SearchITChannel.com recently surveyed more than 600 solution providers to find out what their spending priorities would be in 2009. Security solution providers indicated where they believe end users will be focusing their attention and budgets. We compared that to the results of a recent end user security survey focusing on endpoint security, network-based security and identity and access management.Security remains a crucial issue for today's enterprises. We compared the top IT priorities of solution providers with those of users across these three security technology areas: network-based security, identity and access management and endpoint security (see Figure 1). Solution providers correctly tracked user priorities for endpoint and ID and access management initiatives, but providers reported a significantly higher priority for network-based security technologies.
In the pre-assessment phase of network-based and endpoint security projects, solution providers reported that understanding the client's business goals, needs and budget constraints is the most important concern, followed by the need to understand the client's current security structure or its capabilities (see Figure 2). Solution providers must first recognize how a security technology fits into a customer's business and then see how it fits into the client's current environment. The top IT priorities are slightly different for identity and access management projects, with knowledge of the current security posture ranking most important, followed by consideration of the client's business goals and concern about recommending the proper ID and access management products.
During the deployment of security initiatives, solution providers that work with network-based and endpoint security technologies indicated that configuring or tuning new security products in a client's infrastructure was their biggest issue, followed by ensuring the interoperability or performance of the new security products (see Figure 3). In both cases, providers want to optimize the new security products and make sure they run properly.
While these two concerns reversed order for identity and access management projects by only a slim margin, providers also noted concerns about developing process or workflow changes for the client. This makes sense because of the way identity and access management control technologies change how clients work.
In the postdeployment phase of security initiative projects, solution providers worry most about handling unforeseen consequences or resolving collateral problems or issues (see Figure 4). Providers involved in network-based and endpoint security technologies are also concerned (in equal measure) about client dissatisfaction with the results and the difficulty of demonstrating improvements or savings to clients.
Since security projects rarely affect the user experience or save money, it's important to demonstrate a project's value by showing the client the security vulnerabilities it could avoid -- through tactics such as auditing or penetration testing. With identity and access management technologies, solution providers worry about documentation -- helping the client document and understand changes that identity and access management brings to a client's environment.Read the full text of this survey article on SearchITChannel.com.