One of the dirty little secrets of IT security is that a lot of the security features that IT organizations have available to them are either not used or ratcheted down to the point where they might as well not have been there at all.
The reason this situation is so endemic across enterprise IT is simple. A great many of the security processes that should be running adversely affect the performance of the applications that run on the network. As a result, network managers routinely turn off security features in the name of application performance.
A new survey of 487 IT professionals that was conducted by Crossbeam, a provider of high-performance security gateways, finds that while 91 percent of the respondents were not only making tradeoffs between security and performance, a full 81 percent were actually disabling security features.
As Jim Freeze, Crossbeam vice president of marketing and business development notes, many IT organizations would like to save money by consolidating security appliances. But the more security features that are consolidated on the new security gateway, the greater the probability that device will have an adverse effect on performance. As a result, Freeze says that IT organizations need to be certain that next-generation security devices not only meet their application performance requirements for today, but also the performance levels those applications will require tomorrow.
Unfortunately, the survey finds that IT organizations have little faith in the performance metrics cited by security vendors, which means that before committing to their next security architecture, IT organizations need to do a lot of hands-on testing because performance mileage is definitely going to vary.
In the meantime, to paraphrase Ben Franklin, IT organizations would do well to remember that those who would sacrifice performance for security, generally wind up with neither.
Take a deeper look into the security of a number of the most popular programming languages, including .NET, Java, ColdFusion and ASP. ... More >>
You need it. They claim to have it. What questions should you be asking as you hunt for the "just right" vendor to help you defend against the most sophisticated and determined adversaries? ... More >>
One of the most dangerous IT security threats of all time emerged recently -- a bug called Heartbleed. Here are eight tips for keeping your data safe. ... More >>