John Pescatore

A member of the Gartner Blog Network

John Pescatore
VP Distinguished Analyst
11 years at Gartner
32 years IT industry

John Pescatore is a vice president and research fellow in Gartner Research. Mr. Pescatore has 32 years of experience in computer, network and information security. Prior to joining Gartner, Mr. Pescatore was senior consultant for Entrust Technologies and Trusted Information Systems… Read Full Bio

Coverage Areas:

If A Toy Breaks in a Work Forest, Will The Toy Vendor Hear a Noise and Fix It?

by John Pescatore  |  January 20, 2011  |  2 Comments

A good piece in Network World by Ellen Messmer points out one of the major risks of consumerization – consumer-facing vendors tend not to take vulnerabilities in their products as seriously as enterprise vendors. Mattel doesn’t rush out patches for the Barbie PC,  Hasbro isn’t concerned about denial of service risks with the Easy-Bake Oven.

The Network World article talks about a BlackHat presentation where Laurent Oudot, CEO of TEHTRI-Security, talked about finding vulnerabilities in smartphones from Apple, Google, RIM and HTC. Apple and RIM took him seriously and began work on fixes, Google and HTC essentially blew him off.

This is sort of a Rorschach test that shows RIM has been enterprise-focused since day one, and Apple has made progress in thinking about enterprise needs, while Google and HTC are still consumer-focused. This pretty much echoes Gartner’s evaluation of the security of those products.

Of course, other Gartner research shows Droid phones selling like hotcakes – so, it also points out that the consumer market does not see security as a feature, so vendors who succeed in consumer markets will not emphasize security until consumers do, which will not happen until after bad things happen. In the consumer market, everyone rushes to buy generators after the power outage, the don’t have continuity plans to assure availability.

To illustrate:

Consumer Grade Isn’t Enterprise Class


Category: Uncategorized     Tags:

2 responses so far ↓

  • 1 Robert Borochoff   January 20, 2011 at 11:26 am

    A colleague suggested this addition:
    Consumer Product: Can abandon for the next great thing.
    Enterprise: Migration path is required.

  • 2 John Pescatore   January 20, 2011 at 4:07 pm

    Great point – this is one reason why IE6 is still in use in so many businesses…

Leave a Comment