According to a new study by the Ponemon Institute and Lumension, the adoption of mobile devices, cloud computing, and collaborative technologies is happening faster than companies are able to adapt security policies. Part of this is due to poor budget allocation and broken IT collaboration.
Budget problems and IT collaboration issues present challenge to security
The Ponemon Institute study, “The State of the Endpoint” was conducted to understand how emerging technologies such as Web 2.0, mobile computing, and the “consumerization” of IT are affecting business environments and how organizations are managing security risks.
What it discovered is mostly what those in the trenches already know. Such as the fact that there is a serious perception gap between IT security and IT operations professionals. These gaps can be traced to a number of things, including the complexity of security technologies, misalignment of IT and business objectives, technology integration, or employee skill and knowledge.
"This year’s Ponemon Survey reinforces the need for IT security and IT operations practitioners to continually look for better alignment points within their organization. It’s clear that the level of collaboration between these two groups is still very poor and, as a result, organizations are still grappling with how to most effectively manage and protect their endpoints,” Patrick J. Clawson, chairman & CEO of Lumension.
Some of the high points, if you can call them that, from the study include 31-percent of the respondents who said that collaboration between IT security and IT operations was non-existent, or the 48-percent who said their companies have allocated insufficient resources to achieve effective data security and regulatory compliance.
Then you move on in the study to see that 47-percent of respondents cited a lack of strong CEO support for information security efforts as a reason for ineffective data security programs, and 41-percent citing a lack of proactive security risk management in their organization.
“For organizations to feel truly secure in 2010, two things need to happen, in my opinion. One – organizations need to address the growing endpoint complexity that has been exacerbated by point technologies...And two, organizations must embrace thinking about how to generate greater convergence across their IT operations and security functions for better communication, collaboration and visibility in order to optimize security to address risks. Threats to the endpoint are not going to disappear in 2010 so it’s time for organizations to be more aggressive, more proactive, and much more collaborative,” added Clawson.
Anti-Virus (anti-Malware) technology rated number one on a list of important features for endpoint security, followed by whole disk encryption, application controls, patch management, and asset management.
The report is available here.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story