Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Windows 8 and Server 2012 require new security skills

SANS Institute : 09 November, 2012  (Technical Article)
IT security professionals will require an update to their skill sets with the introduction of Windows 8 and Microsoft Server 2012 as down-level versions enter period of reduced and withdrawn support
Windows 8 and Server 2012 require new security skills

The arrival of Windows Server 2012 and forthcoming “end of support” for the XP version Microsoft’s desktop operating systems offers a timely reminder for InfoSec professionals to consider the skill sets needed to secure critical systems.

“Lots of marketing hype has been written about Windows 8, but the reality is that few organisations will move to the new OS on non-touch computers,” says Jason Fossen, principal security consultant at Enclave Consulting LLC, published author and a noted public speaker on Microsoft security issues.

“However, Windows Server 2012 is different.  Server 2012 will likely be a very popular OS release and is probably the most secure Microsoft operating system to date.

Fossen is also the sole author of the SANS Institute's week-long Securing Windows course (SEC505) which will be making its European debut at SANS Belgium 2013 in February. Fossen also maintains the Windows day of the Security Essentials course at SANS.

“Security enhancement such as Dynamic Access Control (DAC) and Kerberos armouring are extremely useful, but need to be both understood and deployed in the correct fashion – having good security tools is not enough without the skills to correctly utilise their capability within the environment.”

The SANS instructor has spent several months updating the course syllabus to reflect the arrival of new operating systems but highlight the end of life for previous versions as a much more worrying event.

“Hackers are still actively looking for vulnerabilities within the older operating systems. As of April 2014, Microsoft will no longer release any new security patches for Windows XP,” explains Fossen.  “Roughly half of all business and government computers are still running Windows XP, and the time is running out before XP’s end of life.  XP vulnerabilities published after April of 2014 will be very valuable to hackers and malware designers.”

Fossen stresses that the issue is not the fault of Microsoft, as all operating systems eventually need to be decommissioned, but that organisations often fail to understand the major security risk of waiting till the last moment to migrate.

“As we live within a world where Advanced Persistent Threat malware is now commonplace, unsupported and vulnerable operating systems residing within a seemingly secure environment can become a breeding ground for APT. Organisations need to develop a migration strategy to get off Windows XP before April of 2014, not after.”

The ‘SEC505: Securing Windows and Resisting Malware’ course developed and taught by Fossen will be running at SANS Belgium from February 18th to 23rd at the NH Hotel du Grand Sablon in the heart of Brussels.  SANS is also offering an ‘Early Bird’ discount of up to up to €250 for any full course paid for by January 9th of 2013.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo