Computerworld - We've failed the consumer. When it comes to the lowest common denominator, security is an abject failure.
I say this because, when I was housebound during Virginia's "snowpocalypse," I spent a bunch of hours repairing a Windows PC for a family member, who I will call Alice. Alice is about as tech illiterate as anyone you'll ever meet. She has an out-of-the-box Windows XP system from a popular PC vendor. It's been running for a couple of years, more or less intact. A few months ago, she asked me to set up Skype on the system so that she could talk to family members overseas. Sure thing.
I made sure that it was up to date with patches, service packs and such. It had an antivirus product on it that was free from the cable modem provider. I made Firefox the default browser and Thunderbird the default e-mail client. I figured the machine was relatively safe from many of the nasties that plague the interwebs.
So I put Skype on the system, configured a basic webcam for her and left her to it. What could go wrong?
Well, a few short months later, the PC was running noticeably slower. We're talking boot-up times that can be measured with a sundial. Yes, the trusty but rusty home PC had picked up a cough somewhere in its travels, and it wasn't likely to get any better.
I took a look at the system and sure enough, it was dead. So here it sits in my office while I reload Windows on it. This time, I'm taking things a step further by giving Alice a non-privileged account, ensuring NoScript is installed in Firefox and setting Internet Explorer's default Internet zone security at "High." But I can't help but think I'll be doing this again in a few months' time.
This is not fun, folks. And the only conclusion I can draw is that we've failed.
Alice started using this system with zero knowledge. She simply wanted to webcam with family members. Nonetheless, she ended up picking up all sorts of nasty malware, keyloggers, botnets and so on.
The status quo is simply not a sustainable business model.
I can't help but think back to my December 2009 column where I advocated an "app store" for the common user. Let's revisit that idea just a bit, in the context of a user like Alice.
Consider a home PC (I'll call it a "Lily Pad") for which all the software comes from one place, and whose configuration management is controlled by one central app store (I'll call it the "Mother Ship").
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts