Gartner Blog Network

If A Toy Breaks in a Work Forest, Will The Toy Vendor Hear a Noise and Fix It?

by John Pescatore  |  January 20, 2011  |  2 Comments

A good piece in Network World by Ellen Messmer points out one of the major risks of consumerization – consumer-facing vendors tend not to take vulnerabilities in their products as seriously as enterprise vendors. Mattel doesn’t rush out patches for the Barbie PC,  Hasbro isn’t concerned about denial of service risks with the Easy-Bake Oven.

The Network World article talks about a BlackHat presentation where Laurent Oudot, CEO of TEHTRI-Security, talked about finding vulnerabilities in smartphones from Apple, Google, RIM and HTC. Apple and RIM took him seriously and began work on fixes, Google and HTC essentially blew him off.

This is sort of a Rorschach test that shows RIM has been enterprise-focused since day one, and Apple has made progress in thinking about enterprise needs, while Google and HTC are still consumer-focused. This pretty much echoes Gartner’s evaluation of the security of those products.

Of course, other Gartner research shows Droid phones selling like hotcakes – so, it also points out that the consumer market does not see security as a feature, so vendors who succeed in consumer markets will not emphasize security until consumers do, which will not happen until after bad things happen. In the consumer market, everyone rushes to buy generators after the power outage, the don’t have continuity plans to assure availability.

To illustrate:

Consumer Grade Isn’t Enterprise Class


John Pescatore
VP Distinguished Analyst
11 years at Gartner
32 years IT industry

John Pescatore is a vice president and research fellow in Gartner Research. Mr. Pescatore has 32 years of experience in computer, network and information security. Prior to joining Gartner, Mr. Pescatore was senior consultant for Entrust Technologies and Trusted Information Systems… Read Full Bio

Thoughts on If A Toy Breaks in a Work Forest, Will The Toy Vendor Hear a Noise and Fix It?

  1. Robert Borochoff says:

    A colleague suggested this addition:
    Consumer Product: Can abandon for the next great thing.
    Enterprise: Migration path is required.

  2. Great point – this is one reason why IE6 is still in use in so many businesses…

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.