Security fears hold back network convergence

The fear of disclosing confidential customer records is by far the biggest barrier to deploying a converged IP network, according to a network security survey commissioned by communications giant AT&T.

The fear of disclosing confidential customer records is by far the biggest barrier to deploying a converged IP network, according to a network security survey commissioned by communications giant AT&T.

The Network Security: safeguarding the collaborative enterprise  survey, which was published by AT&T in co-operation with The Economist Intelligence Unit on Wednesday, revealed that around 66 percent of executives are more worried about the security implications of a fully converged network than they are about the cost, complexity or business disruption.

Stan Quintana, vice president of network services at AT&T, said: "The new capabilities of the ubiquitous network are great for commerce, but open a whole new dimension of risk".

The survey reveals that 62 percent of executives expect to have an IP-based network running through all or most of their organisation by the end of 2008. However, because they hold detailed customer records on the network, 63 percent of the executives fear this will make them a bigger target.

According to the survey, the fact that a "mushrooming volume" of customer data is held online makes the company "extremely vulnerable" to attack.

Commenting on the survey, Ed Amoroso, AT&T's chief information security officer said that companies too often see IT as "box focussed", which means that most security strategies are also simply reliant on the purchase of more equipment to fix problems. According to Amoroso, companies should recognise that security cannot rely on the "add more boxes" approach -- because doing that can actually make things worse.

"The strategy is deeply flawed... These defences are complex and heterogeneous, and as every security expert knows, the more complex the defensive system, the easier, paradoxically, it is to penetrate. As complexity rises, holes become wider," he said.

Security spending stabilises
Senior executives have also realised that throwing money at security will not necessarily make their company any safer.

In 2002, companies spent about 9 percent of their IT budget on security. This increased to 13 percent in 2004 and 14 percent this year. However, enterprises are expected to stabilise their spending on IT security over the next three years.

"Senior IT managers and CIOs, after a few years of furious activity to build new defences, have coalesced around a steady figure of annual security spending to keep those defences up... The Economist Intelligence Unit expects the share of IT budget allocated to security to stabilise at the level of 15 percent over the next two years," the survey said.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All