Trends in IT security purchasing decisions in 2010

(23/10/2009)

The recession is likely to be a major factor in IT security purchasing decisions in the next year, with companies looking for solutions which will reduce ongoing costs and provide rapid ROI.

1. XTMs

Users will migrate from UTM to XTM, for increased functionality and flexibility. eXtensible threat management systems (XTMs) will be increasingly popular as they meet both tactical and strategic security needs.

Reasons for growth include cost pressures (XTMs cost only 25% of equivalent point solutions); the ever increasing variety of threats including blended threats; and green issues (having multiple security solutions in one device has a number of green benefits).

With increased compliance requirements, having one device makes reporting much easier. And with cost pressures, having to train on only one interface can be a benefit Companies such as WatchGuard and Check Point provide solutions in this area.

2. Two-factor authentication

Single passwords are costly and insecure. They mean heavy use of the helpdesk, an expensive resource. An increased awareness of ID theft and a desire to cut costs will continue to drive increasing demand for two factor authentication, involving a PIN and a hardware or software token. 2FA will cut down reliance on the help desk and improve security. Solutions here include one time password generators and SMS tokens. Vasco and CryptoCard, among others, offer 2FA products.

3. Encryption

Data leakage is now well in the public domain thanks to government blunders. Companies are cutting costs and using more remote working. The use of encryption will grow as it provides a low-cost way of protecting data wherever it is located, both static and mobile (on laptops and other mobile devices including PDAs and memory sticks). Continued publicity of more high profile failures will drive awareness.

There are a significant number of data leakage products available, including specific encryption solutions, full end point security solutions, mobile media protection and hardware protection for PCs and laptops. Suppliers include Kaspersky Lab, Check Point, Yoggie, LogLogic, ArcSight and many more.

4. Hosted security

With access to credit difficult, many companies are unable or unwilling to commit capital sums to security solutions. Hosted security services enable them to maintain security for a monthly payment. Hosted services include anti-virus, online back-up, web security, UTMs, anti-spam and two factor authentication. Companies can use hosted security for all or some of their security needs. Many companies provide solutions in this area including Kaspersky Lab, CryptoCard and Barracuda Networks. Many security VARS also provide their own services.

5. Internet filtering

The recession has significantly driven up crimeware with malware being picked up from web browsing, even on apparently safe sites. This will mean more use of gateway security solutions such as UTMs which can detect malware before it enters the network; and more use of Internet filtering solutions with web proxy facilities, which can effectively restrict web sites accessed by staff. There is a wide range of options available including those from M86 and Barracuda Networks.

6. Endpoint security

Cost cutting is driving increased remote working, as well as contract work. This raises major risks of data leakage (theft), as well as malware entering the network. Remote working is typically under-protected, compared to the gateway. Protecting remote devices with endpoint security, including firewall, antivirus, encryption and web protection, will be increasingly important during the year

There are different approaches to this, dependant partly on the size of the organisation. Solutions are available from companies such as Yoggie, Check Point, Trend Micro and M86.

7. Low footprint anti-virus.

Many anti-virus and end point solutions create a large load on PC resources with big updates and processor intensive scans. With budgets under threat, desktop refreshes are being delayed. Companies will look to efficient low footprint anti-virus solutions to extend the life of PCs and laptops. Suppliers such as Kaspersky Lab and AVG have a strong focus on small footprints.

8. VoIP security

Increased use of VoIP will mean the growth of VoIP security solutions, of which companies are now more aware. Losing all computer access would be a serious problem, but losing all data and telephone access would be catastrophic. There are specialist products available from vendors such as Samsung and Check Point (who cover VoIP security in the firewall).

9. Compliance

Compliance requirements for IT security have grown rapidly and are now impacting companies, who have to take action. Those companies that just pay lip service to compliance requirements will find it a burden. However, those who embrace regulations such as the PCI requirements, will find they can provide an excellent framework for the overall security of their systems and networks. ArcSight is a market leader in compliance and security management solutions. Companies such as ArcSight, Trigeo and LogLogic offer logging products.

10. Convergence of voice and data

The convergence of fixed and mobile phone systems, together with voice and data, will proceed rapidly, encouraged by the great opportunities such systems provide to cut costs and improve efficiency. Users will be looking for security solutions to make sure they stay operational in this integrated environment. Samsung offers secure converged solutions.

Related topics:  Authentication and identity management   Data management and data security   Encryption   Firewall   Hacking and intrusion prevention   Internet and Web security   Knowledgebase   Mobile and Wireless Security   Security management and policies   VPN 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources