Innovation In Security: It's All About Trust
from the who-do-you-trust? dept
This post is part of an Intel-sponsored series of posts we’ll be doing here at Techdirt on the topic of innovation. Posts in the series consist of a video interview of myself (which you’ll see below), the post, and another video interview with an Intel representative and others. That second video, obviously, is content from Intel, but my video and what I’ve written here was done with complete and total editorial independence. We hope you enjoy the content and take part in the overall discussion, either via the comments or through the interactive ad unit to the right of the post.
Security is a touchy subject, these days. There’s a fine line between legitimate security concerns and blatant fear mongering, but there’s no doubt that security, in general, is an important subject. One key point that I think too often gets lost in the discussions around security is the question of trust. First up: the short video of me discussion a bit about security today:
Of course, there are also different factors at play here. If you do it yourself, you’re likely a smaller target than a larger cloud provider, but that doesn’t mean you’re not a target. As the video below notes, you either you know you’ve been attacked, or you’ve been attacked and you just don’t know it. Point being: everyone’s a security target. Relying on the fact that you’re not big enough to be a target is a naive game to play. So, if we’re to accept the idea that cloud storage may be important, the security chops of the crowd storage partner you’re working with becomes key. And that’s where trust is important.
Suddenly, “trust” becomes almost as, if not more, important than the type of the actual security. When you hand off your security to someone else, its almost entirely based solely on trust. Unless you’re directly a security professional who is going to dive in and fully test the technology itself, most people (and many organizations) aren’t making their security decisions based on whose security is “best,” but on which company they trust the most not to screw things up.
Based on that, I’m often surprised at how little some security companies do to really build up and keep that trust. Too often it feels like security vendors focus just on the nuts and bolts. Obviously that’s important, and having good technology is always going to be a major component of trust. But it has to go beyond that as well, showing how responsive and clear a firm is about security issues.
Trust has filtered through into a number of different tech categories, but it still seems to be something that many overlook. In the next few years, I fully expect that to change, as more and more companies seek to play themselves up as the “trustworthy” partner in security.
Below is the Intel video discussing computer security today
Filed Under: innovation, security, trust
Comments on “Innovation In Security: It's All About Trust”
I couldn’t get the video to load, but maybe it’s just me. For storage, I think it’s easy to figure out whom to trust. If they say “I will store all your information but I may look at it and sell statistics about you to everyone else” they are not worth trusting for anything beyond funny emails and reminders to call your mother.
If they tell you “I will give you storage space and the tools to encrypt your information that you may use at your discretion,” they may be worth trusting for more sensitive information.
Re: Re:
Both videos played for me.
FF8 on PCLinuxOS
They both worked for me too. The ideas are valid though, sadly, it’ll take a lot of time before I buy a security product labelled MacAfee again given the mess it’s made of my machines in the past.
An illustration of the trust thing. Even if Intel now owns them.
FF8 on Mandriva PWrPack 2011 as long as we’re gonna start keeping score 🙂
Re:
“I couldn’t get the video to load, but maybe it’s just me.”
Not just you. For a while now, about 1/3rd of the videos posted here don’t work for me, including these.
Re:
Disclaimer: I work for McAfee, but these comments are all my own.
I suggest that you use whichever product works for you. However, do be aware that all such products, regardless of who makes them, are incredibly intrusive by necessity and there will always be certain combinations of hardware/software that will cause problems. We gain as many customers from our main competitor as we lose to them, because of this problem.
It’s a bit unfair to claim a security vendor is untrustworthy or bad as a blanket statement because their product fails on your system. Also, we rely heavily on customers reporting these problems to us so we can address them in future versions. So even if you never go back to McAfee again, you’d be doing everyone a favor by reporting the issue.