Networking: Small firms struggling

Small and medium-size enterprises are lagging on IT security, and many still utilize first-generation security solutions that are now ineffective against significant threats that may sabotage their networks, experts are telling United Press International's Networking column.

A forthcoming survey by The Yankee Group, and the Information Technology Solution Provider Alliance (ITSPA), an advance summary of which was provided to Networking, indicates that smaller firms are "struggling" with basic technology issues, including keeping up to date with technology and effectively using technology already on hand.

"While the security threat landscape has become more complex, most small businesses are still struggling with first generation security technology, falling farther and farther behind," a spokesman for the ITSPA, based in Dallas, told Networking.

Government-mandated compliance regulations are, however, forcing many of the smaller enterprises to get into shape, whether they want to or not.

"With the increasing number of compliance and privacy regulations enterprise IT teams are faced with, data protection solutions are becoming a must-have," said Jon Oltsik, a senior analyst at the Enterprise Strategy Group, the IT research firm.

Developers of sophisticated security tools are driving down the costs of their solutions by combining functionality, like policy-based solutions with encryption. This may mitigate some of the purchasing concerns that have kept smaller firms from keeping pace in the past.

For example, when installing a new network, they can automatically segregate data, with cryptographic technology. This means the same network can be used by all employees in an enterprise, but some portions of the company, perhaps regulated by Sarbanes-Oxley or Health Insurance Portability and Accountability Act (HIPAA) rules, can be kept completely private. This includes applications like customer relationship management (CRM), e-commerce, healthcare management, and the like.

This kind of security, within the network infrastructure, is called a "set it once control," in the industry, said Ron Willis, chief executive officer of CipherOptics, which is partnering with Extreme Networks to bring the new technology to market.

This is part of an even larger trend impacting smaller and medium-size businesses is the need for so-called service oriented architectures (SOA). "It's the flavor du jour for all IT managers these days," a spokesman for IBM told Networking.

Developers are continuing to come forward with new product ideas. "IBM is actually going to be announcing some SOA security news on Tuesday, May, 23," the IBM spokesman said.

Services oriented architectures enable disparate computing systems to communicate with each other - across the enterprise. Major players like Oracle, BEA, and IBM, are involved in pushing the trend.

Experts say that this means that the network itself - the internal corporate network - is emerging as an important IT platform, somewhat akin to the function that the microprocessor started serving in the 1970s for PCs and the Internet for all computer users in the 1990s. The center of gravity of computing is changing -- to the local network, based on Internet Protocol (IP) standards. That means that the local network -- driven by small business needs -- will be the center of innovation for the coming decades. This is becoming a "network centric" environment, where voice, video and data applications exist in a single, integrated architecture, a spokesman for Cisco Systems, the networking products maker, tells Networking.

That could reduce security threat levels for small firms with multiple offices, without too much additional investment. "With 80 percent of security threats coming from internal sources within the enterprise, and the prolific growth of computer networks and Internet connectivity, companies must make every effort to protect and secure their data," said Peter Dougherty, chief executive officer of Certeon, a networking company, based in Burlington, Mass.

Copyright 2006 by United Press International