For example, use open source more. Minimize the amount of data and information you have that needs to be closed source.
Avoid Windows. Use Gmail over Outlook. Have offline backups with sneakernet disaster planning. Get a cheap safety deposit box for storing keys. Use 2FA. There are lots of free/low cost ways to have better security.
AFAIK, Gmail has suffered on the order of 100x+ fewer security incidents than Outlook. However, I am unclear on the distinction between cloud Outlook and the Exchange/Outlook combo. So me saying "Outlook" may be a mistake, and the correct term may be Exchange.
It’s not 2001 anymore. You can have both secure windows and Linux infrastructure.
Telling people to just use Linux as a remedy doesn’t help. If you don’t invest into securing your Windows infra, your Linux infra will be also full of holes.
In 2016, while I was still working at Microsoft, they gave us cloud engineers a separate laptop for accessing customer data (they called them SAWS, for Secure Access Workstation), because they decided that our normal everyday Windows 10 machines with root privileges could not be trusted. This was in 2016, not 2001.
I do not think you can have secure Windows infrastructure today. In the future, a few years after it's fully open source, perhaps.
This sounds more like a policy decision. Any serious company is heavily limiting how customer data is accessed. Lots of them have special rooms, with heavy physical security, where you cannot even bring electronic watch, not even talking about your work phone or normal work laptop. And those companies often run on Linux.
Open source doesn’t make stuff magically secure. Remember heartbleed? Or how easy it’s was proven (by sketchy research, sure, but that’s secondary point) to bring malicious code into THE open source project, Linux kernel?
Believing that by simply using open source you have secure infra, and that by using Windows is naive view by people who never seriously worked on security for big companies.
I say all of that as a heavy Linux supporter. Linux is better, yes. But it’s not a magic bullet. I’ve worked in Windows shops that had extremely good security, and Linux shops that could’ve been hacked by someone after one day classes of how to be a hacker.
I would say invest more thought, less money.
For example, use open source more. Minimize the amount of data and information you have that needs to be closed source.
Avoid Windows. Use Gmail over Outlook. Have offline backups with sneakernet disaster planning. Get a cheap safety deposit box for storing keys. Use 2FA. There are lots of free/low cost ways to have better security.