Study: Biggest businesses rely more on service providers for messaging security

On-site protection remains important, finds IDC survey.

More and more large businesses are turning to a combination of message-security services and on-site security appliances to guard against malicious behavior carried out via e-mail and other messaging software, a recent IDC study says.

An increasing number of the biggest corporations use security services to clean spam out of their e-mail traffic before the messages ever reach corporate mail servers, according to an IDC report on messaging security.

These big businesses combine services with local security software and appliances that further lock down messages by employing data-loss prevention, encryption and tight policies on data access and use, the study says.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

More and more large businesses are turning to a combination of message-security services and on-site security appliances to guard against malicious behavior carried out via e-mail and other messaging software, a recent IDC study says.

An increasing number of the biggest corporations use security services to clean spam out of their e-mail traffic before the messages ever reach corporate mail servers, according to an IDC report on messaging security.

These big businesses combine services with local security software and appliances that further lock down messages by employing data-loss prevention, encryption and tight policies on data access and use, the study says.

IDC says that historically, small and midsize businesses flock to security services because they lack in-house expertise to do the job themselves, but that is shifting.

The study says that 38% of businesses with more than 10,000 employees responded that they use messaging-security services. That compares with 25% or fewer in three different size ranges of smaller businesses. The study surveyed 372 businesses

These services overall in combination with message-security appliances are making inroads against message-security software, IDC says. In 2006, more than 60% of message-security money was spent on software with the rest split between services and appliances. By 2011, that will shift so software and appliances are tied at about 35% each and services reaches about 29%.

The top five messaging security providers overall are Symantec, Trend Micro, McAfee, Message Labs and Microsoft. The study ranks the vendors in three subcategories, software, appliances and services. Symantec is the only vendor that ranks among the top five in all three subcategories, the survey says.

Business concerns about messaging security include spam, protecting intellectual property and complying with regulations set by government and industry groups. Automating security processes to keep up with regulators will be a major incentive for businesses to invest more in messaging security, IDC says.

The broadening of where employees work and how they connect to corporate networks will also drive deployment of more messaging security, IDC says. Increasing the number of network-access paths makes networks less secure and calls for more security tools.

As attackers learn more ways to embed malware within other software, a byproduct will be an increased need for heightened messaging security, IDC says.