Ian Kilpatrick, Wick Hill
by Stuart Wilson, Thursday 15 October 2009
Ian Kilpatrick, chairman at VAD outfit Wick Hill, identifies the ten growth areas for IT security that will shape 2010.
IT security - ten growth areas for 2010
Overall, the recession is likely to be a major factor in IT security purchasing decisions in the next year, with companies looking for solutions which will reduce ongoing costs and provide rapid ROI.
1. XTMs Users will migrate from UTM to XTM, for increased functionality and flexibility. eXtensible threat management systems (XTMs) will be increasingly popular as they meet both tactical and strategic security needs.
Reasons for growth include cost pressures (XTMs cost only 25% of equivalent point solutions); the ever increasing variety of threats including blended threats; and green issues (having multiple security solutions in one device has a number of green benefits).
With increased compliance requirements, having one device makes reporting much easier. And with cost pressures, having to train on only one interface can be a benefit Companies such as WatchGuard and Check Point provide solutions in this area.
2. Two-factor authentication Single passwords are costly and insecure. They mean heavy use of the helpdesk, an expensive resource. An increased awareness of ID theft and a desire to cut costs will continue to drive increasing demand for two factor authentication, involving a PIN and a hardware or software token. 2FA will cut down reliance on the help desk and improve security. Solutions here include one time password generators and SMS tokens. Vasco and CryptoCard, among others, offer 2FA products.
3. Encryption Data leakage is now well in the public domain thanks to government blunders. Companies are cutting costs and using more remote working. The use of encryption will grow as it provides a low-cost way of protecting data wherever it is located, both static and mobile (on laptops and other mobile devices including PDAs and memory sticks). Continued publicity of more high profile failures will drive awareness.
There are a significant number of data leakage products available, including specific encryption solutions, full end point security solutions, mobile media protection and hardware protection for PCs and laptops. Suppliers include Kaspersky Lab, Check Point, Yoggie, LogLogic, ArcSight and many more.
4. Hosted security With access to credit difficult, many companies are unable or unwilling to commit capital sums to security solutions. Hosted security services enable them to maintain security for a monthly payment. Hosted services include anti-virus, online back-up, web security, UTMs, anti-spam and two factor authentication. Companies can use hosted security for all or some of their security needs. Many companies provide solutions in this area including Kaspersky Lab, CryptoCard and Barracuda Networks. Many security VARS also provide their own services.
5. Internet filtering The recession has significantly driven up crimeware with malware being picked up from web browsing, even on apparently safe sites. This will mean more use of gateway security solutions such as UTMs which can detect malware before it enters the network; and more use of Internet filtering solutions with web proxy facilities, which can effectively restrict web sites accessed by staff. There is a wide range of options available including those from M86 and Barracuda Networks.
6. Endpoint security Cost cutting is driving increased remote working, as well as contract work. This raises major risks of data leakage (theft), as well as malware entering the network. Remote working is typically under-protected, compared to the gateway. Protecting remote devices with endpoint security, including firewall, antivirus, encryption and web protection, will be increasingly important during the year
There are different approaches to this, dependant partly on the size of the organisation. Solutions are available from companies such as Yoggie, Check Point, Trend Micro and M86.
7. Low footprint anti-virus. Many anti-virus and end point solutions create a large load on PC resources with big updates and processor intensive scans. With budgets under threat, desktop refreshes are being delayed. Companies will look to efficient low footprint anti-virus solutions to extend the life of PCs and laptops. Suppliers such as Kaspersky Lab and AVG have a strong focus on small footprints.
8. VoIP security Increased use of VoIP will mean the growth of VoIP security solutions, of which companies are now more aware. Losing all computer access would be a serious problem, but losing all data and telephone access would be catastrophic. There are specialist products available from vendors such as Samsung and Check Point (who cover VoIP security in the firewall).
9. Compliance Compliance requirements for IT security have grown rapidly and are now impacting companies, who have to take action. Those companies that just pay lip service to compliance requirements will find it a burden. However, those who embrace regulations such as the PCI requirements, will find they can provide an excellent framework for the overall security of their systems and networks. ArcSight is a market leader in compliance and security management solutions. Companies such as ArcSight, Trigeo and LogLogic offer logging products.
10. Convergence of voice and data The convergence of fixed and mobile phone systems, together with voice and data, will proceed rapidly, encouraged by the great opportunities such systems provide to cut costs and improve efficiency. Users will be looking for security solutions to make sure they stay operational in this integrated environment. Samsung offers secure converged solutions.
Ian Kilpatrick is chairman of value added distributor Wick Hill Group, specialists in secure infrastructure solutions. Kilpatrick has been involved with the Group for more than 30 years. Wick Hill is an international organisation supplying most of the Time Top 1000 companies through a network of accredited resellers.