ESG Research Finds Many Enterprise Messaging Channels Remain Unprotected.ESG ESG Enterprise Strategy Group (Veritas) ESG Emergency Shelter Grant (Florida, USA) ESG Expeditionary Strike Group ESG Electronic Service Guide (used in DVB) Report Concludes that Large Organizations Equate Messaging Security with E-mail, Leaving Other Messaging Channels Vulnerable to Security Breaches and Malicious Code Attacks Message Archiving See e-mail archiving. Also Lags Behind Enterprise Requirements MILFORD, Mass. -- The Enterprise Strategy Group (ESG), a leading information technology (IT) analyst firm focused on information storage, security, and management, today announced the availability of a new research report, Messaging Security: Beyond E-mail, a unique research study that examines the policies, procedures and technologies used by large organizations to safeguard messaging technologies such as e-mail, Web mail, instant messaging Exchanging text messages in real time between two or more people logged into a particular instant messaging (IM) service. Instant messaging is more interactive than e-mail because messages are sent immediately, whereas e-mail messages can be queued up in a mail server for seconds or (IM), mobile devices, and message archives. ESG undertook this research project to assess which messaging technologies were utilized by large organizations and how these messaging platforms are currently protected. The new report is based on a survey of 192 Information Security and IT professionals responsible for evaluating, purchasing, and operating messaging security technologies at North American North American named after North America. North American blastomycosis see North American blastomycosis. North American cattle tick see boophilusannulatus. private- and public-sector organizations. All respondent In Equity practice, the party who answers a bill or other proceeding in equity. The party against whom an appeal or motion, an application for a court order, is instituted and who is required to answer in order to protect his or her interests. organizations had at least 500 employees, with 53% having at least 5,000 employees. The report includes a number of consistent -- and worrisome -- conclusions. Chief among them, that large organizations myopically equate messaging security with e-mail applications only, while neglecting the security of other messaging technologies, such as Web mail, IM and mobile devices. This security deficiency exists in spite of the fact that survey respondents readily admit to the use of these technologies for business communications by a significant number of their employees. The lack of a comprehensive approach to messaging security is illustrated by the following findings: * Nearly all the messaging professionals surveyed could name their e-mail security provider while almost half could not name their primary vendor for instant messaging security. Nearly 30% of respondents had no IM security solution deployed at all. * The same type of gap is evident with regard to securing e-mail on mobile devices. While half of all organizations said that at least one-third of employees use mobile devices for messaging, nearly 60% of messaging professionals were not familiar with their organization's technologies and processes related to securing messaging on mobile devices. Almost one-third of organizations have no security tools or processes for mobile device messaging applications whatsoever. * Many organizations hire numerous employees whose sole responsibility is reading through e-mails to enforce corporate policies. This manual process is labor intensive Labor Intensive A process or industry that requires large amounts of human effort to produce goods. Notes: A good example is the hospitality industry (hotels, restaurants, etc), they are considered to be very people-oriented. See also: Capital Intensive, Trading Dollars and prone to user error or employee burn-out. In addition to these glaring glar·ing adj. 1. Shining intensely and blindingly: the glaring noonday sun. 2. Tastelessly showy or bright; garish. 3. lapses, ESG also found that message archiving is often mismanaged or completely absent, even in large organizations. Many organizations archive every e-mail message, but ignore IM and web-based e-mail See Internet e-mail service and HTML e-mail. messages. In spite of the value of archived messaging data, most organizations also don't encrypt See encryption. archived messages, creating yet another serious -- and unnecessary -- risk. "Security professionals often say that you can't safeguard your house by locking the doors and leaving the windows wide open," said Jon Oltsik, senior analyst at ESG and a co-author co·au·thor or co-au·thor n. A collaborating or joint author. tr.v. co·au·thored, co·au·thor·ing, co·au·thors To be a collaborating or joint author of: "He and a colleague . . . of this report. "While organizations are doing a reasonably good job at securing e-mail, the data paints a scary picture with respect to other extremely vulnerable messaging channels. I don't think that business executive realize that they are living with such a profound degree of risk." While this report presents a number of alarming data points on the state of enterprise messaging security, it also points to a tremendous opportunity for enterprise messaging security vendors. Oltsik comments: "The data indicates that the messaging security market is full of gaps and populated pop·u·late tr.v. pop·u·lat·ed, pop·u·lat·ing, pop·u·lates 1. To supply with inhabitants, as by colonization; people. 2. by point tools vendors. An enterprise player that aggregates messaging security functionality in an integrated well-managed platform could dominate this lucrative market." For more information about this report or ESG Research in general, please call 508-482-0188 or visit the ESG Web site at www.enterprisestrategygroup.com. About Enterprise Strategy Group Enterprise Strategy Group (ESG) is a leading information technology (IT) analyst firm focused on the information storage, information security, information management, and enterprise infrastructure markets. ESG provides strategic guidance and unmatched service to technology vendors, IT professionals, venture capitalists Venture Capitalist An investor who provides capital to either start-up ventures or support small companies who wish to expand but do not have access to public funding. Notes: Venture capitalists usually expect higher returns for the additional risks taken. , and institutional investors Institutional Investor A non-bank person or organization that trades securities in large enough share quantities or dollar amounts that they qualify for preferential treatment and lower commissions. . Clients engage ESG for a variety of services including expert industry analysis, strategic consulting, market research, and hands-on technology product testing and validation. For more information, please visit www.enterprisestrategygroup.com. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion