IT Buyers Need New Purchasing Model
The hacking of Paris Hilton's T-Mobile phone records may prove a watershed moment in promoting IT buyers' security awareness and elevating their information security expectations.The IT industry has spawned more than its share of celebrity executives. Now IT has borrowed a celebrity from the world of entertainment, heiress and socialite Paris Hilton, for marquee value in the battle to secure online systems. Most of the world knows that Hiltons smart-phone address book contents were posted on the Internet. As yet, no one has determined whether the leak came from cracking a smart phones device-resident storage, perhaps by exploiting its Bluetooth capabilities, or from accessing Hiltons records in the T-Mobile database. To Hilton and her inconvenienced coterie of contacts, it hardly matters.
Indeed, in a service-based model of IT, there should be no distinction between the vulnerability of an endpoint devicea productand the vulnerability of a serverthat is, the nexus of a service. The PC industry has set an unfortunate precedent with the notion that anti-virus, firewall and connection-monitoring utilities are aftermarket products to be chosen, installed and configured by the user. Its high time that this precedent be overturned. ISPs and other interested parties should accept and even promote their role in end-to-end assurance. AOL has set a good example with its promotion of anti-virus and anti-spyware technology, but theres room for much more: The utility computing advocates at IBM and Sun, and the transaction-oriented powers of eBay, Amazon.com, Charles Schwab and the like, should change their terms of service to take responsibility for security.