Excessive security is holding back ecommerce, according to the security arm of a firm which not so long ago became centre of a high profile security breach itself.

Evidian, a subsidiary of Groupe Bull, has completed a survey of 40 blue chip companies and found that two in five of them think complicated security is "the most irritating aspect of conducting business online".

There's some truth in Evidian's conclusion that you can go overboard with security and make systems too hard to use. Security should be implemented so that it doesn't impose itself on users, who being human beings will work out ways around security checks if they become too irritating.

It is possible to set up security systems that are effective but don't interfere with business processes, however taking lectures on the subject from a Bull subsidiary is a bit rum given the parent firm's own recent record.

Last August, Bull had to mount an internal investigation after confidential customer data was left on a French Web server in plain view sans password or cryptographic protection. Customers reportedly affected included Royal Air Force, Barclays and France Telecom.

At least Bull can argue truthfully, unlike most firms in the IT industry, that it practices what it preaches... ®