End Users Not the Enemy When It Comes to Security

A group of customers, analysts and journalists at a Dell roundtable say the responsibility for driving data security ultimately falls on the vendors.


Derek Brink was thinking about where he would put his hope when it comes to data security.

It wouldn't be with end users and customers, the Aberdeen Group analyst said, and most enterprises are thinking about growing their businesses and profits and want to ensure that complex security products don't interfere with those efforts. Where Brink is putting his hope is with the vendors, who have the financial and competitive motivation to drive innovation, and the engineers and technical capabilities to make it happen.

And they have a broad view of what's happening in the security segment in particular and in the industry as a whole.

"They have the data," Brink said.

The analyst's comments came at the tail end of a recent far-reaching, 90-minute discussion about security—from the importance of awareness and education among end users and the at-times overwhelming number of threats facing the industry to the desire to go on the offensive against hackers, the need to move beyond passwords and the security challenges presented by the rapidly growing numbers of connected devices that make up the Internet of things (IoT).

More than a dozen analysts, journalists, end users and Dell officials met in a conference room in Boston this week to talk about security, part of Dell's ongoing 1-5-10 Series of discussions that touch upon key issues within the tech industry now and a decade down the road. This was the second such meeting regarding security.

An array of opinions and ideas were tossed around, but a thread that ran throughout the discussion was that while other actors—such as users and businesses—play key roles in combating the increasingly aggressive and sophisticated cyber-criminals who are taking aim at their data, ultimately the responsibility lies with vendors like Dell to ensure the tools are there to address the rapidly changing security challenges.

One thing that was made clear is that users—those people who unwisely open the email attachment or click on the wrong URL—should no longer be used as the scapegoat, to be viewed as the weakest link in the chain. It's incumbent on vendors to make security technology less complex and easier to use.

"The user is not the enemy," said Carrie Gates, senior distinguished engineer and chief scientist for Dell Research, adding that if users do something wrong, it can be seen as an indication that vendors have not done enough to give them the kinds of tools they can easily use. "How do we do security without looking at the users like they're the enemy?"

Businesses themselves are looking for help when it comes to security. The top technology concern among smaller businesses is security, and a key challenge is finding the products that would work best for them, SMB Group analyst Laurie McCabe said. Brett Hansen, executive director of end user computing software product marketing for Dell Endpoint Security, said he hears the same things from Dell customers.

"We know it's a priority," Hansen said customers will tell him. "So what do we do now?"

Dell officials said they understand that security ultimately starts with the vendors, and that they have multiple projects under way to make security easier, more intuitive and more suitable for the current IT landscape. The company over the last several years has aggressively built up its security capabilities—through acquisitions (like SecureWorks, SonicWall and Quest) and internal development—as part of its larger transition from a PC box maker to an enterprise IT solutions and services provider.