At 01:16 PM 4/28/2007, Allen wrote: >Alas, my experience with Gartner's reports does not make them a >truly useful resource. > >As I see it there are three problems with Gartner: > > 1) They rely on popularity to select what they list. > 2) They are alway about 18 months to to 2 years behind. > 3) They use C-level understandable explanations. > >These, in and of themselves, are no great sin; however, the net >result is that the risks related to potential exploits are not >accurate, nor can one be assured that best practices view they >have is current.
My own experiences *as a vendor* with their "Magic Quadrant for Mobile Data Protection" report is somewhat worse. That Gartner team's approach to "product/company evaluation" consists of reviewing vendor-supplied answers to a brief questionnaire whose principal focus is market share (possibly in an attempt to apply the old adage 'you can't go wrong with IBM' -- that 'popularity' factor you mention in 1). They perform no hands-on product evaluations whatsoever, nor do they appear to make any attempt to independently corroborate vendor claims. They demonstrated no clear understanding of, nor real interest in, our products' distinguishing capabilities. In our case, position in the leader's quadrant appeared to depend solely on our initial willingness to place a sufficiently large reprint order in advance of publication of the report. (It was clear we could also influence placement by ordering other reports.) I would agree that other companies with no apparent business connection with Gartner seem to be included, and positioned, based purely on product popularity and company name recognition; in other words, on the size of their marketing budgets. Rightly or wrongly, Microsoft has historically done rather poorly in the Mobile Data Protection report -- I suspect they don't fall for the reprint scam. But it's clear that the volume of other companies' business with Gartner can be read from the upper right hand quadrant of each year's graph. Gartner is surely not the Consumer's Reports of security product testing. The instinct among Fortune 500 IT professionals to follow their recommendations can't be anything but a dumb 'I'd better cover my ass' reflex. They'd be much better off if they demanded that Gartner disclose the nature and dollar amount of its business with each company reviewed in each report. -mjm _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
