Seismic shift and timing.
The Three New IT Buzzwords: Security, Security, and Security
by Alan Earls
TidalWire
September 24, 2001
"This is going to change the face of disaster recovery planning," said John Webster, an analyst with Nashua, NH-based Illuminata, Inc. In the wake of the Sept. 11 terrorist attacks, said Webster, "people will need to take a much closer look at security if they haven't already done so -- it goes way beyond the Internet and worms and links into the bigger issue of national security."
Of course, IT security had been on the minds of executives even before Sept. 11, according to “Top Security Threats,” a survey of Fortune 1000 companies conducted annually by Pinkerton, the world’s leading security firm with U.S. headquarters in Chicago. Internet/intranet security, including threats posed by hacker’s viruses such as the “I Love You” Virus, placed second on the list of top executive concerns for the second year running. Don W. Walker, president of Pinkerton noted, “The potential for theft of trade secrets and customer information, damage to sensitive data and interruption of commerce presents unprecedented vulnerability to businesses."
Another hint of the attention being given to security: in 2000, the worldwide market for information security services grew to approximately $6.7 billion, according to a study released by Framingham, Mass.-based International Data Corp (IDC) only days after the terrorist attacks. By the end of 2005, IDC expects this market to more than triple to $21 billion at a compound annual growth rate of approximately 25.5% over the 2000 to 2005 period. "The growing corporate appetite for remote LAN, Internet, extranet/intranet, and wireless access services will drive the need for advanced information security services as technologies for circumventing network security systems continue to keep pace with the technologies designed to defend against them," said Allan Carey, senior analyst with IDC's Information Security Services research program. "The growth in this market will come from clients who recognize the value of engaging third-party service providers skilled at developing customized security strategies that solve real business problems," he said.
Arun Taneja, an analyst with Enterprise Storage Group, Inc., Milford, Mass., agrees that security is at the forefront of everyone's mind. "Who could have imagined this?", he asked, referring to the events of Sept. 11. "We will all move forward as Americans realizing that disasters really can happen and the world is not a safe place," he added. Unlike the extensive preparations that preceded Y2K, Taneja says, "this isn't just about someone's computer not starting in the morning -- this is preparedness forever."
But Taneja said there is certainly no magic bullet -- businesses and organizations will continue to make choices among a dazzling array of storage technologies and services to achieve their new, heightened security goals.
Taneja said that some vendors with specific recovery and backup offerings may gain more attention than others. For instance, he said, EMC Corp.'s SRDF/Data Mobility as well as offerings from Veritas Software Corporation, Legato Systems, Inc.,, NSI Software (Network Services, Inc.) and other smaller players are well positioned to deliver immediate improvements in security.
On the services side, Taneja said storage service providers (SSPs) are likely to get a second wind. "It may not change the fundamentals but it will give them a chance to modify their business plans and provide the kinds of services that people will be willing to pay for."
And, of course, giants in the industry like Comdisco, Inc.,, will continue to offer options. For instance, earlier this year, Comdisco announced a service, called Ground Zero that provides resources to customers to meet a range of urgent needs after a disaster, and offers the on-site support of Comdisco professionals with a broad range of disaster response and management expertise. Ground Zero also includes access to a Web-based virtual command center to track and manage resources. The second offering, Incident Command Services (ICS), helps companies develop proactive disaster response plans for all aspects of their business, so companies are better prepared to manage overall corporate risk.
“In the aftermath of a disaster, companies are trying to recover their operations, but they’re also scrambling to find resources, help employees and manage communications,” said John Jackson, president of Comdisco Availability Solutions.
Of course, some industries may move forward faster than others. Certainly, the financial community got the loudest wakeup call -- with some businesses virtually obliterated. Indeed, the situation has prompted formation of a coalition of storage vendors that are providing free 800 support to companies in need of data recovery assistance. The RecoverNYdata.com service is being made available to companies in the Manhattan area.
IDC's research indicates the financial services sector will continue to represent the single-largest source of information security services spending, growing from $848 million in 2000 to approximately $2.2 billion in 2005. Downtime equating to lost transactional revenue, the need to remain one step ahead of fraud, and government regulations are all factors contributing to the spending plans.
Meanwhile, Gartner, Inc., has posted an advisory, authored by analyst Frank Schlier, which warns that financial firms must now assume that "they are potential targets at all times." This fact will mean rethinking of all aspects of IT operations and storage management. For instance, the advisory noted that enterprises should do away with a random-event mentality and re-evaluate the cost vs. value of business continuity and disaster recovery. Similarly, financial firms should review the location and concentration of equipment AND personnel.
Indeed, argues Illuminata's Webster, it was the people side of the recent disasters that were the most at variance with planning scenarios. "In the future, these firms will have to think about expertise -- their people -- and how to protect them," said Webster. "Companies should also look at the distance between the primary site and backup sites -- and at how a remote copy process would work," he added.
Some ready resources exist for those evaluating -- or re-evaluating -- their security and backup and recovery procedures. For instance, Comdisco offers a free online assessment to help companies to track their preparedness and compare it to the findings from recent versions of the Vulnerability Index. The benchmarking tool may be accessed through Comdisco's Web site.
A wide range of other white papers, reports, and articles are available at Backup Central's Web site.
Will customers really take security to heart? Will they spend to ensure the sanctity of their data and the safety of their personnel? Yes, says Enterprise Storage Group's Taneja. "The storage industry is about to get a boost for all the wrong reasons," he said. "I can't imagine a vendor of these products or services not being able to at least get an appointment with an IT manager."
tidalwire.com |
