Channel Insider content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Recent reports from three different vendors suggest that IT security is
still a major stumbling block for many organizations, and failure to properly
address concerns and educate employees and executives could stifle business
innovation, lead to data loss or theft and identity theft, and increase
vulnerability to spam attacks.

While this is certainly bad news for end-user organizations, it presents
opportunities for solution providers. Helping customers become better educated
and address IT security issues can then open new opportunities to strengthen
customers’ IT security infrastructure and generate ongoing revenue streams.

Lester Keizer, CEO of Connecting Point, a
Las Vegas solution provider, says
these issues continue to be a concern, even as technology becomes more adept at
keeping threats at bay.

"It’s a constant problem—you’re always trying to plug holes in the dam.
But just when you’ve got one thing covered, you know, another new technology or
another vulnerability pops up," Keizer says.

Fear of these new vulnerabilities can stifle an organization’s pursuit of
new and innovative technologies, and hinder growth. In an IDC
report sponsored by RSA, the security
division of EMC,
more than 80 percent of the
200 surveyed executives admitted to having backed away from innovative business
opportunities because of security concerns. The majority of those executives
also felt that they were more "compliance-driven" when it came to
their organization’s security. Only 21 percent reported they had strategic,
proactive security policies that also nurtured innovation.

This is especially true at the lower end of the survey’s respondents,
midmarket companies with $500 million to $999 million in annual revenues. In
this segment, 75 percent of the respondents cited IT security as an issue, most
likely because of the pressure they feel to comply with increased regulation.

For solution providers, addressing customers’ security issues requires
striking a balance between helping ensure that employees and decision makers
can collaborate successfully and making sure that corporate and customer
privacy policies are enforced.

Most companies walking this fine line need strong, high-level authorization
and authentication, along with the ability to identify risks and analyze
possible violations before they occur. The growing popularity and influence of
social media only add to the complexity, since increased collaboration using
Web 2.0 tools increases the possibility and heightens the risk of data breaches
and policy violations.

Spammers, however, haven’t been as adverse to business innovation. Research
from Sophos on malware and spam showed an alarming rise in the proportion of
spam e-mails sent with malicious attachments between July and September 2008,
as well as an increase in spam attacks using social engineering techniques to
snare unsuspecting computer users.

In the third quarter of 2008, one in every 416 e-mails was spam, compared
with one in every 3,333 in the third quarter of 2007, according to Sophos. Much
of this increase can be attributed to several large-scale malware attacks made
by spammers during the period.