SmartAdvice: Craft Vision Statement So It Motivates And Leads - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications
Commentary
1/20/2004
12:15 PM
Commentary
Commentary
Commentary
50%
50%

SmartAdvice: Craft Vision Statement So It Motivates And Leads

Vision statements must reflect the organization and involve everyone, so make them simple and achievable, The Advisory Council says. Plus, consider your company's needs for archiving and what's already in use when choosing business-messaging systems, and staying up-to-date on security patches will help keep Windows NT-family operating systems safe.

Topic C: What actions should Microsoft Windows users take to address its well-publicized security issues?

Our advice: From a fundamental, architectural perspective, the Windows NT family (NT, 2000, XP, 2003) is as sound as any other generally available operating system. In contrast, the MS-DOS-based versions of Windows (95, 98, ME) are fundamentally flawed, and shouldn't be used in any environment where security is a concern.

Coding bugs, especially stack-buffer overflow bugs, have been a serious problem with Windows. The only way to deal with them is to install Microsoft's security patches promptly upon release. After testing with their own applications, Windows administrators should install the latest Service Packs for their respective Windows versions, as well as any subsequent security patches. Windows administrators also should subscribe to the Microsoft Security Notification Service.


Related Links

Microsoft Security Notification Service (Microsoft Passport required)

Microsoft Baseline Security Analyzer

Bragg, Roberta, Windows 2000 Security, New Riders Publishing, 2000.


Ill-considered "features," especially some ease-of-use features, have been an Achilles' heel for Windows and its applications. For example, as originally released, both Microsoft Office 97 and 2000 permitted users to inadvertently run a virus by just previewing an infected E-mail. Depending on the user's privileges, this could damage the entire system. These holes have long since been fixed with security patches. And as with the operating system, keeping up-to-date on application security patches is essential.

Inappropriate defaults are another problematic artifact of Microsoft's attempts at "ease-of-use." Systems that retain these default settings are particularly vulnerable to hackers and viruses. The Microsoft Baseline Security Analyzer tool enables an administrator to check for inappropriate default settings on all the NT-family systems on a network.

Although not a problem with the operating system per se, another reason for Windows' poor security reputation is that it's more likely than other operating systems to be installed and configured by people untrained in basic IT-security practices. Combined with inappropriate defaults, this can lead to untrusted users having access to far more information, and therefore having more ability to cause damage, than they should. This problem can be solved by ensuring that all Windows administrators have appropriate security training and job-performance metrics.

Because so many systems run Windows, it's the most popular target of hackers and viruses. Nonetheless, we don't believe that it's necessary or appropriate for Windows users to undertake the effort, disruption, and expense of moving to another operating system for reasons of security. Properly managed and maintained, Windows 2000, XP, and 2003 are as secure as Linux or other operating systems.

-- Peter Schay


Sourabh Hajela, TAC Expert, has more than 15 years of experience in strategy, planning, and delivery of IT capability to maximize shareholder value for corporations in major industries across North America, Europe, and Asia. He is a member of the faculty at the University of Phoenix, where he teaches courses in strategy, marketing, E-business and leadership. Most recently, he was VP and the head of E-business with Prudential Financial.

Beth Cohen, TAC Thought Leader, has more than 20 years of experience building strong IT delivery organizations from both user and vendor perspectives. Having worked as a technologist for BBN, the company that literally invented the Internet, she not only knows where technology is today but where it's heading in the future.

Peter Schay, TAC executive VP and chief operating officer, has 30 years of experience as a senior IT executive in both IT vendor and research industries. He was most recently VP and chief technology officer of SiteShell Corp. Previously at Gartner, he was group VP of global research infrastructure and support, and launched coverage of client/server computing in the early 1990s.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
3 of 3
Next
Comment  | 
Print  | 
More Insights
Commentary
What Becomes of CFOs During Digital Transformation?
Joao-Pierre S. Ruth, Senior Writer,  2/4/2020
News
Fighting the Coronavirus with Analytics and GIS
Jessica Davis, Senior Editor, Enterprise Apps,  2/3/2020
Slideshows
IT Careers: 10 Job Skills in High Demand This Year
Cynthia Harvey, Freelance Journalist, InformationWeek,  2/3/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
Slideshows
Flash Poll