Security and compliance

Earlier this month, I wrote about how our friends over Network Instruments had started a blog. Their specialty is packet capturing and analysis, and their blog is starting to look pretty good.

A recent blog post highlighted security and compliance issues:

Only around 16% of respondents felt their current network tools were good enough to ensure compliance with government regulations, including SOX, HIPAA, or Basel II. 47% weren’t confident in the ability of their tools to ensure compliance, while an additional 37% were unsure.

40% of respondents felt they needed to improve their ability to track network security breaches. This compared to 12% who thought they were well prepared to track a security breach.

Nearly 30% of respondents felt they lacked the ability to enforce internal HR acceptable use policies on the network, while 49% thought they were well prepared or satisfied with their ability to monitor prohibited network use.

To provide a little context on the companies responding, 46% had 2000 or more network users, 39% had between 100 and 1,999 users, and 15% had fewer than 100 users on their network.

The survey results are interesting, although in order to provide clarity, a cross tabulation would be useful (in other words, size of company against the various survey metrics).

You can see the post here.