February 10th, 2004, 07:37 AM
MS server products will reach industry security standards by 2005: Gartner
Read this latest findings from Gartner.....
I dont know how much of it is really true or genuine but it is intresting to read some facts as mentioned in the article....
Tech research company Gartner is predicting that by 2005, Microsoft's server software products will be at, or above, the industry security average.
The prediction came in one of four commentaries issued by Gartner as a special report in which the research firm analysed Microsoft's licensing practices, security efforts, and plans for Longhorn (the next version of Windows) and Yukon (the next version of SQL Server).
Researcher John Pescatore said the prediction, which was rated as a 0.7 probability, was based on Microsoft's internal actions and product track record during the second half of 2003.
"Progress is further away on the desktop, but the market likely has driven Microsoft to take desktop security more seriously. To validate this assumption, Microsoft should provide a Windows 2000 security upgrade that incorporates the improvements it is developing for Windows XP Service Pack 2," Pescatore said.
He said that despite a few vulnerabilities being found in Windows Server 2003, its security track record, security features and default configurations showed significant security progress by Microsoft.
However, Pescatore noted that there were areas of concern - the tendency during the year past to try and shift the focus from the vulnerabilities in its products to the actions of those who exposed the flaws and the commissioning of white papers to convince industry that Windows was secure.
A security update for Windows 2000 was a must. "Microsoft has not committed to providing Windows 2000 desktop security improvements in addition to Windows XP Service Pack 2. Gartner estimates that through the second half of 2004, 40 percent of corporate desktops will run Windows 2000. Given Microsoft's dominance in the desktop market, it should demonstrate its commitment to being a security leader by providing a security update to Windows 2000, even at this late stage of the product's life cycle," Pescatore wrote.
The commentary said that although businesses would still need to invest in managing vulnerabilities, by the end of 2005, Windows servers and Unix- or Linux-based servers would come in about equal on security costs.
"On the desktop, Windows XP Service Pack 2 will provide evolutionary security improvements in Windows desktop security. However, revolutionary improvements will occur only with the release of Longhorn," the commentary said.