Tuesday, March 04, 2008
Linux Desktop is not Enterprise Ready
I was ready a posting by industry analyst Stephen O'Grady of Redmonk and figured that I would provide insights into why Linux Desktop is not enterprise ready...
Matt Asay has an interesting opinion on Linux Desktop but has for the most part only talked about it in a consumerish context. In order for Linux Desktop to be enterprise ready, it needs to support the following:
1. Deep support for Active Directory: The notion of managing a set of credentials locally on each desktop simply won't scale in a large environment. Credentials need to be centralized and out of the Fortune 500, 499 have made the desktop credential store Active Directory. NOTE: Sun hasn't yet gotten on the Active Directory bandwagon. Linux needs to support being a full-fledged member of an Active Directory domain and participate in GPO without having to resort to purchasing third-party products.
2. Full Disk Encryption: Companies are losing data left and right and not having the equivalent of Vista's BitLocker means that enterprises who adopt Linux on the desktop have to risk loss of PII and the disclosure that comes with it.
3. Software Installation: Someone needs to come up with an open source equivalent of SMS and Altiris.In most enterprises, users don't actually have rights to install their own software, nor do administrators visit each machine and pay personal attention. The ability to install and manage software from a centralized point of view requires minimally one way to manage packages. Linux community should not have a Debian way of installing software, a Redhat way and so on.
4. Chief Security Architect: We all know how folks throw daggers at Microsoft for their security vulnerabilities but never acknowledge that the reason many of them aren't quickly resolved is that Microsoft has the overhead of attempting to fix security design flaws while also attempting to maintain backward compatibility. Since Linux isn't as pervasively deployed, backward compatibility may be less of an issue and therefore should allow for Linux to become more secure than Microsoft in the future, yet no one in the Linux community is either capitalizing on this nor even responsible for making it happen. In the same way that Microsoft has Michael Howard to ensure that all Microsoft products are moving towards better security, the Linux community needs to hire a chief security architect who has experience in developing software in large enterprises to guide the development of not only Linux itself but also everything else that is part of the distribution.
| | View blog reactionsMatt Asay has an interesting opinion on Linux Desktop but has for the most part only talked about it in a consumerish context. In order for Linux Desktop to be enterprise ready, it needs to support the following:
1. Deep support for Active Directory: The notion of managing a set of credentials locally on each desktop simply won't scale in a large environment. Credentials need to be centralized and out of the Fortune 500, 499 have made the desktop credential store Active Directory. NOTE: Sun hasn't yet gotten on the Active Directory bandwagon. Linux needs to support being a full-fledged member of an Active Directory domain and participate in GPO without having to resort to purchasing third-party products.
2. Full Disk Encryption: Companies are losing data left and right and not having the equivalent of Vista's BitLocker means that enterprises who adopt Linux on the desktop have to risk loss of PII and the disclosure that comes with it.
3. Software Installation: Someone needs to come up with an open source equivalent of SMS and Altiris.In most enterprises, users don't actually have rights to install their own software, nor do administrators visit each machine and pay personal attention. The ability to install and manage software from a centralized point of view requires minimally one way to manage packages. Linux community should not have a Debian way of installing software, a Redhat way and so on.
4. Chief Security Architect: We all know how folks throw daggers at Microsoft for their security vulnerabilities but never acknowledge that the reason many of them aren't quickly resolved is that Microsoft has the overhead of attempting to fix security design flaws while also attempting to maintain backward compatibility. Since Linux isn't as pervasively deployed, backward compatibility may be less of an issue and therefore should allow for Linux to become more secure than Microsoft in the future, yet no one in the Linux community is either capitalizing on this nor even responsible for making it happen. In the same way that Microsoft has Michael Howard to ensure that all Microsoft products are moving towards better security, the Linux community needs to hire a chief security architect who has experience in developing software in large enterprises to guide the development of not only Linux itself but also everything else that is part of the distribution.
