By Filip Cotfas
Since it was launched in 1985, Microsoft Windows has been the dominant operating system for endpoints the world over. And while its popularity has waned in recent years, as macOS pushed into the enterprise and Linux released user-friendlier distributions, it is still a long way from being surpassed by its competition. As of July 2019 in fact, Windows still had a 87.48% market share, according to market share with second place going to macOS with only 9.71%.
Being the most popular operating system in the world today comes with its own distinct set of challenges and myths, especially when it comes to cybersecurity which is often considered its Achilles’s heel. Let’s have a look at some of the most frequent.
The vulnerability of Windows
Windows’s biggest challenge comes from the fact that the most popular OS in the world is also the world’s most attacked operating system, which, given its massive market share, is not surprising. This proliferation of attacks is often misunderstood as a sign of Windows’s vulnerability and that, by using other, less popular operating systems, companies can automatically secure their data.
However, Windows’s popularity also works to its advantage: by being the leading global OS, it offers the widest possible variety of tools for the work place and security solutions for data protection. Companies may in fact feel hard pressed to find as many solutions that address any other OS and that is not because other OS are invulnerable and require fewer security measures, but because developers prefer to focus on products that can reach a wider customer-base than a niche market.
So while Windows is more prone to attacks, with a comprehensive cybersecurity strategy in place, it is not more vulnerable than any other OS. It can be, in fact, much easier to develop best security practices for it and find great data protection solutions at competitive prices because of the availability of a wide range of products developed with Windows in mind.
It is harder to become compliant with Windows
Another myth directly linked to that of Windows’s vulnerability, is a growing concern among companies that Windows is a much tougher system to secure to data protection regulation standards than endpoints running on other OS. This is a mistake stemming from the false belief that unpopular OS will guarantee data protection by the simple fact they are not well enough known to warrant attacks from malicious outsiders.
That however is to take a very narrow view of compliance and the causes for data loss and theft. It completely disregards the human error factor for example which plagues all endpoints regardless of their OS. Therefore, should a disastrous data breach happen for reasons other than a cyberattack and companies would be called forward to prove that they have taken adequate measures to protect their customers’ sensitive data, they would find it difficult to convince an investigation committee that an unpopular OS constitutes one.
The same compliance rules apply to all endpoints, whatever their OS, so companies need to take the same steps to secure their computers whether they are running on Windows, macOS or Linux.
An antivirus and a firewall are all you need
Most of the data breaches making headlines nowadays tend to be the consequences of malicious outsiders which is why many companies focus on protection against cybserattacks in their cybersecurity strategies. And while this is an essential part of any good security framework, it is often not enough because it fails to consider other situations in which data is lost or stolen.
A large number of data breaches occur because of human error which an antivirus is not designed to guard against. A Windows computer can be perfectly protected against outside threats, but it will not stop an employee from accidentally sending sensitive data to the wrong person, posting it online or uploading it on dubious third party cloud services. Antiviruses alone will also not protect data on the move where it is vulnerable to physical theft and suspicious WiFi networks.
It is therefore important that companies remember that data security is a complex issue in today’s increasingly digitized world and they need to add additional layers of protection to their Windows-running computers beyond the classic antivirus and firewall.
Windows has won its place as the world’s premiere operating system for a reason: it is remarkably easy to use and has built a wide range of tools and software that are indispensable in today’s office environment. And while its popularity inevitably attracted the attention of attackers, it also brought a remarkable number of developers to its rescue, building complex defenses to protect it.
It is however important that companies are aware of the threats they face as well as the data protection requirements they must adhere to in their field to ensure that their Windows computers are secure from both outsiders seeking to make a profit and careless employees.
(The author is the Channel Manager, CoSoSys)