IT security specialists are calling on suppliers to provide what users want - not what suppliers want to sell.
The call came at a roundtable discussion on security at the City IT and IT Security Forum on board the Aurora cruise ship this week.
One delegate at the Forum said suppliers try selling solutions to problems he does not have. "I have not had a single company come and say to me: what are your problems?"
Some delegates wanted a product to read e-mails and documents, and categorise them automatically. This was partly to enable important ones to be kept and the rest deleted. The delegate quoted above said his organisation has an archive of 36 million e-mails going back six years.
"I'd like to delete some of them but which ones can I delete?"
He added: "The problem is I cannot classify the data because there is no technology which will read the e-mail, work out what it is, and classify it."
Legally some e-mails can not be kept indefinitely because of the Data Protection Act but some contain text on important business matters. One delegate said: "Data protection people want us to get rid of older e-mails and legal people and the sales department have said we must keep e-mails in which salesmen have altered contract terms and left."
Wolfram Jenrich, IS Director Service and Compliance at Alstom Power Service, said documents about some power plants must be kept for 40 years. He was unsure how that was going to be managed. He added that tools were needed for the end users: "We need to support the end-user in classifying the data."
Another delegate, from a High Street bank, said: "I cannot read every e-mail every day so there is no chance of putting them into folders."
There was a general view that software tools which simply look for key words are not especially helpful in classifying documents.
Delegates said if a supplier sold public key infrastructure memory sticks at a good price, they would "clean up".