New approach to aid security management

Data extraction software can provide comprehesive view of corporate systems.


Data extraction software can provide comprehesive view of corporate systems.

Business and security managers have had enough of pulling together a patchwork of security products to protect applications, systems and networks.

For the future, security suppliers will have to provide technology that will enable corporate decision-makers to understand how well protected their organisations are. It will be able to deliver statistical information that extends from the detailed reports used by administrators up to executive desktop views.

At present enterprise protection can be provided by a wide range of security products, but each will deliver its own partial view: for example, the number of computer viruses a security system has intercepted.

IT security experts and suppliers have been getting quite excited about a new approach to how an organisation handles its IT security. Often described as security management, it involves making better use of the growing number of IT security systems, such as intrusion detection and anti-virus software.

The aim is to make more efficient use of the information provided by a diverse range of security applications in order to build an overview of the security threats facing an organisation.

This involves making better use of both new and old technology. It integrates the use of new and existing security products, and will also help users to meet data management compliance requirements.

Generally, organisations have no big picture view of security. But this can be discovered by a layer of software that extracts information from security systems and analyses it, in the same way that financial software will analyse raw data from company accounts and produce reports for management.

The software can produce detailed reports for IT directors and more general, dashboard-type reports for board directors. Suppliers such as Computer Associates and Symantec now offer specialist modules for this purpose.

But IT security management is not just about making better use of IT systems. It will also require organisations to review their IT security policies and make sure they are understood by all staff. And when those security policies are breached - for instance, by an employee misusing e-mail in the workplace - there should be procedures in place to alert the relevant managers.

Security management will never be delivered in a black box that plugs into the corporate network and immediately starts to deliver its services. The requirements of each individual organisation are different and must be treated as such.

Leading security suppliers are putting together products that will fit the security management profile. Although only a few are close to delivering high levels of integrated security services, across the industry the market is moving rapidly towards the delivery of more integrated and extensive protection.

And, as yet, most user organisations have some way to go before they can implement an effective company-wide security infrastructure.

Andy Kellett is a senior research analyst at Butler Group

Read more on Antivirus, firewall and IDS products