14 April 2008
by Simon Quicke
When the question was asked about the likely themes at the Information Security event in London, a number of angles emerged, but none so predominant as the clear consensus around protecting sensitive data.
A combination of government data leaks and a greater awareness of the dangers of social networking websites have created an atmosphere where individuals and businesses are looking for help to secure their data.
The penny seems to have finally dropped that those hacking into data and stealing laptops are doing so with criminal intent. Few people can fail to have noticed in the blizzard of publicity that this is about crime, money and – in extreme cases – sexual peversion. One thing it is clearly no longer about is teenage hackers showing off.
The other challenge for the security channel is that not only are threats continually emerging but the rules of the game have changed since Web 2.0.
"Web 2.0 threats to date have been largely untouched by most ‘traditional’ security solutions. Reputation-based security may well take centre stage," said Mike Smart, EMEA product manager at Secure Computing.
Data leakage, identity management and access controls being the hot potatoes, the channel needs an insight into the solutions they can be pitching to customers.
"A lot has been made of the importance of encryption tools, but to keep their confidential information safe, organisations need to adopt a layered approach to security," said Stephen Millard, vice-president of strategy at Clearswift.
David Vella, director of product management at Gfi, said there would inevitably be concerns around emerging threats.
"The growing need to safeguard the individual’s identity and personal information will be a pressing issue for many. How best to address the threat posed by new technologies such as VoIP, the increase in the number of mobile users as well as ‘traditional’ threats such as spam and phishing will be key topics," he said.
One of the biggest challenges most companies are facing is balancing the demands of staff for more remote access and flexible working with the need to keep the network secure.
Anton Grashion, security strategist at Juniper Networks, said there were numerous platforms staff could use and plenty for customers to think about.
"The diversity of end-point devices and touch-down points can lead to security policy confusion," he added. "For the enterprise, a co-ordinated approach to end-point, remote-access and network access control from a variety of devices and operating systems is essential."
Resellers should get closer to the customer. Paul Davie, founder of Secerno, poined out that prevention rather than cure is going to be a sensible sales pitch.
"This year’s Infosec will at last unveil a revised emphasis on prevention rather than simple detection. This year’s obsession with monitoring and auditing clearly hasn’t helped even the Government keep its own house in order," he said.
Resellers that make the effort to familiarise themselves with the latest developments will be best placed to gain the consultancy and services business.
"UK firms are faced with some unique data security challenges including data privacy, subject access requests and the Freedom of Information Act, plus a constant stream of regulations coming from the EU," summarised Brian Bennett, managing director of Mimosa Systems UK.
In addition to protection, there will be a green tinge to the market with customers looking for resellers pitching environmentally sound packages.
"Secure virtualisation for green IT will undoubtedly be a major talking point," said Smart at Secure Computing.
Fear central
In the run-up to the InfoSec show, some surveys have come out to highlight current areas of concern towards data security.
-Sixty-eight per cent of employees admitted to bypassing their employers’ information-security controls to do their jobs, according to research from IT Governance Limited.
-According to research from Neverfail, more than 50 per cent of companies surveyed reported they are consolidating all their email servers into a single data centre in one geographic location. However, less than one per cent said they were protecting these systems with redundant servers in case of disaster.
-AIIM, the Enterprise Content Management (ECM) Association, has announced the results of its annual user survey, reporting that 63 per cent of respondents had little or no confidence that emails related to commitments and obligations made by themselves and their staff were recorded, complete and recoverable.
