On the one hand, the Windows operating system can be set to use auto-update. Microsoft can push out critical patches for the operating system to keep the Windows system secure. This same technology can be used to patch Microsoft applications such as Internet Explorer, Outlook, etc. They could also push out patches and updates for their firewall and antivirus products as well so that the home user would have an automatic, one-stop shopping means of keeping their system safe and secure.
Seems simple enough- but this solution has some pitfalls. For starters the patches and updates from Microsoft sometimes do more harm than good. Microsoft tests their patches and updates and does what they can to ensure they work, but every once in awhile the patch can actually cause more problems than it fixes due to a programming error or something missed during testing.
Even if the patches and updates work flawlessly though, the user still needs to have some basic knowledge of the security risks and the capabilities and limitations of the security tools bundled with the operating system. Even if the operating system vendor has included the basic elements of security if the user wants to share the Internet with the rest of the community they need to be responsible enough to know the risks and how to use the security products. They can not hide behind a false sense of security or assume that the responsibility is now on the vendor.
Lets conclude with an example that ties back to one of the other “tools” used by your average person- the car. In the case of the car there are certain basic security functions that are included. All cars come complete with brakes, seat belts and turn signals. In order for the highway to function smoothly it is important that all drivers are familiar with these devices and how to use them. If they don’t brake when they need to stop or signal when they want to switch lanes the consequences fall on them- not the manufacturer of the car.
The information highway is no different. Every user of the highway (Internet) has a responsibility to be familiar with the basic security precautions and how to use the tools necessary to exercise them. The vendors of the various operating systems and applications might include tools that can be used to help them, but in the end it is still up to the user to be familiar with the tools and know how and when to use them.
You have to take a test to prove you are capable of driving safely on the highway and it is illegal to do so without a license. Perhaps there should be a test for users to prove they have the basic skills and knowledge to safely and responsibly share the information highway as well? Maybe that would help to ensure there aren’t 17.4 million (and counting) unprotected, insecure machines out there waiting to be used in distributed denial-of-service (DDoS) attacks or proliferating the next big virus or worm.
To learn more about basic security concepts, you can read these other articles or sign up for the free eCourse classes below:
Basic Computer Security:
Free eCourse Classes:
