Part of the problem we have with security is architecture. We have a large number of computing devices with capable processors, lots of storage, high-bandwidth network connection, and lousy to decent security profiles. We then load these up with lots of software, each with their own vulnerabilities, and tell system administrators and network managers to keep it all locked down, in compliance and constantly available. Why do keep digging our own graves?

A better solution is on the horizon: virtual PCs running on high-end, centrally managed servers running Web-based applications. We have virutalized systems now with VMWare, Parrallels, and Xen. We even have a wide array of software appliance with complete application stacks for content management, databases, app/web servers, networking, and even security appliances from VMWare's Virtual Appliance Marketplace. These options optimize hardware use while still leaving us the option of running what ever OS we want to use. (I've used VMWare on Windows and I just started testing Parallels on Mac OS X).

When we don't need full blown virutalized PCs, Web operating systems like eyeOS and YouOS might fit the bill. The idea behind these applications is that much of the functionality we need can be made available through a browser. This is obvious now, just look at ThinkFree, Google Docs and Spreadsheets, and Yahoo Widgets, not to mention all the enterprise apps available through browsers.

Some combination of WebOS, browser-based apps and mashups is a better future than another round of massive upgrades, deployment headaches, and OS activation bookkeeping. And, oh yea, it will be easier to secure.