14 January 2008
by Simon Quicke
The high profile cases of government data loss continue to provide joke material for comedians and chances for politicians to score points off each other.
But the continuing concern about data leakage will be one of the main areas resellers can focus on this year.
Last November, Check Point carried out a survey of IT managers and discovered a gap between the perception of safety and the reality with low levels of data encryption.
Nick Lowe, regional director for Northern Europe at Check Point, said: "It’s worrying that a majority of the companies surveyed feel they are safe against data loss. Over half of our survey sample do not have the basic security measures in place to stop the type of employee behaviour that caused the leak at HMRC."
The letters HMRC are going to be floating around the channel as an example for quite some time to come. With the prospect that the law might change this year to make losing data a criminal offence, the pressure is going to be on companies and the channel could well step in to offer assistance.
The reason for the importance of combating data leakage is to minimise the opportunity for criminals to gain access to sensitive data and money.
Those who doubt that the criminal message is worth pushing to customers by resellers – and there were a few in the channel avoiding that message last year – would have found the Cisco report on the global security landscape, which was issued just before Christmas, interesting reading.
The report backed up ancedotal evidence that attacks are becoming more co-ordinated and sophisticated. It also hinted that with more IP-connected devices, the problems would increase.
Some of the problems were the number of personal details that users were willingly giving away on social networking sites.
Simon Heron, managing drector at Network Box, said identity fraud was growing on the back of social networking sites.
"These sites allow information on the targets that make the attacks worthwhile. It’s more profitable to target a managing director than an office junior," he said.
For vendors that have traditionally made their money in web filtering, there has been a productivity issue around social networking sites that is set to increase this year.
"The rise of the time-wasting social networking sites has been the IT story for 2007. The proliferation of these web applications means that it will continue for the foreseeable future. Unfortunately, hackers have identified this as a suitable target for getting to large numbers of computer users quickly," said Paul Brettle, UK technical manager at Stonesoft.
The other area that should be gaining headlines this year centres around ensuring that those dealing with customer data are PCI compliant. The deadline for the enforcement of PCI was delayed in 2007 but this year it is set to become a reality.
Neil Patmore, head of channel marketing at CMI Labs, points to a demand from the channel to provide help with PCI.
"We are already experiencing a significant rise in interest in PCI compliance technologies as the June 2008 legislative deadline for all merchants to protect against web-facing application attacks approaches," he said.
In terms of how the channel will deliver services to customers there is going to be an increasing shift towards the hosted model this year.
By the end of last year a handful of vendors including F-Secure and Trend Micro had already launched services and the number of offerings is set to grow.
"Demand for hosted services including managed security, online backup and continuity, security and archiving for email will, during 2008, grow more quickly than demand for traditional hardware and software capital purchases," said Nick Cater, head of Northern Europe at Iron Mountain Digital.
From a reseller’s perspective the other positive development that some in the security market are already identifying as a trend is the increasing importance of data protection.
"Companies are becoming more aware that to be most effective, data security needs to be integrated into their overall business strategy instead of being approached as a separate issue for the attention of the IT department only," said Miles Rippon, area vice president, EMEA channels for RSA.
