It's (mostly) not about IT guy not understanding Linux. It's more about Windows allowing centralized control over updates, user authentication, etc. Most Linux users don't patch their desktops promptly, they rarely change passwords, they share users ("just log into my machine with "guest" account), don't bother installing company root certs (so they simply keep on clicking "proceed anyways" when websites fail cert validation, which makes them targets for exploits), etc, creating an breeding ground for malicious software. Windows gives IT centralized control, ability to force patches, unified user authentication (want to give someone else access to you computer, just grant them access, not create a guest_root user and share password).
My company allows people to use Linux. I cringe every time I see people using Linux desktops pre-conditioned to ignore untrusted certs, running Linux distro's from 4 years ago, etc, etc. Can Linux be setup properly, absolutely, the problem is the users do not do that, even when provided with step-by-step instructions from IT - "Here is how you install company root cers". With Windows, IT gets to setup what they need, force configurations, policies, updates, etc and don't have to rely on the every user to do things right. With Linux they have to count on the user to do it right, and not all users will do it right. A secondary problem is the different Linux distros which behave differently ("systemd or no systemd"), endlessly customizable ("what about the guy who built his own Linux distro") - that is a nightmare to support. A homogeneous environment with centralized policy management is much cheaper to secure and support.
It's more about user skill and central management (Score:2)
It's (mostly) not about IT guy not understanding Linux. It's more about Windows allowing centralized control over updates, user authentication, etc. Most Linux users don't patch their desktops promptly, they rarely change passwords, they share users ("just log into my machine with "guest" account), don't bother installing company root certs (so they simply keep on clicking "proceed anyways" when websites fail cert validation, which makes them targets for exploits), etc, creating an breeding ground for malicious software. Windows gives IT centralized control, ability to force patches, unified user authentication (want to give someone else access to you computer, just grant them access, not create a guest_root user and share password).
My company allows people to use Linux. I cringe every time I see people using Linux desktops pre-conditioned to ignore untrusted certs, running Linux distro's from 4 years ago, etc, etc. Can Linux be setup properly, absolutely, the problem is the users do not do that, even when provided with step-by-step instructions from IT - "Here is how you install company root cers". With Windows, IT gets to setup what they need, force configurations, policies, updates, etc and don't have to rely on the every user to do things right. With Linux they have to count on the user to do it right, and not all users will do it right. A secondary problem is the different Linux distros which behave differently ("systemd or no systemd"), endlessly customizable ("what about the guy who built his own Linux distro") - that is a nightmare to support. A homogeneous environment with centralized policy management is much cheaper to secure and support.