Home
 Vendors
 Publications
 Ceritfications
 Associations
 IT Strategy Center
 Open Directory
 Other
Regulatory Resource   Threat Intelligence      Resilient IT      Boardroom Strategies      
Resilient IT / Analytics and ROI

A Blueprint for Managing the Windows Environment

By Tom Schmidt

With the recent release of the new Windows Vista client operating system to enterprise customers, now is an opportune time for IT departments to assess whether they are doing all they can to provide the most complete protection available against risks to security, availability, performance, and compliance.

As today's enterprises know all too well, the complexity and cost of managing Microsoft Windows environments continue to increase. Complicating matters further is the fact that IT staff and resources at most enterprises are limited. The result: Each day, IT departments must struggle to achieve the right balance between satisfying demands for information and ensuring that information is secure and available.

With the recent release of the new Windows Vista client operating system to enterprise customers, now is an opportune time for IT departments to assess whether they are doing all they can to provide the most complete protection available against risks to security, availability, performance, and compliance. This article offers a blueprint for protecting against those risks.

Windows Vista is not a security solution
For enterprises considering the impact of the Windows Vista operating system on their computing environment, there are several basic issues to address. First and foremost, Windows Vista is not a security solution in itself. Microsoft is taking care of the basics by improving the security of its newest operating system, but it is not positioned to address the broader needs of the market. (For example, Windows Vista does not include virus protection.) Simply put, Vista does not provide the full protection that enterprises need.

Why is that? Partly it's because the nature of the threats to the Windows environment has changed. Large Internet worms targeting thousands of users have given way to smaller, more targeted attacks focusing on fraud, data theft, and other criminal activities. The days of Web site defacements and low-level information gathering attacks are long gone. Today enterprises are more likely to see encrypted bot networks, remotely initiated database breaches, sophisticated phishing scams, and customized malicious code targeting specific companies.

Moreover, today's blended threats attack multiple vectors, looking to exploit any means possible to gain access to sensitive information. To combat these new threats, enterprises need multiple layers of protection at the gateway, server, and desktop levels.

At the same time, enterprises face increasing challenges in managing their information systems in today's always-on, connected world. There's intense competitive pressure to provide greater access to information and applications across a growing network of partners, remote employees, and customers. Accomplishing that mission, while continuing to meet business objectives, gets harder every day.

Complete Windows protection
To address these challenges, enterprises require a range of solutions that help them effectively - and affordably - secure their business data, maximize the availability of their systems, protect their key applications, and set and enforce IT policies.

  • Data Data volumes continue to grow at 40% to 60% each year, according to IDC, making it more and more difficult for administrators to back up mission-critical data in acceptable time frames (or within available backup windows). In addition, the need for instant, on-demand data recovery is becoming increasingly vital for business operations. Data security and availability solutions help provide continuous data protection, secure data access, and rapid data recovery. Disk-based data protection, specifically continuous data protection, addresses these issues in a way that eliminates the need for backup windows, allows end users to recover their own data without contacting IT, and delivers an integrated disk-to-disk-to-tape solution.
  • Systems With enterprises having to protect a growing number of mobile users, branch offices, and online transactions, the challenge of managing PCs and servers has become much more complicated. Operating system and hardware upgrades, new security vulnerabilities, and the need to deliver software updates to users across the network make the challenge even more time-consuming and costly. Moreover, system recovery is a long, error-prone task that can leave mission-critical servers offline. System security and availability solutions deliver simplified system administration and protection, providing everything a business needs to help it stay up and running at all times.
  • Applications Email has become a mission-critical application and a main channel for business communications and transactions. It's also a key repository of information and records. As a result, the slightest downtime can disrupt business and even have legal implications. Unfortunately, there are many threats to maintaining messaging system uptime. Spam, worms, and phishing attacks are driving up message volume and exposing Windows-based messaging systems to greater risk of downtime. Application security and availability solutions include security, archiving, storage, and backup products to help ensure the protection and accessibility of email, information, and applications.
  • Policy Protecting business systems means implementing effective IT policies. And in many cases, having strong policies isn't just a smart option-it's a legal obligation. Governance rules and regulations such as the Sarbanes-Oxley Act and the Health Insurance Portability and Accountability Act dictate tough standards for data protection, retention, and privacy. However, setting, enforcing, and reporting on compliance policies can be complicated and costly-unless the right tools are in place. Policy management solutions streamline and automate the creation and enforcement of effective IT policies and compliance procedures that address government regulations and industry standards for data protection.

Conclusion
Today, ensuring the highest level of protection across Windows environments requires a combination of leading technologies and services. That message is especially pertinent now that enterprises are beginning to put Windows Vista through its paces. Enterprises that wish to proactively address the increasingly complex challenges facing IT would do well to adopt a blueprint for protecting data, systems, and applications and enforcing IT policies.

Tom Schmidt writes frequently about information security topics. He has more than 15 years' experience as a writer and editor in high-tech publishing.

IT Strategy Center is a daily editorial resource offering innovative insights and strategies for building an integrated, secure and resilient IT infrastructure.

Articles by Topic
Network and Infrastructure
Analytics and ROI
Strategies
Related Content

Features

View More


Metrics

View More

Fast Fact

Data volumes continue to grow at 40% to 60% each year, making it more and more difficult for administrators to back up mission-critical data in acceptable time frames.

--IDC
Sponsor Tools

Resources

White Papers

View More


Podcast Audio Content

CIO Strategy Center is now available in audio format.

This week's feature topic is:


Cyberthieves Turning to More Invasive Approaches
Playtime: 8 min 53 sec



Download | Subscribe

Copyright © 2008 Studio One Networks. All rights reserved.