Corporate network perimeters eroding

Network security experts are warning of a 'perimeter erosion problem'

New research claims that IT security vendors are developing products to support a next-generation of "deperimeterised" business networks that have been opened up to support collaboration between customers, partners and staff.

Jericho Forum noted that increasing global operations over the internet mean that once solid corporate "network security" walls would tumble down, leaving valuable confidential data exposed unless firms adopt a new approach to securing data.

A poll of 22 IT security vendors carried out by the security group found that 67 per cent intend to modify their products to deliver effective security for this "perimeter erosion problem".

The survey suggested that 45 per cent of vendors are being asked by more than half of their customers to enhance existing products or build new offerings to help them resolve the problem.

Respondents believe that access control is one of the most important technologies that help customers resolve perimeter erosion problems.

In weighted rankings, access control came in number one, authentication came in second, compliance third, data leak prevention and identity management tied for fourth, encryption came fifth, intrusion prevention sixth and VPN seventh.

Vendors are aware of the security concern enterprises have about the erosion of their network perimeter. Some 45 per cent of respondents stated that more than half of their customers have requested enhancements or solutions to resolve this problem.

Respondents to the survey included representatives from Europe (73 per cent) and the US (37 per cent).

Focused on security products, vendors ranged from large companies with 1,000 to 10,000 employees that support a broad range of security products (53 per cent) to small vendors with fewer than 100 employees that support a single product (47 per cent).

Products represented by these vendors include encryption data leakage prevention, intrusion prevention, compliance authentication, access control, antivirus, secure client virtualisation, vulnerability management and other IT security products.