Security still up in the air for many

A new survey out today from Oblix finds security continues to be a showstopper for Web services implementations. About 42% of 260 IT managers and developers say security concerns have kept them from extending Web services beyond the firewall, versus 43% that say there has been no problem.

A new survey out today from Oblix finds security continues to be a showstopper for Web services implementations. About 42% of 260 IT managers and developers say security concerns have kept them from extending Web services beyond the firewall, versus 43% that say there has been no problem. (Another 15% said they didn't know.) Interestingly, there is also 22% that say they're too worried about security inside their firewalls to roll out services.

Interesting as well is the fact that more than a third either won't or don't know when they will be deploying Web services security. And only 15% said securing Web services traffic is just as "critical" as other IT initiatives going on within their organizations. (To be fair, 51% called it "important.")

Among security specifications and mechanisms, interest is greatest in WS-Security, an OASIS specification that was finalized and released in the spring of 2004. Forty percent of respondents said they were likely to adopt WS-Security within the next 12 months.

Another finding from the survey: only 13% feel their current identity management and Web access control solutions are sufficient to secure their Web services. Most say these solutions need change or enhancement.

A classic cart-before-the-horse situation: We're just still getting our feet wet in Web services/SOA, and most deployments are peripheral, or non-mission-critical, so the urgency isn't there to invest in iron-clad security (which costs more to put in place). But security is also a showstopper for moving Web services/SOA deeper into the enterprise -- or out to partner networks.






Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All