% fortune -ae paul murphy

The risk Driver

An NCIS episode from a couple of weeks ago featured "new girl" -whatever her name is on the show- having a problem with a desktop PC and muttering darkly that this kind of thing didn't happen at Mossad because they used Macs. Last week's episode revolved on some high security project in which the bad guys stole code from, and uploaded a virus to, an office network by accessing a desktop computer.

I've no idea whether Mossad uses Macs or not, but no high security project in the world uses PCs and uploading a virus to a Solaris server from a Sun Ray just isn't possible without sysadmin co-operation.

Now, of course, you wouldn't expect entertainment producers to know better, but how about the people in financial analysis and investment banking? As the number of new compliance rules continues to explode - the EU currently has about 30 new rule sets scheduled to go into effect over the next two years - and as penalties for things like leaking confidential trading information start to acquire the headline reality of jail sentences in the US and elsewhere, I think we can expect these people to focus increasingly on the trustworthiness, or otherwise, of their computer systems.

All Windows hype to the contrary, I think this spells the end for client-server and 3-tier architectures in financial data processing - just as it already has in national security related work.

To see what I mean imagine that you're at dinner with the two senior partners to whom you report as the CIO at a Boston area investment banking firm. One of them asks you:

We're increasingly concerned about managing both our own and our customer's computing risk. Will Microsoft's next generation products let us continue with PC desktops, or should we bite the bullet and look at something like the Sun Ray now?

Think about it: get it wrong and you not only lose your job, you have a good chance of going to jail.

Paul Murphy wrote and published The Unix Guide to Defenestration. Murphy is a 25-year veteran of the I.T. consulting industry, specializing in Unix and Unix-related management issues.