant. MS is their target because of marketshare. The next market leader will be subject to the same effort. How many times have you heard of SGI having massive security flaws exploited endangering the Internet? They do, but they aren't that big a slice of the pie so the effort is less worthwhile and profitable. The 30 PC network of unmanaged machines is a far bigger problem. Let's pray that they get a zombie and they get one someones botnet report so they can get fixed. The hammer seems to kinda sorta work these days. SP's have had a hand here. Back in the trumpet winsock days we were screaming for ease of use so our support costs would go down. Well, they did it. And the end users loved it. It can't be just taken away. Internet security problems at large haven't even reached the break of dawn yet. Wait until every phone, toaster, baby intensive care sensor, and car is hooked up. -M<
On Wed, 4 Jan 2006, Fred Heutte wrote:
My observation had more to do with the posturing of the "security" vendors (anti-virus, firewall, IDS, etc.) and the broad range of highly important experts who are all clamoring for attention on this and on all the other everyday security issues out there. There is certainly a need for security services and products and activities, but I am just not enamored of the "security mindset." This is just a part of what our job is so let's get on with it.
And if we can convince the PHBs that moving off of Windows is (1) feasible, which is obvious; (2) manageable for them, which is not so clear, so much the better. I've broken my hammer pounding this particular nail, so having failed at moving management away from Windows, I moved myself away from management.
You do of course realize that there is entire industry and quite a number of vendors whose main products involve fixing bugs, closing holes and providing timely updates for that insecure and buggy OS. If the OS was not like that, the industry would be much smaller as would the job area that involve security and other associates OS maintanance actiity. Notice also that most managers do come from the MS world and they see this all as quite normal after many years. -- William Leibzon Elan Networks william@elan.net
participants (3)
-
Fred Heutte -
Martin Hannigan -
william(at)elan.net