One of the dirty little secrets of IT security is that a lot of the security features that IT organizations have available to them are either not used or ratcheted down to the point where they might as well not have been there at all.
The reason this situation is so endemic across enterprise IT is simple. A great many of the security processes that should be running adversely affect the performance of the applications that run on the network. As a result, network managers routinely turn off security features in the name of application performance.
A new survey of 487 IT professionals that was conducted by Crossbeam, a provider of high-performance security gateways, finds that while 91 percent of the respondents were not only making tradeoffs between security and performance, a full 81 percent were actually disabling security features.
As Jim Freeze, Crossbeam vice president of marketing and business development notes, many IT organizations would like to save money by consolidating security appliances. But the more security features that are consolidated on the new security gateway, the greater the probability that device will have an adverse effect on performance. As a result, Freeze says that IT organizations need to be certain that next-generation security devices not only meet their application performance requirements for today, but also the performance levels those applications will require tomorrow.
Unfortunately, the survey finds that IT organizations have little faith in the performance metrics cited by security vendors, which means that before committing to their next security architecture, IT organizations need to do a lot of hands-on testing because performance mileage is definitely going to vary.
In the meantime, to paraphrase Ben Franklin, IT organizations would do well to remember that those who would sacrifice performance for security, generally wind up with neither.
While cyber crime continued to dominate headlines and wreak havoc on organizations of all sizes across nearly every industry in the first half of 2014, it's refreshing to note law enforcement also stepped it up. ... More >>
The patches released by Microsoft for the August Patch Tuesday include nine bulletins (two critical and seven important) and cover 38 CVEs. ... More >>
Here are five steps organizations and individual users should take now to protect their most sensitive password-protected information. ... More >>