Deloitte: Security executives making identity and access management tools top priority

by Editor 6/9/2010 11:39:00 AM
Deloitte has released the results of its 2010 security survey, entitled "The Faceless Threat," for which the consultancy's global financial services team surveyed senior information technology executives at more than 350 major financial institutions earlier this year.

The results show that senior security executives at the world's largest financial institutions are making investments in identity and access management tools their top security initiative this year. 44 percent of the executives surveyed cited this as their number one priority. 56 percent of the respondents said that their information security budget has increased.

Adel Melek, DTT Enterprise Risk Services, Global Financial Services Industry Leader, explained, "Institutions are far less confident that traditional controls will protect them, and with good reason. In the early days of information security, access control performed the function of a gatekeeper, essentially keeping the bad guys out. But it has now evolved far beyond that, especially in terms of more sophisticated levels of access, better access control reporting, and the ability to track what events took place, when, and by whom. Today, many organizations realize that simply entering a user ID and password is no longer adequate, especially for customers and business partners."

"Organizations are starting to recognize the importance of the information security function to business," he added. "The increasing sophistication of faceless threats, the change in the threat agents and players, and the decreasing level of competence required to pose a threat due to the availability of fraud tools on the Internet are all factors that have caused financial services organizations to evolve their security practices in many areas. The security environment is undergoing a metamorphosis."

Additional findings of the survey:

  • Data loss prevention has taken on greater urgency: Data loss is caused by an intended or unintended action on the part of an organization’s people. When asked to characterize their ability to thwart internal breaches, only 34 percent of respondents are “very confident”; however, that response rises to 56 percent when respondents are asked about their ability to thwart external breaches. Respondents indicate that, in addition to encryption, data loss prevention will be the most piloted technology in the next 12 months.
  • Regulatory compliance is a key priority for financial institutions: Financial institutions are clearly expecting more regulatory pressure. Respondents to the survey include regulatory and legislative compliance as one of their top five initiatives and are hiring more internal auditors to resolve internal and external audit findings in preparation.
  • Business alignment is still lacking: While 87 percent of respondents either have, or plan to have, a security strategy within the next 12 months, respondents reveal that security functions do not get input or involvement from the lines of business when the strategy is being developed; this indicates that strategy development tends to be driven by the security function rather than driven by business goals. Given this, as well as increased spending, the security function must now be prepared to demonstrate ROI to further cement this trend as well.
  • Insurers are ahead of banks in planning to tackle certain security initiatives: For the first time, Deloitte’s survey breaks out sector-based comparisons. While banks appear to have a stronger security posture than other financial services institutions, insurers are quickly catching up. Of key 2010 priorities, insurers have a bigger appetite for identity and access management (a priority by 51 percent of insurance organizations and only 44 percent of banks) and data loss prevention technologies (32 percent versus 25 percent).
  • For the first time, organizations appear eager to embrace emerging technologies to combat threats: Organizations are now proactively embracing new technologies as “early majority adopters,” where, in the past, they were content to be “late adopters.”
Digg It!DZone It!StumbleUponTechnoratiRedditDel.icio.usNewsVineFurlBlinkList

Wipro's eHelpline tool gets certified by Pink Elephant

by Editor 6/1/2010 4:04:00 PM
Wipro Infotech, the subsidiary of Wipro Ltd and IT services & business transformation leader in India and the Middle East, has announced that Pink Elephant has certified its eHelpline tool, an integrated ITSM solution offered as a suite of service management applications, which helps automate business workflow and integration to service desk applications.

With the certification, eHelpline version 3.0 becomes the first ITSM tool from the Asia-Pacific region to be successfully assessed for PINK Verify 3.1 for the 3 key processes Incident Management (IM), Problem Management (PM) and Change Management (CM) by the Pink Elephant corporation for its adherence to ITIL V3 standards, capabilities for its automation and documentation standards. eHelpline has also been successfully assessed for the Bronze level OGC SWIRL (Office of government of Commerce U.K) Certificate by APM Group. It is also among the first 5 ITSM products that are currently certified on the latest PINK Verify 3.1 toolset.

Pink Certification for eHelpline 3.0 means the tool is in compliance with all the ITIL V3 norms, methodologies and recommendations. eHelpline has also been assessed for capabilities on automation and user documentation for getting certified on OGC Swirl an ITIL body. With this prestigious certification, eHelpline 3.0 would be positioned along with the leading ITSM tools in the market.

“Over 150 customers are serviced by Wipro’s homegrown eHelpline tool. This is indeed an important milestone for us and reiterates our commitment to provide our customers IT best practices that are recognized globally,” said Mr. Ramkumar Balasubramanian, General Manager - Practice & Business Development, Manage IT, Wipro Infotech.

Pink Elephant is the world’s leading consulting and training provider in the IT Infrastructure Library (ITIL) best practices framework. It is recognized as an ITIL Licensed Software Assessor by the APM group. With more than a decade of experience in independent tool assessment, PinkVerify is the most mature and rigorous tool certification program in the world that objectively assesses a software tool’s enabling applications against the definitions and workflow requirements of the following ITSM processes.

Digg It!DZone It!StumbleUponTechnoratiRedditDel.icio.usNewsVineFurlBlinkList