VAR Roundtable: Only End Users Can Stop Security Breaches


With the rise of off-site storage and customers accessing sensitive information on more devices, end users are finding themselves increasingly vulnerable to everything from malware to hackers.

"As more and more people put more and more of their stuff online on the cloud … there are going to be more security breaches," said Larry Gold, owner of Computer EZ in Rutland, Vt.

The solution providers participating in a CRN roundtable discussion at D&H Distributing's New England Technology Show in Quincy, Mass. said little can be done to stop naïve or inattentive end users.

[Related: Investment In Data Breach Responders Lacking, Study Finds]

"The number one anti-virus program on the market is the end user," said Richard Trahant, co-owner of Land Customer Systems in Peabody, Mass. "No software is going to beat the end user." 

Trahant said there's no software that can block viruses from entering the system if customers allow it in by opening infected files.

"They will click on anything," said Jeanette Movsesian, owner of Microcosm in York, Maine.

Trahant encouraged VARs to schedule meetings with company executives and educate them on how destructive a security breach could be to their bottom line.

"We don't see people more concerned about it, but we do see more people getting hacked," Gold said.

Gold wondered how many breaches would be required before some of these businesses opt for a password of longer than four letters.

Dave Hodgdon, owner of PCGIT in Portsmouth, N.H., urged companies in the financial, medical and legal sectors to implement firewalls and complex passwords. 

Yet Gold said many employers who opt for a more complex password end up writing it on a scrap of paper and misplacing it, resulting in a futile call to the VAR for password recovery help.   

He and others recommended restricting access to vulnerable websites with little business function. Gold said employees shouldn't need access to Java, while Sue Trahant, co-owner of Land Computer, said employers should prohibit workers from visiting Facebook on company devices.

The solution providers also cautioned against conducting company business on Gmail, with one attendee calling it the biggest source of security breaches on the internet.

Another attendee -- who declined to be identified when speaking on this topic -- said VARs should urge customers to get away from Gmail and instead opt for a secure communication service. A secure system, though, wouldn't be free like Gmail, the attendee said.    

Efforts to infiltrate user systems, however, are no longer limited to the computer.

NEXT: The Latest Phishing Efforts Rely On Old Technology To Wreak Havoc