Windows 7 Security: Perception vs. Reality
Created: 08 Mar 2010 • Updated: 11 Mar 2010
It is funny how history repeats itself over and over again. A new “secure” operating system comes out and people think they don’t need to use an endpoint security solution for protection against malware. For Mac’s we have heard it for years and now with Windows 7—since it looks like it is more secure than earlier versions from Microsoft—the same rumor spreading. Well, looks can be deceiving, and when it comes to the security of your PC, and those deceiving looks can be dangerous.
I saw some not so surprising results from our survey, “Symantec’s 2010 State of Enterprise Security,” which supported the anecdotal information. Seventy-three percent of the people taking the survey reported that they believe Windows 7 will either significantly improve or somewhat improve endpoint security. This concerns me because they are the people who are now getting infected by malware since they will probably loosen up the security posture on their systems. Since Windows 7 has been released, Microsoft has released fixes and patches for 25 vulnerabilities and I imagine that you would expect there to be more in the future.
Windows 7 is Microsoft’s most secure (and from customer feedback most stable) operating system yet, which is a convincing reason to upgrade. However, no OS can be completely secure against attacks on its own. Today’s hackers are more sophisticated and today’s businesses more susceptible to Web-based viruses and malicious code that are using social engineering techniques to propagate.
The sheer number of threats appearing each year is absolutely mind-boggling. While Symantec predicted the accelerating trend, to see it come to life is a bit frightening. According to the Internet Security Threat Report XIV we released, Symantec detected more than 1.6 million new malicious threats worldwide in 2008 alone. This increase combined with the continued trend toward Web-based attacks reinforces the growing need for cooperative security responses. To be truly protected against today's increasingly complex and organized cyber attacks, your business must employ a comprehensive, integrated security solution that provides multiple layers of protection. I don’t see how anyone these days can use technology created years ago when we only had to worry about a few threats each day, or depend only on a basic level of protection built into an operating system.
Although Windows 7 is a more secure operating system, the reality is that any operating system is still susceptible to threats and isn’t secure enough on its own. So, rather than assuming Windows 7 is “secure enough,” it’s important for businesses to understand the risks they face and secure their systems with the appropriate security software.