I recently published Frost & Sullivan’s 2011 Analysis of the Mobile Endpoint Security Products Market - Tackling the Shift to Mobility with a Strong Endpoint Security Solution. The study is already available on Frost.com for our Information Security subscribers.

Smartphones, tablets, and other mobile devices are quickly replacing traditional laptops and desktops. As we continue to hear the terms bring your own device (BYOD), security and device management is becoming a crucial topic. With the proliferation of smartphones and tablets, the risk of losing corporate or personal data is heightened. The launch of the iPhone in 2008 drove the adoption and acceptance of smartphones in both the consumer and corporate segments of the market, so much that often times individuals use a single smartphone to conduct both business and personal matters. Frost & Sullivan estimates that in 2011, the global smartphone and tablet market reached 509.1 million units shipped and we expect growth in to continue. Specifically, we expect to see increased growth within the Android device market as they gain acceptance within the corporate market. In turn, this will ultimately create more security risks and headaches for IT administrators.

As this market continues to grow, hackers will continue efforts to target smartphones for theft of personal and/or corporate data. With increased demand for mobility, hackers now understand the vastness of the opportunity it presents, and as a result the threat landscape for mobile devices has rapidly evolved to create significant challenges for businesses implementing a mobile strategy.  As mobile computing continues to expand with the mobile workforce, cyber criminals will continue to place significant focus on this lowest hanging fruit because of its enormous profit potential.

With the global explosion of wireless devices, software developers have responded to market demands by creating a vast and growing number of business and productivity applications for the mobile workforce. Although this has been a positive development for mobile workers and their employers, organizations continue to struggle to centrally to manage application deployment and ensure that security protection on mobile devices can keep business critical data safe.

With the growth of smartphones and tablets, end users are extending their computer endpoints to these smaller personal devices. Endpoint security vendors are challenged to offer consumer mobile security solutions that provide the same level of protection as one would expect from a typical desktop or laptop computer. While mobile security offerings have evolved from simply protecting devices from anti-malware, protection from malicious applications has become a critical functionality and essential to any solution. As a result, many security companies are offering mobile anti-malware solutions in conjunction with application scanning and protection of data on the device. For the enterprise, endpoint security companies are combining mobile device management solutions. Companies are going beyond just protecting the mobile device, but are now leveraging their capabilities to manage beyond the PC to manage iOS, Android, and Windows mobile devices.  

Refer to Frost & Sullivan’s annual global market study “Analysis of the Mobile Endpoint Security Products Market – Tackling the shift to mobility with a strong endpoint security solution” for more information regarding revenue growth, market trends, and competitive analysis.

Martha Gomez Vazquez is occasionally allowed out of her cube, but if not then she can be reached by e-mail martha.vazquez@frost.com

The demand for web security has increased over time due to the emergence of Web 2.0 threats. The use of these social networking sites continues to be widely more accepting to organizations as a means to boost business communication. Enterprises increasingly utilize social networking sites for marketing its products or services. While the use of all these networking sites is a great resource for organizations to use, there is a concern around the threats and risks involved in using them.

Cybercriminals have found ways through social networking sites to steal personal information from these websites. Social media sites are becoming the top vectors for stealing personal information from users and it’s only going to get worse over time. Cybercriminals are always looking for creative ways to steal user credentials and will use online forums to manipulate users to give send over personal data. So while the usages of these social networking sites are increasing, IT Administrators are under pressure to allow employees to utilize and access these websites. IT administrators are perplexed in finding the means to control the employees from compromising pertinent business and personal data. In addition, you add mobility and remote workers in the equation and you can see where administrators are even more perplexed to try to control mobile devices as well.

Last year when I was working on our Content Filtering research, I saw that many traditional web filtering vendors were looking at providing more granular control to social media sites. I continually heard the mantras around cloud security, social media control and integration- these key topics were the top discussions last year. I recently spoke with Websense and was very impressed with how they are tackling the social media issues that companies are encountering. Websense tackles the problems with a web social control solution that was launched in October 2011. Websense’s new features include more control over employee’s social media usage and bandwidth control.

As a leader in the web filtering market, Websense introduced new URL categories to be included into its web gateway solution therefore combining a more powerful solution that will enhance how employees utilize the web today. Websense can analyze and classify within these 5 new URL categories and can determine to allow access, quota or block:

New URL categories

• Dynamic DNS Category- These sites will mask their identity and use Dynamic DNS services and they can be associated with advanced persistent threats (APTs)
• Viral Video Category – sites that host rapidly popular videos
• Surveillance- Sites that enable real- time monitoring from network cameras, webcams and other video recording devices. Ex. Organizations can allow parents to view cameras set at the day care rather than block them all together
• Entertainment Video Category – sites that host videos for entertainment content
• Education Video Category – sites that hose academic or instructional videos

Websense’s new social web controls also offers organization more control over how employees can access a social media website such as Facebook, LinkedIn, Twitter or YouTube. The organization can allow an employee to access the site- read comments, but not post anything. The features can also help monitor and control what is being accessed by the employee. Social web controls includes 30 unique controls with 11 dedicated just for Facebook. Since Facebook is constantly changing, Websense offers organizations to block and make granular changes in real- time. Websense can look within a script and offer parts to block and keep open. Doing real- time analysis within a script has differentiated Websense from other web filtering vendors offering social networking sites. Websense continues to work diligently in improving its social networking controls. Recently the company partnered with Facebook to help protect users against clicking on any bad URL links which can lead to malware. The threat landscape quickly changes every day and I believe Websense has what it takes to help organizations enjoy a safe social networking experience.

Martha Gomez Vazquez is occasionally allowed out of her cube, but if not then she can be reached by e-mail martha.vazquez@frost.com

Endpoint security is a market that continues to be competitive despite the perception of endpoint security products as a commodity product for enterprises. While endpoint security has become a necessity for businesses, endpoint security vendors struggle to offer competitive pricing models while staying ahead of the newest and most advanced threats and adding new features. In today’s threat landscape, businesses are looking beyond the capabilities of just an anti- virus product, but are looking for solutions that provide an in-depth capability to protect again the newest threats. In recent years, we have also witnessed the demand for better management capabilities with in depth analytic capabilities. This is a broad list of requirements and when I received a briefing from Sourcefire, a well known IPS vendor, around their just released FireAMP™ endpoint security product, I was a little skeptical. At the end of the briefing – I realized that Sourcefire really might be on to something. While not a replacement for anti-virus, FireAMP might just be the missing layer of defense for the modern enterprise.

Sourcefire’s FireAMP is a malware discovery and analysis solution that utilizes big data analytics to identify advanced malware threats. FireAMP is designed to work hand in hand with other malware products and offers an additional layer of protection for enterprises. FireAMP will allow large enterprises to increase their visibility and control of advanced threats that are likely missed by other security solutions.

FireAMP is an extension of Sourcefire’s Agile Security vision. FireAMP utilizes five new capabilities:

• FireCLOUD – A cloud-based infrastructure which detects advanced threats by leveraging big data analytics to identify and score missed threats by other security solutions.
• File Trajectory – The ability to track and identify the pathway and entrance of the malware within an organization
• File Analysis – Utilizes Sourcefire Vulnerability Research team to collect security intelligence and determine to allow or block malware based on its behavior
• Outbreak Control – Automatically will block malware without requiring an update form the customers security vendor
• Cloud Recall–Continuous in-the-cloud analysis of historical file activity to discover and remediate threats that were previously missed

The basis for Sourcefire’s FireAMP is to create an in-depth security solution that can protect from malware that may not have been picked up by the enterprises’ current antivirus vendor. With threats spreading and becoming advanced so quickly, having one single endpoint security vendor is just not enough.   Organizations are still struggling with combating the spread of malware infections. SourceFire’s FireAMP is not intended to replace any antivirus vendor, but is expected to compliment the security solution. While I believe this is a great alternative for enterprises, I do think it may be challenging to convince an enterprise to invest in another endpoint solution. The advantage that Sourcefire has is its existing customer base. Sourcefire will be able to target its existing security customers and convince them to use this solution hand in hand with its IPS or its firewall solutions. FireAMP today only works with Windows and is a stand- alone management console, not yet integrated with Sourcefires’ other security solutions. Sourcefire plans to work on this integration and this will become a greater key value for FireAMP in the future.

Sourcefire FireAmp has some interesting aspects to its reporting capabilities. The level of visibility and control is very detailed. FireAMPs ability to provide an in depth tracking analysis helps determine what user became infected first and provides a pathway of infection. Threats are continuing to be getting worse and increasing every day. By now, we know they are not going away anytime soon. All in all, I believe FireAMP will work great for those organizations that need advanced protection and reporting customization.

I recently published Frost & Sullivan’s 2011 Analysis of the Managed Security Service Providers (MSSPs) Market: Experiencing Strong Growth during Economic Uncertainties. The study http://www.frost.com/prod/servlet/report-toc.pag?repid=NA04-01-00-00-00&ctxixpLink=FcmCtx5&ctxixpLabel=FcmCtx6 is already available on Frost.com for our Information Security subscribers. In 2010 and moving though 2011, the MSSP continues to experience strong growth. This can be attributed to organizations evaluating security service providers to deliver capabilities that augment their in- house experience and ability.

Despite healthy growth, the market continues to evolve and incumbent vendors are challenged by new players and increasing demands from customers. Alleviating some of these challenges has been witnessed by the consolidation of several MSSPs in the past few years. The latest MSSP acquisition was with Dell and SecureWorks in 2011. The move for IT companies to include managed security as a service into their portfolio is becoming more important as we also witnessed this with IBM and ISS, and HP with EDS. While managed security is becoming more important for IT companies to offer, MSSPs are also seeing this as a way to expand their capabilities and market growth.

In the past, businesses were skeptical of outsourcing their business and especially their security to another 3^rd party vendor, but today the MSSP model is becoming more accepted by small and large enterprises. There are many reasons why the MSSP model is becoming widely more accepted:

• The ability to maintain and manage a secure infrastructure is becoming more complex for business. Organizations are realizing that traditional security practices are not effective enough to prevent data breaches and other attacks.
• Maintaining compliance is a necessity for most businesses, but not its core focus. Bringing in a MSSP to help alleviate compliance needs helps businesses focus on other core competencies.
• Adopting an MSSP helps offset the costs associated with implementing new products and staffing
• The shortage of security expertise is helping to drive businesses to choose an MSSP. Organizations are finding that MSSPs are a viable alternative for businesses that have a shortage of in-house security expertise. As security becomes critical for businesses, the need to have that expertise for various solutions will continue to increase over time.

While there is a need for an MSSP, businesses may be reluctant to adopt such a model which include:

• Demonstrating to a business the true ROI for adopting an MSSP model
• Getting a business to accept outsourcing than keeping its security in-house

While growth in the MSSP market is favorable for MSSPS, MSSPs still face the daunting task of offering services that continue to increase in demand. Embracing and supporting emerging technologies is a challenge for vendors in the MSSP market. As outsourcing continues to increase and become more popular, businesses are demanding broader platforms/technology support and more flexibility from the vendors.

Along with offering emerging technologies, MSSPs face the challenge offering these services at the lowest possible price. Commoditization in the MSSP market makes differentiating between various MSSPs difficult for customers. Customers have difficulty understanding the benefits offered by selecting one provider over another and as a result MSSPs have seen a downward effect on pricing pressures.

All in all, due to the growth of the MSSP market, Frost & Sullivan expects to see more value added resellers (VARS) and other vendors entering this profitable market. VARs have the advantage of providing more focused, regionalized support to their customers. To succeed in the MSSP market, MSSPs will have to continue to diversify services, adding depth and various deployment options for customers while still providing a cost- effective price.

More additional information regarding revenue growth, market trends and competitive analysis check out Frost & Sullivan’s annual North America market study entitled Analysis of the Managed Security Service Providers Market – Experiencing Strong Growth during Economic Uncertainties

Martha Gomez Vazquez is occasionally allowed out of her cube, but if not then she can be reached by e-mail martha.vazquez@frost.com