A good piece in Network World by Ellen Messmer points out one of the major risks of consumerization – consumer-facing vendors tend not to take vulnerabilities in their products as seriously as enterprise vendors. Mattel doesn’t rush out patches for the Barbie PC, Hasbro isn’t concerned about denial of service risks with the Easy-Bake Oven.
The Network World article talks about a BlackHat presentation where Laurent Oudot, CEO of TEHTRI-Security, talked about finding vulnerabilities in smartphones from Apple, Google, RIM and HTC. Apple and RIM took him seriously and began work on fixes, Google and HTC essentially blew him off.
This is sort of a Rorschach test that shows RIM has been enterprise-focused since day one, and Apple has made progress in thinking about enterprise needs, while Google and HTC are still consumer-focused. This pretty much echoes Gartner’s evaluation of the security of those products.
Of course, other Gartner research shows Droid phones selling like hotcakes – so, it also points out that the consumer market does not see security as a feature, so vendors who succeed in consumer markets will not emphasize security until consumers do, which will not happen until after bad things happen. In the consumer market, everyone rushes to buy generators after the power outage, the don’t have continuity plans to assure availability.
View Free, Relevant Gartner Research
Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.Read Free Gartner Research
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.