Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Identity & Access Management to Address Internal and External Security Threats: Frost & Sullivan

  • 27 June, 2006 11:17

<p>Confusion between the concepts of IT security and information security, and failure to adequately assess both internal and external threats, are compromising the security of Australian organisations according to a white paper recently published by Frost &amp; Sullivan. The paper, titled Managing the Information Security Risk From People, Both Internal and External, was written by James Turner, Industry Analyst – Security &amp; Services at Frost &amp; Sullivan.</p>
<p>“We really need to distinguish between IT security and information security,” said Turner. “Technology – the hardware and software – is the ‘how’, and information is the ‘what’. Technology is simply the tool we use to control, process and distribute the information.</p>
<p>“The risk in focusing exclusively on technology is that we fail to meet the needs of our ever-changing organisations. Nor do we effectively protect our organisations from ever-changing threats – both internal and external,” he said.</p>
<p>Turner says his company’s 2006 Australian Information Security Satisfaction Monitor (AISSM) found 35 percent of respondents reported that a legitimate network user had accessed information they should not have been permitted to view. Another 16 percent reported that a formerly legitimate network user had maliciously compromised data.</p>
<p>Looking at the external threat, Frost &amp; Sullivan’s Australian Information Security Satisfaction Monitor 2006 found that 22 percent of respondents reportedly had proof that a hacker had penetrated their network, and 36 percent had suspicions that a hacker had penetrated them.</p>
<p>Turner comments that no single security solution can address the range of threats from internal and external sources. He recommends that clearly defined processes are required to control access and activity on corporate networks. Many of these checks and processes can be automated through identity and access management tools – but it is the process that counts.</p>
<p>“We need the process defined and clearly understood before we start deploying the technology,” says Turner.</p>
<p>The need for authentication is growing as more organisations are linking their resources and supply chains are becoming supply webs – intricate and multi-layered relationships that run on trust. Without authentication an organisation cannot establish trusted identities, and without trusted identities it cannot effectively use technology to leverage the skills of its workforce and partners for growth and profit.</p>
<p>“That’s why we should not confuse information security with IT security,” said James Turner. “The data is generally of greater value than the infrastructure (the technology) that stores and manages it. And it is people – both within the organisation and externally – who are often overlooked as a threat to corporate information.”</p>
<p>The full text of the Frost &amp; Sullivan white paper can be downloaded from:</p>
<p>About RSA Security Inc.</p>
<p>RSA Security Inc. is the expert in protecting online identities and digital assets. The inventor of core security technologies for the Internet, the company leads the way in strong authentication and encryption, bringing trust to millions of user identities and the transactions that they perform. RSA Security's portfolio of award-winning identity and access management solutions helps businesses to establish who's who online – and what they can do.
With a strong reputation built on a 20-year history of ingenuity, leadership and proven technologies, we serve more than 20,000 customers around the globe and interoperate with over 1,000 technology and integration partners. For more information, please visit</p>
<p>About Frost &amp; Sullivan</p>
<p>Frost &amp; Sullivan, a global growth consulting company, has been partnering with clients to support the development of innovative strategies for more than 40 years. The company’s industry expertise integrates growth consulting, growth partnership services and corporate management training to identify and develop opportunities. Frost &amp; Sullivan serves an extensive clientele that includes Global 1,000 companies, emerging companies, and the investment community, by providing comprehensive industry coverage that reflects a unique global perspective and combines ongoing analysis of markets, technologies, econometrics, and demographics. For more information, visit</p>
<p>Media Contact:</p>
<p>John Back
(02) 9212-3848</p>

Most Popular