Companies are paying far too much for their security
software and they should change the way they buy security products,
delegates at this week’s Gartner Security Conference were
told.
Jon Mein, Gartner research director, said suppliers were taking
advantage of undemanding IT departments by raising the prices of
their services by between 25% and 45%. Although Gartner
acknowledged that IT departments do not want to have to rip out
their security products every year, it urged them to take a tough
line on suppliers’ contracts.
Companies should stop simply accepting the standard contracts
issued by security software companies and stipulate some terms of
their own, said Mein.
The cost of security software is at least 50% determined by
contracts and usage rights in licensing agreements, and specific
terms can have a profound effect on total cost of ownership,
Gartner’s research revealed.
The key to controlling spiralling security costs is in the
detail of product and service contracts. Price caps on new versions
of software and product updates should be key goals for companies,
said Mein.
“The basic security software marketplace, including anti-virus
software, is very mature, with market shares not moving very much,”
said Mein. “As a result, we are getting a lot of calls at Gartner
from companies wanting to know how to approach these
increases.”
He said companies should agree to rises equivalent to the annual
retail price index, plus 2%, or plus 5% at the most.
Views from the Gartner conference
John Girard, Gartner research
vice-president
Companies considering large-scale roll-outs of wireless Lans may
want to consider using an outside company to avoid being left
behind on evolving standards, and to overcome technical
difficulties when locating equipment.
John Pescatore, Gartner research
fellow
The Trustworthy Computing initiative started by Microsoft 18 months
ago in response to widespread attacks that use holes in
Windows-based systems is making progress, but software quality from
Microsoft needs to be improved, rather than the speed of
patching.
Stella Rimington, Former MI5
chief
" In a world where the threats are increasingly
unpredictable but where openness and freedom of information are
expected, the successful management of information is vital for
business as well as governments.”