|
In today's dynamically changing business scenario with rapid
growth and competition, enterprises need faster adaptability and response to
market situations. This is pushing enterprises for high availability of both
intra and inter-organizational information to enable better and faster
decision-making. Enterprises are also opening up and integrating with a larger
ecosystem of partner in the supply chain and networking with both their
downstream and upstream partners in the ecosystem, so as to streamline and
optimize their value chain.
Security Transition
This transition from a bounded environment prior to supply chain
integration, to the unbounded environment resulting from connectivity has thrown
a number of security issues for the enterprises. The working environment has
also changed considerably with employees mobility increasing. Anticipated
uncontrolled deployment of PDAs, smart phones and other futuristic devices
coupled with higher mobility of employees having connectivity on the move will
lead to security issues that need to be tackled head on.
If we look at the security evolution in the above scenario,
security was never viewed from an enterprise-wide business approach and had
traditionally always taken a discrete isolated approach. The reasons for this
were simple; organizations wanted to protect their assets, so perimeter security
was deployed. Security was not linked to business processes tightly and
organizations were not much worried about information security as the adoption
of networking and mobility was limited.
Higher mobility and faster decision-making require information
to be made available anytime, anywhere. This, in turn would enable enterprises
to respond to changing market needs in a shorter time-span. The scenario is
changing fast and organizations are now integrating business processes, while
service delivery architecture is evolving. Now we need to have higher
collaboration and sharing information intra and inter organizations, as whole
ecosystem is important. We will see that the reliance on third party is
increasing as we are seeing convergence in services and each component playing a
critical role.
Security will move from perimeter security to next level with
the need for higher availability coupled with compliance to regulations putting
Identity & Access Management (IAM) solutions in the mainstream. So...
|
The Trends
Some trends observed
in 2005/2006 on security across different segments of computer users are
highlighted below |
|
Commercial Users
-
More than two-thirds of
Indian organizations identify 'attacks through email' as their
biggest security concern, as this impacts the integrity of data stored
on their IT systems
-
Loss or exposure of
confidential information is considered to be the one of the most
serious security issue. The nuisance created by spam is a close
follower of that
-
New-age companies like
IT-enabled services and life sciences are found to use more
sophisticated security solutions as compared to their older
counterparts
-
The scenario is not
similar in old-economy companies, where the concepts of security
policy and security audit are still not accorded the value that they
deserve
-
With the increased
adoption of better storage solutions, the concern for security is also
increasing among many Indian companies. Considering security
applications during storage implementations is becoming a 'must do'
rather than an isolated example of far-sightedness
Home Users
-
Unlike commercial users,
home users of computers are far behind in understanding and addressing
the threats and concerns around security
-
Though most users are
aware of terms like virus infection or hacking, only about half of
them have actually experienced it in any form according to a recent
IDC India survey. These users tolerate spamming simply by turning a
blind-eye and making liberal use of the delete button! Though some
valid email messages may also get deleted in the process but that does
not create much havoc as no mission-critical activity is generally
carried out from home PCs
-
Awareness of different
functions/features of antivirus software packages is found to be quite
low among home PC users. Regular updates of the software are also not
undertaken by these users
-
The Indian home PC user's
biggest security concern is around sharing identity online, followed
by infotainment and transaction related activities
*2005/2006 refers to 2H
2005/1H 2006 time periods |
Driving a Boom
Enterprises will need to design a centralized security policy, which takes
into consideration the needs of employees and partners alike. This trend will
increasingly set the boundaries that govern security management and
administration policies in enterprises. IAM solutions will also help enterprises
realize the dual benefits of simplified compliance management and centralized
security management for a diverse set of applications.
According to IDC, in 2005 the overall security software market
in India stood at $66.6 mn, while the security appliances market was estimated
to be $31.5 mn. The leading players in the security software market were Cisco,
Trend Micro, Symantec, Check Point, McAfee, RSA, CA, ISS, Fortinet and Juniper
etc.
While many security appliances were launched in the 2005/2006
timeframe, these have been deployed mostly by small and medium business (SMB)
enterprises. UTM (Unified Threat Management) appliances will provide greater
flexibility to enterprise as they are deploying UTM in branches within the
larger perimeter defense. Large enterprises would continue to invest in
best-of-breed software products when it comes to larger perimeter exposed to
external world, where criticality is high. Dedicated appliances are also making
inroads into the large enterprise space. SMBs find security appliances a good
option as they get good functionality and easier manageability at a relatively
lower cost.
Managed security services are on the rise and enterprises are
looking towards outsourcing security management to third party service
providers. Market adoption of security solutions in 2005/2006 was concentrated
mainly amongst large and mid-size enterprises in the country. Typically, the
inherent nature of these enterprises drove the demand for these types of
security solutions. Their vast scale of operations, higher requirement for data
protection in the light of increasing security awareness, protection
requirements of bigger networks, and connectivity were some of the critical
factors that propelled this market.
Vendors in the security software market were seen to be
targeting verticals such as BFSI, telecommunications, government and the
services sector during 2005/2006. Enterprises in these verticals have huge
repositories of critical data and therefore their security solutions
requirements come with the increased complexity of geographical spread. Not to
mention that manufacturing sector has also started investing in enterprise-wide
security solutions in 2006.
Praveen Sengar
maildqindia@cybermedia.co.in
The author is assistant manager, Software & Services Research, IDC India Page(s) 1
| 
