Why we banned Windows Vista
link: original article - section: windows
The prestigious National Institute of Standards and Technology has put a ban on Windows Vista, but that's standard procedure, according to NIST's chief information officer.
NIST, which does research and sets standards for things like cryptography for government use, is among several federal agencies that have put a moratorium on the use of Vista. The agencies are taking some time to make sure that the new Microsoft operating system meets their needs.
It is not unusual that large organizations aren't rushing to install major software updates. These organizations tend to do a lot of testing before upgrading. The same happened when Microsoft released Windows XP, and again with Service Pack 2 for Windows XP. Microsoft widely released Vista in late January.
Simon Szykman, chief information officer at NIST, was slightly irked by some of the media reports on his agency's move, which painted the ban as a major slap in Microsoft's face. In fact, Szykman said, this is business as usual. Ultimately, NIST expects many of its PCs will run Vista. Still, Microsoft has predicted a swift adoption of Vista by businesses.
NIST, based in Gaithersburg, Md., employs about 2,900 people and has an additional group of about 1,800 visiting researchers who complement the staff. Szykman spoke with CNET News.com about his organization's plans for Vista.
Q: What is your current position on Windows Vista?
Szykman: Our policy states that we're not allowing users to install or deploy Windows Vista for the time being. We consider this to be an interim policy to give us the time to do the adequate testing of Vista before we deploy it. We don't expect to have any obstacles that would prevent us from eventually deploying Vista.
Does the same go for Office 2007 and Internet Explorer 7?
Szykman: For Office 2007, there is no policy to prevent individual users from purchasing and installing it, but we are not proactively rolling it out. On the issue of Internet Explorer 7, we have advised users not to upgrade to IE7 and are blocking downloads and automatic updates of IE7, again as an interim measure pending interoperability and compatibility testing. It is known that not all Web-based applications that run under IE 6 will function under IE 7, so we need to ensure that our critical business applications work, or are updated if initially they don't work, before deploying it internally.
How long does this process to test typically take?
Szykman: That is hard to say in advance. It can take several months to do all of the various types of testing that are needed. And also depending on what happens, it may be necessary to wait for Microsoft to issue fixes or updates before it is functional enough to use operationally.
What kind of things do you look for?
Szykman: We look at a variety of issues. We look at interoperability testing, whether Vista works well with our existing networks and other machines on the network. We look at application testing, to make sure that the critical business applications that we have will actually run under Vista. We look at the ability for us to adequately secure machines that are running Vista.
We also need to ensure, in addition to the applications, that there are drivers available for legacy equipment that we already have in place. We also need to ensure adequate training of not only the user community but our CIO staff so that we're prepared to respond to various troubleshooting and help requests, and the people here are also trained to do the deployment.
These are the kinds of issues that we need to be concerned with. It's not just having some music-ripping software on a computer that stops working in case of incompatibilities. We have business-critical applications, and if those stop working it gets in the way of doing our job.
Is there anything in particular in Vista that you like?
Szykman: The encryption capabilities that are built into Vista are potentially useful from the perspective of federal government mandates. It is hard to say until we've adequately looked into its functionality and effectiveness, but there is currently a mandate for encryption of certain types of information and the use of encryption on laptops, so that's potentially something that will be helpful.
