Want more secure software? Then give your vendor hell

Software holes will mean security-related downtime will triple by 2008, unless IT managers take matters into their hands.

According to analyst house Gartner, downtime linked to security problems will rise from five per cent to 15 per cent of all downtime, due to the influx of mobile working technologies and a growing dependence among businesses on the internet and web services.

The analyst house has a degree of optimism for how future security will pan out. John Pescatore, Gartner VP and research fellow, said in a statement that in the next few years changes to OSes and hardware will help the security effort but in the meantime, IT staff will have to try and use "stopgap approaches to deal with new vulnerabilities associated with unsafe customer, employee and business partner platforms".

Gartner advises that for companies building their own software, developers should be pushed to put security at the head of their list. It's not just in-house tech makers that need a word in their ears - the analysts suggest end users should give vendors grief about tightening up their security procedures too.

In a recent silicon.com CIO Jury, several heads of IT said they thought vendors should be held financially accountable for any customers' losses resulting from security breaches.

Henry McNeill, CIO at Telstra Europe, said: "If compensation was enforced, vendors would take a more serious approach to security considerations as a matter of necessity."