Feeds

Security suppliers compared to dodgy car mechanics

Wide boys and clueless vendors contribute to 30% security overspend

  • alert
  • submit to reddit

Top 5 reasons to deploy VMware with Tegile

Many anxious users are being duped by unscrupulous or clueless suppliers into buying security products they don't need.

That's the view of security consultancy MIS Corporate Defence, which reckons almost 30 per cent of current security spend in Europe is misplaced or wasted on ad-hoc purchases.

The average security breach costs companies an estimated £16,000 and MIS is quick to stress the need for basic security precautions, which some firms only make after they've been hit. The problem is that unless end users have a basic understanding of security, which means better education, they might misplace their trust in vendors, who might not always have their best interests at heart.

Mark Read, a professional services consultant at MIS Corporate Defence, said that talking to a security vendor was much like talking to a car mechanic.

"If people don't understand how a car works, it's much easier to sell them things that they don't need. The same is true of security," Read told us.

Users should seek to get a clear business reason why they need a piece of technology, Read advises. Bad advice does not always stem from avarice - lack of knowledge about appropriate solutions from suppliers "who have jumped on the security bandwagon" can also lead to problems.

As an example of the kind of security "overkill" MIS is cautioning against, Read reports instances when he discovered the internet connection of a two user branch office was protected by an enterprise class Cisco PIX firewall.

MIS analysis is partially backed up by research by Datamonitor, which discovered that 80 per cent of firewalls fail to perform the task for which they were purchased, primarily due to poor configuration and a lack of advice from suppliers.

Intrusion detection technology was another area where end users can end up with a system that fails to match their requirements, but the issue goes over the whole range of security spending, according to MIS. ®

Secure remote control for conventional and virtual desktops

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.