IT managers still rely on firewalls, yet fail to rework security strategies
More than two-thirds of IT decision makers have consolidated their security elements to take advantage of less cost, simplified management and tighter security.
A survey of 305 European IT decision makers by Fortinet found that 69 per cent of respondents had consolidated their security elements, while 79 per cent said that they will continue consolidating more security over the next 12 months.
Patrice Perche, senior vice president of international sales and support at Fortinet, said: “IT departments and dedicated information security professionals face challenges from all directions as they fight to maintain a coherent security strategy that both protects data and responds to the changing needs of users and the business at large.
“Organisations that can call upon the common technology approach of an end-to-end security solution family are best set to meet these challenges without complicating management processes, compromising performance or adding unnecessary financial overheads.”
Mike Paquette, chief strategy officer at Corero, said that against the backdrop of the proliferation of network security device types required to address today's evolving network security threats, network security consolidation can be quite tempting.
He said: “However, organisations should use caution when seeking the benefits of consolidation. Physical space savings, reduced power consumption and improved ease of management can be easily realised through consolidation, but sometimes these benefits come at the expense of reduced protection levels and/or reduced network performance.
“Also, not all network security functions belong in the same package. Organisations with a high reliance on their network infrastructure should also consider the division of labour within their own organisational groups when consolidating. Should VPN functions be integrated into the UTM, or should they be part of the router? Should data leakage protection be co-resident with the firewall? One general guideline is to seek consolidation of security functions with like context.”
The survey also found that half of those surveyed are now using, or plan to deploy, a firewall with application control features. Specialised web application and XML firewalls are also being adopted in significant numbers, with 43 per cent of respondents now using, or planning to use, this technology to secure web-based applications.
Finally one-sixth (16 per cent) either did not have a security strategy or had not reconsidered their IT security strategy for more than three years.
Perche said: “Given the recent remarkable pace of cloud IT adoption and the rise of tablet PCs and smartphones for corporate IT use, it is critical for organisations to regularly review their IT security strategy and in that sense, those which have not done so in a year or more expose themselves to greater risks.”