Security Experts:

Report Shows Disconnect Between Security Demands and Aging Infrastructure

According to a recent study coming from Sophos, the idea of perimeter security translating into network security is dead. The research conducted by Vanson Bourne on behalf of Sophos shows that the SMBs are struggling to keep their infrastructure up to date with current working practices, and its feared that this disconnect will equate to larger security risks.  

Vanson Bourne surveyed 571 IT decision makers from the U.S., UK, France, Germany and Australia for the study. In all, 93 percent of respondents said they need to tailor security for remote workers, however, more than half of them predict that this requirement will cause security problems, not solve them.

In fact, 36 percent of the businesses that took part in the study said they are struggling to apply consistent security policies across their network, which encompass remote and onsite workers.

The reason for this is that the older security model hasn’t kept up with the newer level of security demands. For example, most SMBs select their security solutions based on a low cost of ownership, not the level of protection.

"Trends such as remote working, mobile and cloud are having a huge impact on the way small and medium sized businesses think about protecting their networks," said Gerhard Eschelbeck, CTO at Sophos.

"Companies are reevaluating how they tackle IT security. A fragmented approach is consistently leaving networks vulnerable to attack, as new technologies such as cloud, and new devices such as mobile, require more advanced security architectures. For many, it is time to take a more holistic approach to IT security, one that ensures all elements of protection function seamlessly together," continued Eschelbeck.

The full report is available here in PDF format.

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.