The Security Model So, how
secure is the OS that you’re using? There are several indicators of secure
systems such as restricted access to the shell (Desktop), required logon IDs,
internal security tools that can be used to implement tighter security, and the
ability to manage and control passwords. Additionally, NCSC (National Computer
Security Center), a branch of the NSA, publishes the Orange Book, which
specifies security attributes for various security levels. WinNT 4.0 Workstation
and Server has a C2 rating, which is among the highest that can be achieved by a
generally available OS.
WinNT and Win2000 are the most secure OSes we’ve discussed. By using the tools inherent in these two OSes, users can secure the resources on their local computer in a fairly straightforward manner.
Win3.x and DOS are the least secure OSes. There is little inherent ability to secure resources on computers running either OS, and the authentication methods used are either clear text or are easily cracked. DOS and Win3.x also suffer from their lack of support for newer software and hardware.
In the middle of the security model, you find Win9x systems. These ship with very open security, which must be tightened to gain any security benefit.
Computer system security is a constantly changing environment. As soon as new methods are introduced, people work to figure out how to defeat them. It is important to keep up to date on the security issues that we face in our respective environments. Just think about how much personal data you keep on your computer and how much of it would make you uncomfortable if it were made public.
This scenario is unpleasant, but unfortunately not far-fetched. By taking a little time, you can create a more secure computing environment for yourself. The tools outlined for use are available in the their respective OSes, and the average user can implement them to alleviate many of the security problems we face.