If every car in your neighborhood that gets broken into is manufactured by Ford, but some people keep saying that their sneakers never get broken into, why don't you just walk everywhere, also they've never driven a car and don't really believe anyone else drives a car and keep implying it's just a status symbol...
and then they say "okay what if we consider everyone's sneakers all together, and how rarely they get stolen compared to cars" as if they've come up with a sensible comparison in complexity...
and then someone suggests "RedHat Linux" as an alternative to your car. Apparently they don't know what section of the world a car fits into, to suggest an alternative - but they're still convinced that you don't need a car and they are genuinely puzzled why more people aren't using "RedHat Linux" instead of cars...
... also only Ford make cars and the only real alternative is something completely different and then pay consultants to customise it and retrain your entire workforce at great cost and upheaval for little to no return, except hoping for an increase in security but not being able to prove same, or even clearly nail down what that means precisely.
One should be wary of anyone selling you a solution to your problems they know nothing about. Naturally, the only way to be entirely secure is to shutdown all the applications and decommission all the computers, a solution which the business side tends to finds unreasonable. Thus the tender balance between business needs and business risk emerges as the deciding principle.
But the numbers are the numbers in heterogenous environments, regarding security problems by platform. And if it rains perpetual Windows-based incidents on your security staff, and you don't consider the numbers when evaluating what you will and will not do, compute/services-wise, then you are statistically likely to see the same rate of incidents, at whatever cost that comes to the business, indefinitely.
> "a solution which the business side tends to finds unreasonable"
Isn't it odd that "unreasonable" solutions keep being suggested in threads started by people who first push Linux, and second ask what the thing even does anyway.
> "Thus the tender balance between business needs and business risk emerges as the deciding principle."
There is no tender balance and this is nothing like the deciding principle, and again it's illustrative that in a world where big organizations turn to poor quality software with poor UX for reasons like "nobody got fired for buying IBM" and "I look good on the Gartner report" and "the vendor will bend over backwards to make our auditors and legal team approve it" that Linux people go for the only thing they have going and try to suggest it's the most important thing, even though it's demonstrably an afterthought or a never-thought.
> "you are statistically likely to see the same rate of incidents, at whatever cost that comes to the business, indefinitely."
And you see this happening for literally 30 years and the "whatever cost" being written off as a business expense that has never changed anything, but you still call it "the deciding principle" when the evidence shows that the decision makers barel consider this at all?
So now you've changed your position, what happens to your original claim "If every car in your neighborhood that gets broken into is manufactured by a single manufacturer, it is in your interest in asking why that is, and perhaps considering that fact when shopping for a new car."
Why would that need to be said at all, if businesses are using security as A [prominent] deciding factor already?
My reply "businesses are visibly not using it as a deciding factor" still seems correct.
and then they say "okay what if we consider everyone's sneakers all together, and how rarely they get stolen compared to cars" as if they've come up with a sensible comparison in complexity...
and then someone suggests "RedHat Linux" as an alternative to your car. Apparently they don't know what section of the world a car fits into, to suggest an alternative - but they're still convinced that you don't need a car and they are genuinely puzzled why more people aren't using "RedHat Linux" instead of cars...
... also only Ford make cars and the only real alternative is something completely different and then pay consultants to customise it and retrain your entire workforce at great cost and upheaval for little to no return, except hoping for an increase in security but not being able to prove same, or even clearly nail down what that means precisely.