UK firms want unified view of security
But poor integration means many still use multiple management consoles, say researchers
Over three-quarters of UK firms want a unified view of their IT security infrastructure, but are being held back by budgetary constraints and a lack of integrated offerings from vendors, according to new research by McAfee published today.
The intrusion-prevention specialist surveyed 600 large enterprises across Europe. It found that 82 percent of UK firms wanted a single view of their infrastructures, but nearly a third still used four or more management consoles.
"The more vendors you do business with, the more management tools you have to install; you have to train staff to use the tools and then there is the cost of hardware to put them on," said McAfee security analyst Greg Day. "Then there is information overload; customers are finding they have too many security products – it's very labour-intensive aggregating [and interpreting] all that information."
Day added that part of the blame lies with vendors, most of which produce too many management consoles, and offerings which are not fully integrated and do not interoperate with other vendors' products.
The problem may also be compounded by the fact that many UK security chiefs base their purchasing decisions on price – 23 percent, versus the European average of 13 percent – not functionality.
"Buyers must be educated to see the reality that software licensing costs make up only five to 10 percent of the real cost of a solution," said Day. " Maintenance, management and educating the IT staff makes up 50 to 70 percent of the real cost but it's hard to translate that back to finance."
Andy Kellett of analyst firm Butler Group said that to have a single management console to view security infrastructure, firms would have to consolidate systems and buy from a single vendor.
"McAfee is asking them to tear everything down and start again," Kellett said. "In a perfect world this [could happen] but something new always comes along as soon as a new threat is discovered and you find your security is [out of date]."