UK firms want single view of security

Poll finds majority support for single views of security infrastructures

Over three-quarters of UK firms want a single view of their IT security
infrastructure, but are being held back by budgetary constraints and a lack
of integrated offerings from vendors, according to new research by McAfee
just published.

The intrusion prevention specialist surveyed 600 large enterprises across
Europe and found that although 82 percent of UK firms said they wanted a
single view of their infrastructures, nearly a third still use four or more
management consoles.

"The more vendors you do business with, the more management tools you have
to install; you have to train staff to use the tools and then there is the
cost of hardware to put them on," said McAfee security analyst Greg Day.

"Then there is information overload; customers are finding they have too
many security products - it's very labour intensive aggregating [and
interpreting] all that information."

Part of the blame for the cluttered security environments of many
enterprises must lie with the vendors, most of which produce too many
management consoles, and offerings which are not fully integrated and fail
to interoperate with other vendors' products, he added.

But the problem may also be compounded by the fact that most UK
infosecurity chiefs base their purchasing decisions on price - 23 percent,
versus the European average of 13 percent - not functionality.

"There is an education piece we need to do to highlight the reality that
software licensing costs make up only five to 10 percent of the real cost
of a solution," said Day. "Maintenance, management and educating the IT
staff makes up 50 to 70 percent of the real cost, but it's hard to
translate that back to finance."

Andy Kellett of analyst firm Butler Group said that to have a single
management console to view the security infrastructure, enterprises would
have to consolidate all of their products onto a single vendor.

"McAfee is asking them to tear everything down and start again," he said.
"In a perfect world this [could happen] but something new always comes
along as soon as a new threat is discovered and you find your security is
[out-of date]."