HP ProLiant 4500 Compaq Enterprise Security Framework - Page 9

The need for enterprise-level security is increasing rapidly due to the growth in the networked

Get HP ProLiant 4500 PDF manuals and user guides View all HP ProLiant 4500 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 9 highlights

WHITE PAPER (cont.) ... nature of some attacks, and because digital material can be copied without any evidence of access or theft. In addition, most computer crimes and security incidents go unreported because businesses are unwilling to reveal the weaknesses of their computer systems to outsiders. Vulnerability stems from the implementation of only basic security measures. The most commonly used of these are log-in passwords and anti-virus software. These solutions, however, are easily defeated by a sophisticated virus attack. Unfortunately, the more advanced security solutions such as firewalls, token-based (two-factor) authentication, and data encryption have earned only limited acceptance and installation so far. While these factors have left IT managers gravely concerned about security issues, their implementation of security solutions and technologies has lagged these concerns. Although threequarters of IT managers reported that their senior management viewed security as a critical priority, two-thirds of technology managers stated that they are not confident that their networks are protected from attack. Despite these concerns, 55% of companies spend 5% or less of their IT budget on security, and the percentage of companies with an information security officer has actually declined over the past year. These facts point to several conclusions: • The need for enterprise-level security is increasing rapidly due to the growth in the networked and inter-networked computing environment, the vulnerability of corporate information and assets, and the variety of threats that have emerged in this environment. • IT security expenditures are minute in comparison with the total losses caused by poor computing security. • While the new threats to enterprise computing security are complex and diverse, the primary causes (insiders, viruses, and passwords) are well known. • Demand for computing security will increase dramatically within the next 10-18 months. Enterprises will require device, internal network, and external network security solutions that carry minimal costs and administrative overhead. 9

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
W
HITE
P
APER
(cont.)
9
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
nature of some attacks, and because digital material can be copied without any evidence of access
or theft. In addition, most computer crimes and security incidents go unreported because businesses
are unwilling to reveal the weaknesses of their computer systems to outsiders.
Vulnerability stems from the implementation of only basic security measures. The most commonly
used of these are log-in passwords and anti-virus software. These solutions, however, are easily
defeated by a sophisticated virus attack. Unfortunately, the more advanced security solutions such
as firewalls, token-based (two-factor) authentication, and data encryption have earned only limited
acceptance and installation so far.
While these factors have left IT managers gravely concerned about security issues, their
implementation of security solutions and technologies has lagged these concerns. Although three-
quarters of IT managers reported that their senior management viewed security as a critical priority,
two-thirds of technology managers stated that they are not confident that their networks are
protected from attack. Despite these concerns, 55% of companies spend 5% or less of their IT
budget on security, and the percentage of companies with an information security officer has
actually declined over the past year.
These facts point to several conclusions:
The need for enterprise-level security is increasing rapidly due to the growth in the networked
and inter-networked computing environment, the vulnerability of corporate information and
assets, and the variety of threats that have emerged in this environment.
IT security expenditures are minute in comparison with the total losses caused by poor
computing security.
While the new threats to enterprise computing security are complex and diverse, the primary
causes (insiders, viruses, and passwords) are well known.
Demand for computing security will increase dramatically within the next 10-18 months.
Enterprises will require device, internal network, and external network security solutions that
carry minimal costs and administrative overhead.