Security: Never mind the products, educate the users

Security experts at the Cebit trade show see informing users as the top priority when it comes to improving IT security

If they could change one thing to improve IT security, the assembled experts on a panel at Cebit would better educate their users.

"Education is important: We're all too naïve," said Eddy Willems, global security officer for G Data Software, speaking in a panel session on security during the Cebit Global Conference, part of the Cebit trade show in Hanover, Germany, on Wednesday.

"People need to take security seriously. We can do a lot at a technological level, but if they choose a weak password, they are at risk," said Joachim Schaper, vice president of research at AGT Germany, which provides physical, as well as IT, security services.

Richard Marko, CEO of ESET, an antivirus software vendor based in Bratislava, Slovakia, would rather users kept their data where his desktop security products can see it: "I wish users would think twice before they decide what it is appropriate to put into the cloud," he said.

However, improved user education can only accomplish so much: IT systems developers also need to make systems simpler to use safely.

"If you want millions of people to use a service, it needs to be easy, without the need for them to install more software," said Georg Rau, senior vice president at Deutsche Post, another panellist.

But the obligation isn't only on customers to learn: it's also on suppliers to inform. Buyers can't make educated decisions about how to set up and run their IT infrastructures unless vendors supply them with the necessary information.

Nowhere is that more the case than in the market for cloud computing services, where vendors vaunt the fact that their customers don't need to know how things work.

"We need transparency from cloud computing providers. We should know how their systems are organized, and we should know about the people they hire," said Natalya Kaspersky, chairperson at Kaspersky Lab.

She wants to see more transparency in such services, and better standards for security practices, so that customers can evaluate service providers.

"If the level of security and transparency is very high, I may be willing to pay more. If I don't care about security, I can pay less. But I should have that choice," she said.

Schaper drew a comparison with the automobile industry, where manufacturers spend millions conducting crash tests to demonstrate the safety of their vehicles. Because the tests are standardized across the industry, the results can be compared: That's important, he said, because safety might be a decision factor when purchasing a car.

While the vendors of IT systems in general, and of security products and services in particular, do conduct tests of their products, these are not always directly comparable, Schaper warned. "If you go to other providers, they might have a different standard," he said. "It still needs a lot of work from vendors to make these tests transparent and standard."

The chairman of the panel session, Martin Gutberlet of analyst firm Gartner, came to the same conclusion.

"There's still a lot of work to do on standards and certification" of security practices, he said.

But, he wondered, "Are we willing to pay for it?"

Peter Sayer covers open source software, European intellectual property legislation and general technology breaking news for IDG News Service. Send comments and news tips to Peter at peter_sayer@idg.com.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags AGT GermanyGartnercebitDeutsche PostsecurityG Data Softwareesetkaspersky lab

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Peter Sayer

IDG News Service
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?