ISPs to become IT providers for home users?

Bruce Schneier makes a solid point in his recent post entitled “Home Users: A Public Health Problem?”, where he states that computers and computer security are much too complicated for the regular home user. That’s most certainly true. No matter how much you “educate” the average user, they’re still going to mess up. Even if they’re working in IT, that’s no guarantee of know-how. There are so many things you can do in IT these days that an IT guy might not even know what a hard drive or a RAM module looks like. You really have to like working with computers to get the way they work and to be willing to put in the time to learn how to protect and operate them the right way.

But then Schneier says ISPs should become IT providers for the home user. In other words, provide real Help Desk support for software installations, router and firewall settings, anti-spyware and anti-virus software, etc. This sounds good at first until you realize there’s a very small step between that and choosing to mitigate damage to the network by controlling what software users can install and use on their computers. What’s to stop ISPs from requiring that users register their computers on their domain (or doing it automatically as users run their software CDs), then pushing down group policies that enforce their rules?

What’s the alternative? Make computers easier to use! Operating systems and the gadgets that go along with them have to become really easy to use. A certain number of security options have to be enabled by default, and those settings have to able to propagate from the OS down to the gadgets (firewalls, routers, printers, network drives, WiFi devices, etc.) automatically and where applicable. You set it once and it gets set everywhere else. I talked about this in another post of mine, entitled “It’s got to be automated“. Have a look at that as well.

The starting point should be OS X. It’s not the best OS it could be, but it’s a lot easier to use for most everyday tasks than other systems, but even it is hard to figure out for a normal user when it comes to security and special protocols like site hosting, file sharing or FTP, and privileges between users in places like the Shared folder.

We need to do away with arcane file names for user groups in operating systems. Privileges should be much easier to set for files, folders and entire drives. Systems ought to be smart enough to know when we’re trying to share something with the firewall up, and pop up an on-screen wizard to assist us. They should anticipate certain things and guide us through.

I say we need to make all network devices manageable directly through the computer, instead of having to log onto them separately. This goes especially for routers. The computer should know there’s a router on the network, and allow us to manage its settings from the control panel, as we would manage a printer, but make it even easier. It should auto-configure it with medium-level security by default and only ask us to choose a password and be done with it.

The solution lies in making better software and hardware.


2 Thoughts

  1. David, perhaps that add-on service works within the context of the needs of small businesses that can’t afford IT departments. I have doubts about home use. Then again, it all depends on the business attitude, and the way the service works. If that service can manage to walk the fine line between providing quality and safety while maintaining open and unrestricted access to the internet, then it’s good. Otherwise, I have my doubts, and for good reason, not the least of which is your use of the word “lock down”…

    Like

  2. Thanks Raoul,

    You article offered me great insight into the nature of the IT. We forget sometimes how human we all are and our nature at times to follow the path of least resistance. I appreciate your candor.

    Your post was particularly of interest to me because I’ve been talking to our local ISP regarding a Managed Internet Security Service (MISS), as an added-value service, for their customers. The target markets for this MISS are families and small business owners.

    As a customer of the MISS for the past three years, I can tell you it works and works well. I believe it will solve many of the issues you and other ITs are concerned with. And for only 49 cents a day which includes Enterprise grade technology, unlimited security IT tech support (with remote access if the customer wants it), and including an ID Theft insurance, as well as several other benefits that ultimately provide the PC owner a hassle-free computer experience and the security to lock down the home-owners’ or small business operators’ PCs.

    As an added-value service it wouldn’t require the ISPs involvement other than to provide it to their customers. The ISP doesn’t need to be involved with what should be permitted or not, the MISS is simply being provided. There are no complications, either for the ISP provider nor the customer, unlimited customer and IT security technical support are provided (here in the U.S.).

    An interesting event occurs when you remove the cost factor to security IT tech support, customers will call with questions and ultimately become educated and take on a more pro-active approach to their computers welfare that actually saves the customer time and money. Maybe that’s why the MISS has an 85% to 90% customer retention rate.

    Thank again for the insight.

    David C Ballard

    Like

Comments are closed.