Both users and resellers often still push security down their list of priorities, in favour of workaday business software and perceived new trends, says Australia/NZ regional manager for security software company Sonicwall, Randy Prado.
“Many users’ knowledge about security is still vague, particularly in the small-to-medium business sector; a firewall is maybe 13th or 14th on their shopping list behind the essential word processing and accounting software, the Exchange server they have to have and maybe they’ve caught the enthusiasm for CRM or ERP.”
If users think of anything in the security line, it’s usually an anti-virus product, he says. That’s probably because viruses advertise themselves.
“If you get a virus, and I’m a business partner of yours, I could well get a copy too, and then I’ll know you’ve been attacked,” Prado says; but if you get hacked, you take care your business partners don’t know, and the effect is to reduce general awareness.
And resellers need reminding sometimes to be a security vendor and promoter, in the face of applications that promise greater margin and a more accepting market, he says.
Sonicwall has among its clients the Healthlink portal, whose GP users are provided with an encrypted and firewalled Jetstream connection to communicate confidential patient data.
Some quite large businesses, on an Australian or New Zealand scale, install IP address translation on a router and figure that since no-one knows their internal addresses, they’re safe from hackers, he says. With a combination of sleuthing around publicly available information sources like whois servers and intelligent guessing, a hacker can find out the real addresses and domain names surprisingly easily, Prado says.
Above all, security precautions need good management. An insufficiently-skilled manager can undo a lot of good security work by not keeping things up-to-date. Sonicwall provides such remote management services.
Prado was in New Zealand last week this week to ginger up the company’s resellers, but out of an attendance of 40 at a Wellington seminar “there were four or five end-users,” he says.