Vendors should work to an open architecture to ensure that different technologies can work together.
Speaking to SC Magazine, Chris Pace, director of product and solutions marketing at Blue Coat, said that he wanted to work with other vendors to deliver users' needs so that there is not only one operation with open architecture, but also find ways to improve.
He said: “It is far better to understand individual needs and how things fit together. We want an open architecture with cooperation with other technology vendors. The way things are positioned, we need to do a better job of what we do, but [look at] what is required to do in IT security and the way the landscape looks today; IT security is high on the list and often it is done with a tick box of what is required.
“We need to get vendors, resellers and integrators to understand what is required and what is best for users; we are not moving forward and talking about a problem and saying ‘work with us' is not right.”
Recently, security consultant Dinis Cruz made comments regarding greater transparency on how things work and Pace said that while he didn't expect source code to be made freely available, by building better relationships he couldn't see a way this could not be achieved.
“Open architecture is not about vendors releasing their source code and figuring out where things fit, it is about having good relations with other vendors,” he said.
“From our point of view, relationships are core of letting people know what to ask and be efficient in knowing what to do. In the past users have had tools, but need to get to the point where things are much better.”
Asked how this can be done, Pace said that vendors cannot sell fear and doubt forever and vendors are showing an understanding of the position that users are in. “IT cannot protect, it has to be about making things possible,” he said.
Speaking to SC Magazine, John Thielens, chief security officer at Axway, said that with data flow technology, there needs to be better user knowledge on default passwords for example, with minimal security concerns – to raise the bar for vendors and help users avoid making mistakes.
He said: “We work with resellers to deliver reference implementation documentation on best practice of service so everyone is working from the same recipe book. This is an evolution from traditional documentation.
“This is how to share and work consistently and another example of putting the onus on the vendor to make sure users understand how to use instructions on how to do things.”
Senior security consultant Niran Seriki at the Council of the European Union told SC Magazine that he agreed with this concept, and that the ideal thing would be that the user has better understanding and clarity of the different technologies.
He said: “Unfortunately, the vendors themselves make things a bit difficult for the users. There are so many solutions out there and what will naturally help the end-user is to be able to use different products/solutions that integrate easily without having to depend on a single vendor, even when such a vendor does not possess strength in certain areas.
“This is where Gartner and other research bodies are quite useful before decisions are made on adopting solutions.”