Every administrator has his or her preferred type of box, and while most companies today have multiple operating systems, the needs of the organization often make it more appropriate to use one platform over another. This inevitably leads to a comparison of operating systems from a security perspective, with some administrators believing that one platform is inherently more secure than another. If one administrator claims macOS is more secure than Microsoft Windows, and another claims SELinux is better than all of them, who should be believed? Is there an objective answer to the question of which is more secure?
Let's talk about the security provided by different operating systems.
1. Windows is the least secure because of its installation base
Windows is undoubtedly the most attacked of all operating systems because the size of its install base makes it the most effective target for attacks. If you write malware that can run on 88% of your company's machines, you are much more likely to be compromised. While this is statistically true, it doesn't mean that Windows itself is any less secure than other operating systems. You can also argue that the popularity of Windows means that Microsoft has the most experience fighting malware attacks. The real point here is that Windows is more vulnerable to malware, which means you clearly need a good security solution for your endpoint, but this is true no matter what operating system you use.
2. Linux is the most secure because it's open source
We see people arguing about this all the time. The multi-eye security theory is clearly wrong. Reserches have shown that Linux has an under-reported privilege escalation vulnerability that was added to the Linux kernel in 2004. Although the code has been reviewed, nothing has been done to fix it. Similarly, openssl contained the Heartbleed flaw for more than two years before it was finally discovered.
3. MacOS is the most secure thanks to Apple
Apple has managed to position itself well in the public eye as "security-conscious," largely due to the closed nature of its mobile platform, iOS, and some very public battles with the FBI over security and privacy. However, it's unclear to what extent this perception applies to macOS as well. Apple's marketing makes a big deal about "built-in" security, but the truth is that Mac security features like Gatekeeper, XProtect, and MRT are easily circumvented and not very comprehensive. On the other hand, it can be argued that Apple has less experience fighting malware and therefore is not as well trained as Microsoft in building a more rigorous operating system.
4. Linux is the most secure because it is highly configurable.
It is a probability that operating system like SELinux probably can be hardened more in comparison to Windows and MacOS. In spite of this very few companies are deploying SELinux as a desktop operating system for their employees, at least not if they want to do some useful work. That's like saying a safe without a door is the most secure safe you can buy. Yes, but it's also pretty useless. Security and ease of use go hand in hand, and users tend to choose less secure solutions if they have to fight the operating system to get their work done.