IT security should not become an end in itself

No matter who you listen to today, they will tell you just how important security is for IT solutions – and not just since the NSA activities were brought to light. For many German IT suppliers, the security of their solutions is their main selling point. It is true that IT solutions with maximum IT security are important and that German data protection and data security standards have a key role to play in this scenario. However, no head of IT will decide to buy solely on the grounds of security considerations. User friendliness, implementation capability and professional support for digital transformation processes are much more important.

A study published not long ago by the independent Center for Strategic and International Studies (CSIS) comes to the conclusion that world-wide cyber crime causes $330 billion in damage. Around 150,000 jobs are lost each year in the European Union due to cyber crime. And Germany is particularly hard hit: in terms of economic output, the damage here totals 1.6 percent of GDP. According to the study, the personal data of around 16 million Germans was stolen in 2013. One reason why the damage recorded is highest in the developed nations is because it is here that the most comprehensive surveys are carried out.

These figures make people sit up and take notice and, in Germany, they fall on fertile ground. After all, “German Angst” has a tradition when it comes to dealing with information and communication technologies. And this kind of scepticism is good; Germany has the strictest data protection laws and regulations. For many international IT suppliers, the successful market performance of their IT solutions in Germany serves in this respect as the litmus test for other markets. Meanwhile, even US data protection experts want to learn something from the situation in Germany and Europe.

IT security is important but user friendliness is more important

From a supplier perspective, German companies are very strong in IT security. One of the reasons for this is that there is greater awareness and demand here for secure solutions than elsewhere. In 2010, the IT security sector in Germany produced products and services worth €6.2 billion. IT security made in Germany is increasingly becoming a key selling point for software suppliers. That being said, IT security should not become an end in itself – at least not for IT suppliers working outside the realm of cryptography, smart cards, digital signatures, PKI or high-security solutions. As Thomas Kuhn from the Wirtschaftswoche magazine recently emphasised at the annual Trusted Cloud Conference at the Federal Ministry for Economic Affairs, the issue of usability, i.e. user-friendliness, is much more decisive for the success of solutions in the field of B2C.

If we transfer this to B2B, I would even go as far as to say that the most decisive aspect when implementing an IT solution is smooth transition and the simplicity of the transformation for the user. This is usually linked to the related expertise of the supplier when accompanying processes of this kind. After all, when it comes to cloud solutions it is not enough to simply provide the required capacities at a low price, instead the current IT landscape must be examined so that a tailored solution can be found for the digital transformation.

Medium-sized companies: look closely at the expertise of the supplier accompanying the transformation

From a user perspective, and I’m talking here about medium-sized companies who often lack the necessary expertise and resources, the topic of data security if often better left to a professional provider. For companies in the process of digital transformation, be it the utilisation of big data or the virtualisation of memory and processes, it is extremely important that the provider observe special security measures.

As I recently explained here, in addition to suitable encryption technologies and contracts according to European and German law, attention should also be paid to encryption and the security concept. An external trusted advisor can usually take care of this much better and more efficiently than a company’s own IT department. A decisive prerequisite when implementing new IT structures, however, is the professional way in which the process is accompanied. Once again, user friendliness is a top priority and should not be scarified at the expense of security.

Conclusion: If we look at current debate on IT security in Germany we could be led to believe that this is the central selling point and decision criterion for an IT provider. IT suppliers, however, should once again focus on customers, their needs and the user-friendliness of solutions and transformation processes. The user should ensure that the supplier can provide just that and that the focus is on the user.

Author: Andre Kiehne

Director Solution Sales, Microsoft Germany GmbH

3 thoughts on “IT security should not become an end in itself”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s