The main problem with this type of configuration, though, is that it introduces a serious amount of additional administrative overhead. Taking the example of a Linux Web server and a Windows domain, your IT department would need the skills to configure, maintain and support both Linux and Microsoft systems. You would need an increased staff in order to achieve this, obviously adding to your overall IT costs. Running a heterogeneous system will also increase the overall complexity of your network, which in turn increases the risk of errors or inadvertent data security breaches caused by the diverse systems and components.
There are other practical limitations, too. Not all software programs will be available in every OS version, so you may have to run completely different antispyware programs, for example, with each operating system. This further increases your administrative overhead. You mention using a different platform for development than for other infrastructure operations. Your development environment should certainly be kept separate from your day-to-day network operations, but by developing applications on a different platform altogether, you could end up with increased development costs and deployment issues.
Dig Deeper on Web application and API security best practices
Related Q&A from Michael Cobb
By performing ongoing risk assessments, organizations can keep their SSH vulnerabilities at a minimum and ensure their remote access foundation is ... Continue Reading
Sending sensitive information in attachments is inherently unsafe, and the main way to secure them -- encryption -- can be implemented inconsistently... Continue Reading
Spyware can steal mundane information, track a user's every move and everything in between. Read up on the types of spyware and how to best fix ... Continue Reading