Microsoft Windows is the dominant operating system in business organizations for desktops and intranet servers. It is also the number one target platform for hackers. Some hackers simply hate Bill Gates and Microsoft for being such a force in the market and others just see it as the biggest target. And the greatest threat to network security.
It was developed originally for a pre-internet world of standalone computers and local area networks. Microsoft has improved security over the years, but has always placed a premium on ease of use, maintenance and support. This is exactly what their customers want and Windows computers are rarely installed with the optimum configuration from a security standpoint.
In fact many experts recommend that the best way to improve your network security is to migrate Windows to Linux. Linux, with its long UNIX heritage, does have a more mature security architecture. In this age of BYOD, organizations are dealing with a wider variety of platforms. The popular Android OS is actually a decedent of Linux. Yet, there does not appear to be much chance that organizations abandoning Windows anytime soon, despite the decline in importance of the desktop.
However, there are few other things you can do to improve security.
- Protect your network with a robust hardware based Firewall, while also having personal firewalls on all computers. A layered approach to network security is essential.
- Use endpoint security management tools, such as Comodo EMS, to ensure that all computers on your network have an up to date Firewall and antivirus program correctly configured.
- Restrict user’s rights to install software. I hate this myself, but it is important. When you give everyone installation rights you are giving it to the malware they download!
- Use Firefox instead of Internet Explorer. It may not be practical to migrate away from Windows, but you can do a lot of good by using the much more secure Firefox.
- Identify and secure all access points, no matter how seemingly insignificant. Every web site, every ftp server that can be accessed via the public internet needs to be secured and monitored for compromises.
- Require strong passwords for your computers and applications. This is another one I hate, but weak passwords are the best friend of every hacker.
Given the nature of the internet, network security is a never ending battle that requires constant vigilance.