One of the most challenging things about making sure a network or a business is secure is not just about products and resellers would be wise to include the people element in their conversations.
Sitting in on a panel session at a conference this morning where IT directors talked about what mattered to them it was the comments from the chief security officer at one of the largest health care providers in the US that resonated.
He said that his role was all about making sure that people didn't expose the data in the organisation to risk. The job was a difficult one and it was becoming even harder as a result of consumerisation.
The dangers of moving data onto personal devices, sharing information about the way security worked as well as being sloppy with passwords were all concerns that had nothing to do with products but everything to do with the way people interacted with the network.
Interestingly the other point the CSO made at the session was that when asked what concepts in the technology were hype he included 'regulatory compliance' as one of the areas that was largely untested, difficult to pin down and an area that had the potential to take away a lot of time and effort.
Resellers selling security are all too aware of the first concern about the people element but the fears about compliance are interesting because those in the channel prepared to concentrate and develop their expertise in that area could find more customers queuing up for that service than they might at first have imagined are out there in the large organisations.