News broke earlier that the UK Department of Health and Social Care has announced that it will transition all National Health Service (NHS) computer systems to Windows 10. Officials cited the operating system’s more advanced security features as the primary reason for upgrading current systems, such as the SmartScreen technology included with Microsoft Edge (a Google Safe Browsing-like system) and Windows Defender, Microsoft’s sneakily good antivirus product. IT security experts commented below.
Mark James, Security Specialist at ESET:
“The benefits of Windows 10 over 7 (and XP) are huge, especially the browser, but we must remember it’s not just the desktop platform, there are many devices within the NHS ecosystem that will require upgrading. The positive side is the ability to keep the OS regularly updated moving forward. Windows 10 is the easiest way to do this to date and has many features that will help protect this delicate environment.
Any move towards a greater level of security has to be embraced with open arms. However, it won’t be easy, it will come with its fair share of snags and issues but as with most improvements it will be better going forward.
IT security is made up of many factors, a multi-layered approach is the only way forward and it appears a good start in getting it right. Education, knowledge, hardware and software all make up the many faceted edges needed to protect NHS data safe from the never ending onslaught from bad actors.”
Andy Norton, Director of Threat Intelligence at Lastline:
“The NHS is signalling that an inherently more secure operating system is less risk than a less secure O/S, running next generation endpoint security. Of course it does not address the problem of legacy apps that won’t run on windows 10. Nor does it solve the user case of WannaCry; Windows 10 was still vulnerable. Other than giving Microsoft 150 million, I don’t think this will result any other significant change.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.