Tackling the security issues
- 09 August, 2000 12:37
ARN: There has been a lot of talk in the media about hacking and IT security in general. Do you think end users are really aware of all the security implications?
Perry: What we're [noticing], which is backed up by independent industry analyst research, is that consumers are very aware. That's been borne out by research which shows that over one in 10 e-commerce transactions is abandoned by a consumer because of privacy and security concerns. And that is after they've come to your Web site, and after they have filled up their virtual shopping trolley - they then decide not to do [it]. So whether or not they fully understand all of the security implications, there is certainly [some understanding] and perception. That perception is reality and is causing a bottom-line impact.
So how should the channel go about informing customers about security?
One way is [through] business enablement. Your Resellers would have a lot of customers looking for ways to offer services out across the Internet and a lot of that can't be done without security infrastructure. You've got to have firewalls, you've got to have VPNs, and you've got to have access control and all those kinds of things. So all of those are actually building blocks for creating an e-commerce environment.
How do you see the whole area of security technology developing in the next six to 12 months?
Certainly Internet defence; defending yourself against any kind of attack from the Internet, like a virus, or protection against Java and ActiveX attacks, which you get with content inspection. The firewall market, the VPN market, the intrusion detection market - these areas are hot at the moment . . . because of attacks against high-profile companies back in February which made frontpage news so everyone is thinking about [security]. The other really hot area that is good for the reseller market is in security administration and management. The resellers have a hell of a lot of customers who don't have the skills, bandwidth or the technology to be managing their own security infrastructure, and they're still looking for a lot of help in that area. And that includes risk assessment, which is the services aspect to it.
In an ideal world, how should security fit into the whole IT picture?
The biggest mistake people make is [treating] security [as] an afterthought. It should be something which [is considered] when you sit down and say, "I'm going to build myself an application" - whether that be an Internet application or any other - but particularly if it's an Internet application. People sit down and they say, "Well, what do we need? OK, we need some hardware, we need an operating system, we need a Web server, we need an application, we need a database". And when they think of those things they should also be saying, "And we need security." Security shouldn't be something you think about later.
How does Australia's views of security contrast with others you've come across?
There is a misconception that less attacks are likely to occur here in Australia. But statistically, just as many attacks occur here as in the US. In fact, it's a slightly larger amount when you compare it to the number of domains registered in Australia compared to the ones registered in the US. The figures are very, very close and Australia is in fact . . . one-tenth of a percentage point [ahead]. So that perception [that less attacks occur in Australia] is absolutely wrong. There's no such thing as the safe country. It might be the clever country, but it's not the safe country . . . From all the companies I've spoken to, they're aware of security, but they're looking at it as, "Well, the attacks that we see in the media are people attacking amazon,eBay and eTrade . . . that's US". It might be that the attacks against Australian companies don't make frontpage news. But they still impact the bottom line and there's just as many of them going on here as there are in the US. So never think that just because it's an American company on the front page that it could never be an Australian company on the front page as well.