Security has finally become an item on the corporate agenda but many companies are taking the wrong approach to addressing the issue, according to research by IDC.
Security has finally become an item on the corporate agenda but many companies are taking the wrong approach to addressing the issue, according to research by IDC.
In its Security Services: Protecting the eBusiness Infrastructure report, published this week, IDC argues that many companies rolling out ebusiness programs are failing to formulate and apply an appropriate security policy, which is needed to properly secure their internet infrastructures.
Sandra Baccari Edler, research analyst from IDC's European business infrastructure and technology services programme, warned that companies with piecemeal security in place are both at risk from crackers and at a competitive disadvantage to competitors.
"Companies are putting up walls or filling in holes and are not building a secure environment based on a cohesive, holistic security policy," said Baccari Edler.
"If ebusiness in Europe is to be successful, this approach will have to change. Security needs to be incorporated into a corporate culture - not treated as an add-on," she added.
IDC argues that due to a lack of forethought, companies commonly believe they are secure after implementing one or two security measures. Another common mistake identified by IDC is that companies tend to focus on keeping the bad guys out - without considering the needs of legitimate users from both inside and outside their organisations.
The researcher found that of companies that employ some security measures, virus detection software is by far the most popular choice with 97 per cent of respondents to its survey claiming use of it.
Other security measures employed by European companies drop in popularity as they increase in complexity and cost. The implementation of firewalls, used by 67 per cent of companies, is rather straightforward, while complex public key infrastructure technology - which require extensive management - are used by only nine per cent of the firms.
IDC also found that, fuelled by the explosion of ebusiness, the security services market in Europe is undergoing enormous growth. Increased access to company resources over the internet and the need for companies to protect their brand in cyberspace are other factors stimulating the expansion of the security market, which IDC characterises as being still in its infancy.
"Improvements in security will become a priority when legislation comes that will require companies on the web doing business to be secure or when security lapses affect the bottom line. Good security will not come through a watershed event, though awareness is getting there," said Baccari Edler.
See also:
Microsoft has issued a patch to fix a security vulnerability that could allow a hacker to log in remotely to early versions of Exchange 2000 Server and potentially access other resources on the same domain.
17 Nov 2000Cisco has been forced to alert users to a potentially devastating problem with its firewall product only days after launching a new security programme.
16 Oct 2000Half of all small to medium-sized businesses that manage their own security will have been hit by an internet-based attack by 2003, industry analyst Gartner has warned.
13 Oct 2000A leading security warning body will next week take the controversial step of alerting the world to security vulnerabilities in products whether or not vendors have corrected the problems.
06 Oct 2000Fuelled by the rising need to secure ebusiness systems, the worldwide security software market will grow by 22 per cent a year, according to a survey published this week.
04 Oct 2000Microsoft has brushed aside a potentially devastating vulnerability within its Office suite, according to security experts.
22 Sep 2000Linux vendor Red Hat has revealed that it plans to include a service with its distribution of Linux that will automatically update systems with the latest security patches.
18 Sep 2000Few PCs are now being operated without at least occasional connection to the internet. We look at some of the menaces attached to internet access.
13 Sep 2000Security experts have discovered a fresh family of techniques that could use the internationalisation features of operating systems to attack computer systems.
08 Sep 2000One in three supposedly secure ebusiness servers are using software with known security weaknesses, and European sites are the worst offenders, according to a survey.
07 Sep 2000Microsoft has released a tool to help website operators keep up to date with the numerous security updates for Internet Information Server 5.0.
07 Sep 2000Security experts at Bull are investigating reports that a flaw with its web servers allowed access to confidential customer data.
01 Sep 2000High street veteran Woolworths has been forced to temporarily close its online store after customer credit card and personal details were exposed on its website.
11 Aug 2000Microsoft has issued a patch for a security hole in Office 2000, which while not critical, places a heavy burden on major users.
11 Aug 2000Cisco has admitted that a defect in the software running on its Gigabit Switch Router family leaves them vulnerable to denial of service attacks.
07 Aug 2000Lotus Notes' security has come under fire from experts who this week demonstrated how email accounts could easily be broken into.
02 Aug 2000Barclays has reopened its online banking service after an embarrassing security breach forced it offline yesterday afternoon.
01 Aug 2000A new study of the structure of the internet indicates that, because of the net's reliance on a few key connections, a sustained attack by terrorists or hackers could bring it down.
28 Jul 2000While most businesses these days rely on firewalls to offer protection from external attacks on a network, the increasing availability of distributed firewalls promises to provide companies with the additional benefits of an internal security mechanism.
25 Jul 2000Linux developers have begun an ambitious project to identify security problems with the open source operating system before they trouble end users.
23 Jul 2000Utility firm PowerGen admitted today that it had suffered a breach of internet security which resulted in the leak of bank and contact details of thousands of its customers.
19 Jul 2000Ebusinesses are wasting money when they buy expensive security technology that they are unable or unwilling to integrate into their systems.
17 Jul 2000While security has always been an issue, the ability of organisations and individuals to keep their confidential data safe not only from prying eyes but also from attack is becoming an ever greater concern. The problem is becoming particularly marked as the world becomes more networked and companies conduct increasing amounts of business over the internet. Here we look at a range of issues that are starting to affect every one of us.
29 Jun 2000Companies developing ebusiness applications should spend more time and money on installing better security measures or risk facing high financial losses, according to analysts at Gartner, speaking at the company's Ebusiness and Internet Conference in Paris this week.
24 May 2000An influential study sponsored by the Department of Trade and Industry has painted a widespread picture of complacency and lack of security awareness among UK businesses.
06 Apr 2000The Internet Security Task Force (ISTF) last week released E-business security recommendations, a report that identifies the 12 most important security areas which e-businesses should focus.
22 Mar 2000
del.icio.us
Digg this
reddit!
