Identity management is top security priority

IT professionals are very concerned about identity management and access control, but don't see mobile phone viruses as a serious threat
Written by Tom Espiner, Contributor

Identity management and network access control are among IT security professionals' top priorities, according to a survey conducted by RSA Conference Europe.

The security vendor's conference arm surveyed IT professionals who will be attending the RSA Conference Europe 2006 later this month. Thirty percent of those polled said that tracking identities assigned to personnel throughout their employment, as well as keeping track of contractors and outsourced work identities, was of paramount importance.

Granting, maintaining and tracking access privileges were equally important for 32 percent of those surveyed.

RSA Conference director Tim Pickard explained that identity management is being driven mainly by an increasing emphasis on the protection of intellectual property, rather than legal compliance.

Web-based viruses and spyware were a top priority for 10 percent of delegates, with a further 41 percent indicating that they were a significant concern. Patch management was a high priority for 48 percent of those polled.

Email viruses were the most significant threat identified, while 45 percent of respondents deemed mobile phone viruses the least significant threat to their organisations.

"The rapidly evolving nature of IT security places constant pressures on security professionals," said Pickard. "The IT director can never stand still with new threats emerging and priorities being constantly reassessed. Where email viruses once dominated, Web viruses are now becoming more significant with mobile phone viruses still waiting in the wings."

Configuring firewalls was the most time consuming task for 30 percent of IT departments, which devoted more than three hours a week to it. However, a further 30 percent of the delegates admitted to spending less than one hour a week configuring firewalls.

Pickard said that more IT-savvy organisations tended to devote more time to the upkeep of firewalls, but also that the results reflected the range of organisations represented at the conference. Smaller organisations with less complex IT systems to maintain tend to allocate less time to firewall configuration.

RSA Conference Europe takes place in Nice between 23 and 25 October.

Editorial standards