Tag: security

Gartner consults crystal ball about cloud

crystalAround 10 percent of IT security enterprise products will be delivered through the cloud by 2015, Gartner has said.

Gazing into its crystal ball, the analyst house has also said that these services will also drive changes in the market landscape, particularly around a number of key security technology areas, such as secure email and secure Web gateways, remote vulnerability assessment, and Identity and Access Management (IAM).

It said as a result it expected the cloud-based security services market to reach $4.2 billion by 2016.

Eric Ahlm, research director at Gartner said demand remained high from buyers looking to cloud-based security services to address a lack of staff or skills, reduce costs, or comply with security regulations quickly.

He said the shift in buying behaviour from the more traditional on-premises equipment toward cloud-based delivery models offered “good opportunities for technology and service providers with cloud delivery capabilities.”

He warned that those without such capabilities needed to act quickly to adapt to this “competitive threat.”

Gartner referenced a security survey from January which  it said showed high demand from security buyers for cloud-based security service offerings. Security buyers from the US and Europe, representing a cross section of industries and company sizes, stated that they planned to increase the consumption of several common cloud services during the next 12 months.

The highest-consumed cloud-based security service is email security services, with 74 percent of respondents rating this as the top service.

Furthermore, 27 percent of the respondents indicated they were considering deploying tokenisation as a cloud service, while another area cited for growth was security information and event management (SIEM) as a service.

Gartner is now advising value-added resellers (VARs) to supplement product implementations with cloud-based alternatives that offer large customers reduced operational cost and thereby increase the likelihood of customer retention in this market segment. VARs that fail to offer cloud-based alternatives might experience a decline in implementation revenue from customers seeking cloud-based solutions in certain market segments.
Around 10 percent of IT security enterprise products will be delivered through the cloud by 2015, Gartner has said.

Rubbing its crystal ball the analyst house has also said that these services will also drive changes in the market landscape, particularly around a number of key security technology areas, such as secure email and secure Web gateways, remote vulnerability assessment, and Identity and Access Management (IAM).

It said as a result it expected the cloud-based security services market to reach $4.2 billion by 2016.

Eric Ahlm, research director at Gartner said demand remained high from buyers looking to cloud-based security services to address a lack of staff or skills, reduce costs, or comply with security regulations quickly.

He said the shift in buying behaviour from the more traditional on-premises equipment toward cloud-based delivery models offered “good opportunities for technology and service providers with cloud delivery capabilities.”

He warned that those without such capabilities needed to act quickly to adapt to this “competitive threat.”

Gartner referenced a security survey from January which  it said showed high demand from security buyers for cloud-based security service offerings. Security buyers from the US and Europe, representing a cross section of industries and company sizes, stated that they planned to increase the consumption of several common cloud services during the next 12 months.

The highest-consumed cloud-based security service is email security services, with 74 percent of respondents rating this as the top service.

Furthermore, 27 percent of the respondents indicated they were considering deploying tokenisation as a cloud service, while another area cited for growth was security information and event management (SIEM) as a service.

Gartner is now advising value-added resellers (VARs) to supplement product implementations with cloud-based alternatives that offer large customers reduced operational cost and thereby increase the likelihood of customer retention in this market segment. VARs that fail to offer cloud-based alternatives might experience a decline in implementation revenue from customers seeking cloud-based solutions in certain market segments.

Employers rely on staff not to snoop

snoopBusinesses are placing too much trust in their employees when it comes to safeguarding company data, a survey by LogRhythm has found.

However employees are pulling the wool over their bosses’ eyes.

Questioning 1,000 employers, the cyber threat defence, detection and response company found 80 percent do not believe any of their workers would view or steal confidential information, while three quarters admitted to having no enforceable systems in place to prevent unauthorised access to company data by employees.

And some seem to have all the faith in the world when it comes to their staff with a third claiming they don’t believe they need such systems at all.

In addition, around two thirds of companies surveyed  admitted to not regularly changing passwords to stop ex-employees being able to access sites or documents.

However, on the employees side, it seems not all is well. In a separate survey of 2,000 staff LogRhythm found that 23 percent had accessed or taken confidential data from their workplace, with one in 10 saying that they do it regularly.

The most accessed confidential data related to details of colleagues’ salaries,  with 38 percent of staff admitting to snooping around to find this out, while a further 23 percent said they looked for details of colleague bonus schemes.

A huge 94 percent of those who had accessed confidential information or stolen company data had never been caught.

When asked, more than a quarter of employers could not identify the biggest threats to their confidential data, while 14 percent did not even know whether employees have stolen data – even though they believe employees would do so.

Ross Brewer, vice president and managing director for international markets at LogRhythm, came to the groundbreaking conclusion that this showed there was a “clear gap between businesses’ internal security procedures and the harsh reality of employee behaviour”.

Brits fail to secure their mobile devices

ipad3Despite many of us treasuring our mobile devices, we’re not taking precautions to keep them, and their content safe, a study has found.

In its latest report Norton by Symantec Brits are now living various aspects of their work, social and online lives through their mobile devices, surfing online, downloading apps and making payments through them.

In fact we’re so attached to our mobiles that 40 percent of those queried admitted that they could never give up their mobile device, and close to a quarter of adults even indicated that it would be one of the top two personal items they would save if their house was on fire.

A large majority – 63 percent – of mobile users indicated they also stored and access sensitive information on their mobile devices. However, they don’t seem to be guarding this with their lives with almost a half admitting to not using a password to help protect their personal data.

Norton said that this could prove detrimental in the event of theft or loss, giving thieves “a treasure trove of personal information” stored on the device, which can potentially be accessed. This includes personal emails, which could pave a potential gateway to other sensitive information such as work correspondence and documents, passwords for other online accounts, and bank statements.

The study also reveals that losing a mobile device is common, costly and stressful for consumers.

Around one in four adults have had a mobile device lost or stolen, costing individuals an average of £73 for the replacement or temporary use of a mobile phone, and double the money to replace a tablet.

However, it’s not security that comes to their minds when they lose a mobile phone with 39 percent of those asked claiming they were most worried about incurring costly bills due to telephone calls.

And it seems our keenness to get online is also letting us down with over a third
admitting to not always downloading applications from trustworthy sources, and 28 percent claiming that they do not use secure payment methods when making purchases from their mobile device, leaving their sensitive information such as credit card details vulnerable.

According to the survey, seven percent of UK mobile users have already fallen victim to mobile cybercrime.

Most adults also admitted to using free or unsecured public Wi-Fi hotspots, and half of them were concerned about the potential risks of using free or unsecured public Wi-Fi hotspots, but yet still go ahead.

Just over a third said they used free public Wi-Fi spots to check their personal emails and 16 percent of respondents said they accessed their bank details online through free, unsecured Wi-Fi connections, exposing their sensitive financial details to mobile sniffers.

Austerity pressures hospital CIOs

nhsleafletEurope-wide austerity programmes and spending cuts are placing more and more pressure on healthcare providers and hospitals to shrink their spending, and a report from IDC Health Insights claims one viable option will be consolidating their IT systems.

Increasing efficiencies must be a priority for hospital procurement and implementation, IDC claims. They will be striving to offer the same level of care, quality and safety with less resources, so in turn, to stay afloat, they should offer services coordinated with other providers in their catchment areas.

Silvia Piai, IDC Health Insights EMEA research manager, said that in a resource stretched scenario, keeping IT in line with long term business objectives is not an easy task. “Hospitals’ CIOs have to architect for reusability, interoperability, and scalability when implementing new enterprise and line of business solutions, Piai said. “Just keeping the lights on for the existing systems will only drive them to a budget-cut vortext”.

Hospital IT departments are usually driven, IDC pointed out, by regulation compliance. Other aspects in chain management and governance are underestimated, and this leans on a hospitals’ capabilities in risk management.

Top on the agenda for hospital CIOs at the moment is electronic medical records. Health information exchange exchange focusing on cooperation with other providers “is still relatively low,” IDC said. High investments are being put into e-procurement, business intelligence and analytics.

Speaking with over 100 European hospital executives about their business priorities, IDC noted that pressure to reduce public expendiature is reflected in hospitals’ needs to improve performance and IT costs. Strong financial and legal penalties for failing to meet regulatory requirements in emerging areas such as data capture, retention, protection and security are ultimately determining the course of hospital IT investment.

IDC notes change management will include alternative governance models and this challenge is being underestimated in IT. It will bring together physicians and nurses from different care centres, IDC said, or changes in funding models that offer incentives for care and collaborative culture.

Computerlinks becomes B2B Kaspersky distie

kasperskylogoDistributor Computerlinks has won a contract to sell Kaspersky Lab’s portfolio with a view to drive growth in the B2B market.

Kaspersky hopes this strategy will boost the company’s routes to market as well s increasing its presence in the UK. Computerlinks will offer channel partners Kaspersky’s Endpoint Security for Business as a key asset in its security portfolio.

Endpoint Security for Business lets companies both control and protect on site devices as well as cutting resource demands on IT teams, bringing mobile device management, data protection, systems management, and endpoint under one management console.

Director for B2B sales and marketing at Kaspersky Lab, Matthew Robinson, said that Computerlinks’ experience in value-add will prove “invaluable” to customers and channel partners.

He added that Kaspersky’s new strategy, which focuses on a full value model running along with the existing volume business, will keep Kaspersky “at the forefront of the evolving channel landscape”.

Computerlinks’ director of core technologies, David Caughtry, said that the deal is part of Kaspersky’s “exciting stage of growth”.

Alvea offers SMBs, channel, managed network security

gardnerIt “makes no sense” for the channel and small businesses to ignore the security market, Alvea has said, speaking with ChannelEye.

Recent research from channel analyst house Canalys suggests that the security industry is growing 10 percent year-on-year. According to Alvea, however, it can be tough for small businesses to stay on top of the ever changing security landscape, especially in a difficult economic climate.

The comments come as it launches its Managed Network Security service in the UK and Ireland.

Managed Network Security, which is the latest addition to the company’s services portfolio, is designed to help small and medium businesses (SMBs)  protect their networks from security threats and will be sold through the firm’s channel partners.

Neil Gardner (pictured), professional services development and operations manager at Alvea Services, pointed out that although it is urgent for SMBs and channel players to keep up with current threats, it can cost serious money and time.

Gardner told ChannelEye the company can help channel partners keep up with these threats thanks to its relationship with distributor Computerlinks. Although the Alvea brand is an independent service, it is supported by technical expertise and infrastructure from Computerlinks.

“Computerlinks has been in this industry for over 20 years and has an office built around a range of engineers and techies who keep up with the day-to-day threats in the security market,” Gardner said.

“Therefore what we offer our partners can be better than our competitors. Either a fully managed service contracted to us or a managed support package run by the partner.

“We want to give our partners an a la carte package, where they can also mix and match services. If we look at the competitor landscape we at best match prices with our rivals. However we offer a better service,” he said.

The new service includes both a firewall and a Virtual Private Network (VPN) delivered on a choice of hardware security appliances.

According to the company, the range of appliances available within the Managed Network Security service ensures that resellers can select the product that is best suited to their customer’s network requirements. They can also offer consultancy skills to customers to ensure the provision of the right level of protection and investment.

As businesses grow, resellers have the scope to add new service modules.

Alvea said this gives them the chance to remain in constant contact with customers, hold regular service reviews and foster a long-term relationships that may lead to additional sales opportunities.

Resellers can also offer the option of a managed security service to their customer bases without incurring the high costs of becoming a managed service provider themselves.

Ingram Micro makes changes to top level staff

IMIngram Micro is making some changes to its employee and portfolio line up.

Over the week the distie has announced a range of movers and shakers within its senior management level.

Yesterday it said it was saying goodbye to its executive vice president and chief information officer Mario Leone who was leaving the company at the beginning of March.

The company is yet to announce a successor for Leone who had been at the firm for four years, however, has said that while it looks for a suitable candidate Nimesh Dave,

Ingram Micro executive vice president, global business process and cloud computing, would step in and take responsibility and oversight of the company’s worldwide information and business systems.

And it seems the company is also making some top level changes over in North America with the news that it has promoted Kirk Robinson to senior vice president, Commercial Markets and Global Accounts for this region.

The promotion will mean that Robinson who has been with the company for 20 years, will now oversee ownership of the distributor’s global accounts and supervision of additional strategic key business units. He will also be responsible for managing the business leaders responsible for Ingram’s SMB, public sector and VAR business units.

Singing his praises the company said throughout his career with Ingram Micro, Robinson had made a “notable impact” on the success of its sales teams and was responsible for leading key initiatives including the launch of the distributor’s proprietary Business Intelligence Centre in 2009, which had “since grown into one of the company’s most valuable service differentiators.”

It added that under Robinson’s leadership, the commercial markets division and its SMB business unit had “reached record growth rates” and enabled hundreds of new channel partners.

Robinson joined Ingram Micro in 1993 as a sales representative and worked his way up to sales director. In 2003, he moved into the marketing department as senior director, channel programs and in 2004 he was promoted to customer and solutions marketing vice president. In September 2006, Robinson was named vice president of North America channel marketing. Then, in May 2010, he was appointed vice president of VAR sales, market development and business intelligence. Shortly thereafter, Robinson became the vice president of Ingram Micro’s US commercial markets business.

But it doesn’t end there, as well as promoting and losing staff, the company has also said that it will be making bigger moves in the physical security marketplace,  announcing that HID Global’s secure identity products will now be available to its US channel partners through the Ingram Micro North America Physical Security Business Unit.

The company said it had added this as security threats became more complex and business needed more robust services. It added this presented a growing business opportunity for channel partners specialising in this space.

Gartner: Cloud providers need to look at security services to survive

cloud 2Cloud providers must look at offering robust security options to ensure they stay ahead of the game, Gartner said.

Rubbing its crystal ball, the analyst company has gone as far to say the US government could declare cloud services as a critical national infrastructure, as a result of expanding public clouds, along with the ever-persistent threat on private and public sectors’ infrastructures.

It said that in the future this could mean that future network security is based increasingly on virtual security appliances.

By 2016, Gartner said public cloud infrastructure will include and be mandated to critical national infrastructure regulations by the US. It said that this is a result of the economic downturn, with governments continuing to sniff out ways to reduce their IT operating expenditures, eliminate duplication across their IT organisations and optimise their compute resources, making cloud deployments an attractive option.

Apparently several key governments have created initiatives for the adoption of cloud-based services, however, Gartner pointed out that they are yet to see any negative impacts from the technology. Disruptions, brought around by attacks on cloud service providers, were minimal.

By 2015, 10 percent of overall IT security enterprise product capabilities will be delivered in the cloud.

However, Gartner warned that as the economy becomes more dependent on the cloud, the threats against these networks would grow, eventually impacting national security.

The company is advising security providers to prepare their technologies to address potential mandates for critical infrastructure protection of public cloud environments.

It warned that those who lag behind with their security could face difficult sales and be squeezed out of the market by cloud providers who had threat management processes in place.

Growth rates for cloud-based security services are set to overtake those of traditional on-premises security equipment over the next three years with operational cost reduction, flexibility of deployment across multiple IT environments, and fast implementation and product updates among major factors driving demand.

Gartner also pointed out that as cloud matures, security offerings will also evolve, with data loss prevention, encryption and authentication all becoming must-have services offered alongside the cloud.

As new players establish themselves with innovative offerings, existing companies will look to acquire them to expand their portfolios with new capabilities and remain competitive.

Foreign companies set up local clouds for UK

cloudForeign cloud vendors are waking up to the fact that European companies need data stored locally.

Already there has been concerns within the EU that some of the larger multinational cloud vendors are trying to score lucrative contracts in Europe.

The problem is that many foreign countries have laws which require their companies to turn over any data to their intelligence agencies.
In the US the Patriot Act requires all US companies to hand over data if the Government wants it. That means that if EU data crosses the pond it can become US government property.

UK customers of Megaupload found that out the hard way when their data was seized as part of a copyright dispute between the US government and the company..

Similar problems exist with companies that connect to Indian outsourcers which have cloud operations. Although it has not happened yet, data can be seized by Indian spooks under their terrorism acts.

The EU has been issuing warnings to companies that they could be in trouble if their data levels the boundaries of the trade bloc.

Last year, Sophia In’t Veld, a member of the Parliament’s civil liberties committee complained that the way it was worded US Patriot Act effectively overrules the EU Directive on Data Protection. She called for the Commission to remedy this situation.

Now it seems that the foreign vendors are starting to listen and are getting around the problem by setting up local clouds in the EU.

The latest idea has come from the ResellerClub, one of the world’s largest providers of Web Presence Products. It is now offering its resellers Hosting and Shared Hosting on Servers located in the UK.

Under the deal resellers can assure their customers Shared Hosting as well as Reseller Hosting on server locations are based in the UK.

Bhavin Turakhia, Founder of ResellerClub said hosting meant that website owners can reduce latency and benefit from better local search engine rankings.

Turakhia said that since the UK is one of ResellerClub’s biggest markets and resellers were warning that the content had to be kept local.

Earlier this year another cloud supplier saw a hole in the market and created a cloud platform that could manage the different levels of infrastructure and service required in a highly-secure cloud environment.

The company pointed out that “there’s a lot of concern around data security, particularly in Europe where there’s a great deal of anxiety about the Patriot Act, we felt that increasing our focus on security could offer an interesting and important opportunity for us,” a company spokesman said.

One of the company’s selling points is that its customers know and can control where their data is based and where that data is being accessed from.

It can be expected that as the EU looks closer at Data Protection then more such regional cloud packages will be required.