Over the course of this year, the biggest change in my IT environment has been more frequent updates to system software. Not only have there been a larger number of critical software updates, but Ive also been much more inclined to find and apply them quickly.
My growing acceptance of these patches is driven by two factors: the more rapid spread and greater malevolence of malware and my growing use of technology diversity to put my eggs in more than one basket. Ive gone to new lengths this year to have not just backup systems but actual alternative systems with few shared failure modes. The result is that Im less exposed to downtime because of any single mishap during a system update or any single success that an attacker might have in exploiting a system loophole. I urge you to consider the diversification of your own technology portfolio as a defense against the twin threats of accident and malice.
Some diversity strategies are the residue of inertia. For example, I know people who still use Netscape Navigator 4.5, accepting the occasional nuisance of Web content that they cant use in return for being ignored by new attacks. Personally, I had the gloomy satisfaction this summer of telling our long-suffering sysadmin that no matter what his log might say about my systems behavior, there was no way that it could be infected by the Blaster worm because I was using a Windows 98 laptop and Blaster could not affect it.
I wont attempt to turn this into an argument for keeping Windows 98 on corporate desktops, though, because Win 9x doesnt need the help of a worm or other malware to become a fragile and unreliable way to do ones work. When I think about how well Ive learned to watch on-screen alerts of low resource levels on the several 9x machines that I still regularly use, I realize that tools like Symantecs Norton System Doctor are at least as much a symptom as a cure. I dont really want an excellent resource-pool monitor; I want a rock-solid operating system that runs whatever I can throw at it, subject only to gross limitations on memory, CPU speed and disk space.
My more forward-looking diversity strategy, therefore, relies on Apples Mac OS X. Linux, of course, is a suitable and even more cost-effective alternative in many settings. Im not going to urge people to leave Windows completely behind. There are those who argue that 98 percent of what people do on Windows they can do at least as well or better on OS X or Linux, but I could just as well point out that the universe is 98 percent hydrogen and helium—and Im rather fond of the other 2 percent. Custom applications play the same critical role in the universe of IT, and many people cant simply decide to get along without them.
But having an OS X system close at hand, and on any given day as likely as not to be my primary workstation, gives me an alternate universe to which I can escape if the other one implodes. If something takes down Windows, theres OS X; if something threatens Mozilla, theres Opera; if my laptops hard disk crashes, the really important stuff is on my mail server, where I mailed myself a backup copy, and also on an external FireWire hard drive where my backups are equally accessible to both Windows and Mac OS machines. My work product files are invariably produced and stored in formats that I can use with either system.
At the end of this year, therefore, I feel greater confidence that Ill be able to get my work done, even if I do get mugged by a misbegotten operating system update or if theres a significant new security alert in my in-box at 3 a.m.
I hear rumblings from eWEEK readers that suggest Im not alone in wanting diversity—rather than mere redundancy—in my systems. Some benefits are operational: less risk of catastrophic downtime. Some benefits are commercial: Competition keeps vendors on their toes. Some benefits are intangible: Seeing more than one way to do things keeps an IT department thinking creatively.
The technologies are there, and the circumstances compelling, for you to enjoy all these benefits in 2004.
Technology Editor Peter Coffees e-mail address is [email protected].