Is security vendor lock-in harming the industry?

Powered by SC Magazine

Schneier: Vendors in a race to the bottom.

The information security industry is losing out from a war between vendors, according to Bruce Schneier.

BT’s chief security officer, also a renowned cryptographer and security commentator, said expensive and well-designed security products were being killed off by dud “lemon” copycat technologies.

Others had revenue sapped by “parasites” that produce initially inferior but much cheaper products.

In this war of vendors, customers were being forced into lock-in environments in which the cost of switching to a competitor was designed to be exorbitant.

“If you drink a Coke today, you can drink a Pepsi tomorrow - the cost [of switching] is zero,” Schneier said, adding that by comparison swapping security solutions can be expensive.

Citing a US economist, he said the “net present value of an IT company equals its switching costs”.

He added that the “higher your switching cost is, the less you need to care about customers”.

Tenable Security chief security officer Marcus Ranum said he would love to get rid of his Windows machines but can’t justify replacing about $3000 worth of kit invested in the platform, including 8TB of photos stored on a Windows formatted drive.

He said switching costs will become onerous in cloud computing if customers need to buy additional services and later choose to move to another provider.

“Organisations are doing incredibly dumb things – they are moving all of their stuff out to Amazon and then firing the guy in house who manages the RAID array.”

Meanwhile US Government agencies had lost their most “technically savvy staff” to lucrative contract work.

“The people left in the US Government just know how to run PowerPoint and write proposals for contractors,” Ranum said. “How do you come back from that?”

Ranum takes an all-in approach to cloud computing: Organisations willing to commit can make savings and gain leverage if they outsource sales, human resources and the IT shop.

But those that “think they will continue business using cloud computing as they do it now will find they still have the burden of an IT department – but one that will suck”, he told SC.

Copyright © SC Magazine, Australia

Is security vendor lock-in harming the industry?
Top Stories
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
Sign up to receive iTnews email bulletins
Latest Comments
What is delaying adoption of public cloud in your organisation?

   |   View results
Lock-in concerns
Application integration concerns
Security and compliance concerns
Unreliable network infrastructure
Data sovereignty concerns
Lack of stakeholder support
Protecting on-premise IT jobs
Difficulty transitioning CapEx budget into OpEx