Several IT security experts discussed antivirus software, bring-your-own-device (BYOD) and numerous solution provider concerns during "The Great Security Debate" at CompTIA's ChannelCon 2014 in Phoenix.

Panel members discussed a variety of IT security topics, including whether "antivirus is dead."

Brian Dye, Symantec's (SYMC's) senior vice president for information security, told The Wall Street Journal in May he believed "antivirus is dead" because it is no longer "a moneymaker in any way."

Cognoscape CEO Charles Tholen compared antivirus solutions to "locks" because both provide security, but there are still questions about whether antivirus solutions and locks deliver sufficient protection.

"Antivirus solutions are still more like the locks on our house, but are the locks on this business really good enough?" Tholen asked attendees.

Tholen noted a risk mitigation strategy is important for businesses, yet this plan should only be one component of their overall IT strategy.

"A risk mitigation strategy around the risks of end users is not a real strategy; you have to look beyond the end users," he said.

Bring-your-own-device (BYOD) also creates challenges for solution providers, especially since more employers are searching for ways to leverage cloud and mobile solutions.

Chris Johnson, CEO of healthcare IT provider Untangled Solutions, said mobile devices are like "panes of glass," and businesses need to implement strategies to manage these devices. 

"I look at devices like panes of glass … we just assume they will work without human interaction," Johnson said. "For the most part, a mobile device involves turning it on and it works. That’s where the challenge is for businesses."

BYOD may create new challenges for both solution providers and end users as well.

"There's no question that end users have a lot of issues to deal with, [and] the question becomes what role the IT solution provider will play," CompTIA Chief Legal Officer Dan Liutikas added.

Johnson said antivirus solutions and BYOD, however, can create opportunities, and he pointed out education is key for solution providers and end users to avoid security and compliance issues.

"Security and compliance is not a product; it's a mix of products and services, it's a moving target. That education point is so important," Johnson said.

Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at dan.kobialka@penton.com.