Security Research
The collaboration age represents the next revolution in productivity. Connectivity stays critical, but collaboration is the new business enabler. But how could collaboration work without trust, security, and continuity at all stages covering networks, users, and data? IT security is becoming the support factor for all business operations. No IT security means no collaboration, no productivity and no business.
IDC, Executive Brief: Business Value of Data Loss Prevention
At Dimension Data we believe that business not only relies on IT, it’s dependant on secure IT. Based on a recent survey, conducted in collaboration with International Data Corporation (IDC), we want to share key concerns, focus areas and investment plans from hundreds of your colleagues around the globe with you.
The survey also confirmed the need to move towards a data/information centric approach to IT security to ensure your most valuable asset does not become a liability. We believe most organisations are already addressing key areas of Data Loss / Leakage Prevention (DLP), but now is the time to take on DLP – as it should be.
About the Research
Dimension Data commissioned a primary research project through International Data Corporation (IDC) focused on security challenges, key concern and investment plans. IT or IT-security decision makers or influencers from 407 organisations in 18 countries around the globe were interviewed.
The survey focused on IT security issues among organisations from both commercial and public sectors, with more than 500 employees and covered the following topics:
• Changes in IT security budgets
• The importance and impact of IT security on business performance
• Companies’ interest in external IT security services
• Assessment of security threats
• IT security technology penetration and future investments
• Assessment of DLP (data loss prevention) incidents
Click here for some of the key findings from the survey.
DLP – As it Should Be
Data assets are the lifeblood of an organisation. Considering the proliferation of data and the myriad of places where it resides, the surface area for data loss is more extensive and complex than ever before.
Our survey shows that:
• In general, threat on data is understood as a mistake in use rather than an intentional action.
• Organisations mostly fear the data accidents (leakage or inappropriate access) more than the intentional data incidents.
• Organisations also fear Data loss by PC or USB key loss or theft.
• The number of organisations stating that A PUBLICIZED SECURITY INCIDENT would have a high or moderate impact ON BRAND equals those who claim similar impact ON REVENUE of 1 DAY DOWNTIME.
Dimension Data is able to offer an effective solution to the data loss issues that the modern organisation faces. Our approach employs an assessment, which gives organisations visibility into how their sensitive data enters, traverses and leaves the corporate network. From this point we are able to provide a solution set that combines best in breed technology solutions with the relevant policies and professional services, to ensure organisations can successful understand – and prevent – any abuse of their information flows.
So, let’s start by looking at:
DLP = an unbreakable chain of security links
Pro-active data loss prevention costs less than reacting
Who wins – DLP or a determined hacker or careless employee?
With maturity comes process – and therefore DLP
News and Highlights
Key findings include:
Dimension Data survey shows organisations believe user errors will lead to data leakage
57% of the organisations in our research are planning investment in data loss (or leakage) prevention (DLP) which shows a broad acceptance of the need to complement the traditional network-centric security approach with data-centric security. Organisations believe that data leakage is more likely to occur through human error on the part of their own employees, rather than through intentional theft from outside. How can organisations deal with these challenges?
Don’t assume compliance equals security - electronic crime in the area of wireless networks and the Internet is expanding geometrically
IT security breaches in recent years have highlighted the fact that compliance with certain legislation and regulations does not necessarily equate to being secure. The scale of electronic crime in the area of wireless networks and the Internet is expanding geometrically. An American retailer lost 45 million credit card details as a result of electronic crime. The hacker was charged with two further hacking offences bringing to over 130 million, the total number of card details stolen. One of the victims - a payment card processing company - passed a PCI-DSS audit the month before card details were stolen from its systems.
Organisations starting to invest in IT security strategy - enterprises planning to invest in IT security audits, data loss prevention (DLP), and consulting
Investments in IT continue, even with IT-budgets in turmoil (41 % of surveyed organisations are reducing their IT spend in 2009). Could more be made out of the money spent…? Organisations are starting to realise the value of taking a pro-active approach to IT security. Those security solutions with the highest penetration in most market segments are anti-X, firewall/VPN, and content filtering. However, the surveyed companies are shifting their investment focus away from point- to more holistic solutions, with 59% planning to invest in IT security audits, 57% in data loss prevention (DLP), and 52% in consulting.
Organisations set to spend more to prevent identity theft
Organisations expect their highest future security technology investments to be in the prevention of identity theft and abuse, followed by incidents resulting from an external cause, unintentional privacy breaches, remote access abuse, and spam attacks. Organisations are tackling threats reactively, on an ad hoc basis, and without putting some basic security controls in place. In our experience, it really doesn’t matter how sophisticated point solutions are: if organisations haven’t implemented the five major categories of security control - firewall, intrusion prevention, system security, web content security, and email content security - then they’re focusing on 20% of the risk, but leaving themselves exposed to the other 80%.
Our Solutions
One of Dimension Data’s key differentiators is our ability to support organisations through the whole process of managing IT security risks – from conception to completion and beyond. Born of a combination of our extensive experience and expertise, as well as our adherence to industry best practice, Dimension Data prefers to take a consultative, client specific approach that precedes the technology implementation, allowing for tailored, customised solutions that enable a pre-emptive, rather than reactive, approach to risk management.
Find out more about Our Approach to security projects.
In order to implement security properly and with maximum efficacy, organisations need a security integrator that can deal with multiple vendors across multiple disciplines. We have carefully selected our strategic global security partners, Cisco/IronPort, Blue Coat, McAfee, Check Point, Fortinet and RSA based on their excellence in individual niches and the fact that, when combined, they provide unrivalled coverage across the entire spread of IT security requirements.
|