The operating system you use in your organisation can affect your corporate security. Of the top 3 operating systems used in organisations today – Linux is said to be the most secure.
Businesses invest a lot of time and money keeping their networks secure. The more paranoid probably have a security operations centre. The kind of businesses that keep security as a priority have systems such as firewalls, antivirus and monitor their network. The question is – how many have thought about how their operating system on all business PCs affects their security?
One of the reasons why most businesses have not raised this question is because the current operating system was implemented years ago. Back when the choice was made, all operating systems were reasonably safe as malware was in its infancy. And unfortunately, once something as large as an OS (operating system) decision is made, it’s difficult to change. Few IT companies will want the challenge that is moving an entire workforce to a new OS – especially when there is already pushback when upgrading the OS. Is it even worth making the change? Security wise, yes!
The threats confronting businesses today have certainly changed. Attacks are more intelligent and sophisticated. The lone teen hacker has transformed into well-organised networks of criminals. Majority of the world today has experienced Malware – both Windows and MacOS users.
The OS you deploy isn’t necessarily a safeguard, but it does make a difference. A breach today is more likely to be from your users and not necessarily your systems. A recent survey of hackers revealed that 84% of their technique is social engineering. A secure OS is a good starting point but is useless without proper user education. And, of course, there is always the risk of Shadow IT. These are important factors to think about before considering changing your OS. We look at the 3 most popular, Windows, MacOS and Linux.
Windows – the common choice
According to NetMarketShare, 88% of computers are estimated to be running Windows. If you’re part of that 88%, you probably know the efforts Microsoft has put into improving their security. Microsoft has recoded its codebase, added its own antivirus, improved firewalls and implemented a sandbox architecture (where programs can’t access the OS). The issue is its popularity. The security of a system depends largely on how many users and devices have it installed. Windows provides a massive playing field for hackers. As Troy Wilkinson, CEO of Axiom Cyber Solutions, explains, “Windows always comes in last in the security world for a number of reasons, mainly because of the adoption rate of consumers. With a large number of Windows-based personal computers on the market, hackers historically have targeted these systems the most.” It is certainly true with viruses such as WannaCry being aimed specifically at Windows devices.
MacOS and security
If the most popular OS is going to be the main target, then would using a less popular one ensure security? That would be a new take on the old, yet discredited, idea of “security through obscurity”. It has been stated that MacOS X is more secure than Windows, however, in recent years hackers have started created attacks specifically aimed at this OS. Security researcher Lee Muson of Comparitech says that “macOS is likely to be the pick of the bunch” when it comes to choosing a more secure OS, but he cautions that it is not impenetrable, as once thought. Its advantage is that “it still benefits from a touch of security through obscurity versus the still much larger target presented by Microsoft’s offering.”
And the number one for Security is Linux
The clear consensus among security experts for the most secure OS is Linux. Even though it is the OS of choice for servers – businesses using it on desktops are few and far between. Even if you did choose to use it in your business you would have to decide which version and that makes it more complicated. Users need a familiar UI (user-interface) and Linux requires users to be power users. The great thing is that there are versions that target security as a primary feature and its open source. Anyone can review the OS and make sure there are no bugs or loopholes. Linux based operating systems have less exploitable security flaws know to the information security world. Due to it being reviewed by the tech community it lends itself to fewer vulnerabilities. Microsoft may have a large team of developers, but it’s unlikely to compare to a global base of developers around the world.
Another factor is the user-defined privileges. Windows users are given administrative access by default, Linux greatly restricts “root”.
Although there is a great agreement that Linux is the safest, there has been no drive to dump Windows and macOS. An increase in Linux adoption would result in safer computing for everyone because the market loss for Apple and Microsoft would certainly get their attention making their systems more secure.