This eWeek story, which focuses on a survey performed by Amplitude Research for VanDyke Software, suggests that Microsoft is convincing folks that the Vista operating system is secure. In doing so, the company is going a long way toward shedding its image as a security laggard.
According to the survey, the dominant reason people give for choosing Vista is to upgrade their security. Of these security-conscious folks, 52.3 percent point to Vista's improved firewall and anti-spyware functionality as the main attractions.
It makes sense that firewalls and anti-spyware provisions appeal the most, since these protect against what are perceived to be the main threats to enterprises. What is a bit more interesting is that about 14 percent tabbed User Account Control (UAC) as the reason they moved to Vista. UAC is a function that asks for permission to run code that it judges could be a security risk.
UAC is considered by many to be overly intrusive. That has a rock-and-a-hard place element to it, however, since disabling it makes the environment less secure.
Much of the coverage of the survey and UAC points to the key difference between a security function and a boundary. A function is something that tends to improve security without being an impervious barrier, such as a firewall. As such, UAC can be beaten or circumvented by social engineering attacks. Regardless of this drawback, UAC scored well in the survey.
It seems that, a few months into the Vista era, much of the edge is off the anti-Microsoft bluster in the security community. We don't seem to read as many shrill articles and blog posts connecting Microsoft with the fall of Western civilization. http://www.itbusinessedge.com/item/?ci=24657
While it still is possible for people to debate the relative security merits of Vista and other operating systems, it is becoming increasingly difficult to say that Microsoft doesn't get it.
Whether it suddenly became engaged due to a desire to do the right thing or a good old-fashioned threat to its profitability seems immaterial to us. While it's fun to have a company to kick around, even Microsoft's biggest detractors must recognize that better security from Redmond is a good thing for everybody.