IT directors under fire for poor security policies

NEWS IT decision makers have come under fire for failing to invest in adequate network security as more companies adopt ecommerce strategies. According to a report by research house Ovum, organisations are increasingly relying on an out-dated approach to security. Graham Titterington, analyst at Ovum and author of the report, claimed companies are focussing too much on "preventing users from accessing networks as opposed to protecting confidential information once the user had gained access". He said ecommerce invited users onto company networks and that "the biggest threat to the corporate network lurks within the boundaries of organisations". He added that companies that demonstrate they had an adequate security set-up gained the trust of customers, which could provide core business opportunities. Tittington warned that the absence of industry standards and the lack of interoperability capabilities among vendors was cause for concern, as companies will not be able to implement an integrated security management systems to co-ordinate security tools and applications. A failure to distinguish between different applications and systems also left the network vulnerable to intruders. A report by Frost and Sullivan claimed IT directors had limited knowledge about the tools available and did not realise the level of investment required to secure the networks. The report accused companies of not spending sufficient money on implementing the complex tools.