|
Advertise Contact SecurityWatch |
| Articles | Editorials | Reviews | News | InfoSec Directory | Releases | Submit PR |
|
GFI MailArchiver for Exchange - Easily archive Exchange Server mail & comply with Sarbanes Oxley - Free evaluation available. Network Security Software - Sponsored by GFI Network Security. 
|
Survey puts Ireland's level of IT Compliance / IT Governance at 10% Publication date: Friday, 27 May 2005 ROI on IT Assets should be justifiable Wednesday 26th May 2005, Dublin. iQuate today published the results of its first IT Compliance Study conducted in conjunction with The Business Software Alliance, which reveals that only 11 percent of the respondents (Organisations between 101 and 5000 employees) have proper IT Compliance practices and procedures in place. The remaining 89 percent do not have sufficient IT Compliance/IT Governance policies to properly manage risks and costs in their IT operations. This rate indicates the lack of understanding from organisations on the implications of non-compliance. The study was conducted with attendees at a series of recent seminars on IT risk management and IT compliance around Ireland, including a larger study at the recent ICT Expo event in Dublin. 300 companies completed the questionnaire in the study. iQuate is a local member of the BSA and is an indigenous Irish software company. iQuate specialise in IT asset management and corporate governance applications and services who have developed both a suite of audit control products as well as an in depth knowledge of IT compliance issues. 95 percent of the companies surveyed initially stated that they felt their companies had sufficient controls in place. But, when asked specific questions on risks relating to software licenses, media copyright infringement, corporate governance legislation and cost management , remarkably the results changed to show 85 percent of respondents felt that they did NOT have sufficient policies in place. Jason Keogh, founder of iQuate, an Irish IT Compliance and Asset Management software company commented : "In our experience whilst auditing company IT networks, we always find that companies have over licensed some applications, while under licensing others. Putting in place proper procedures supported by automated solutions can ensure that risks of prosecution by under licensing are removed and unnecessary costs related to over licensing are not incurred. As legislation relating to copyright and corporate governance becomes more onerous, it is good news that companies like iQuate can supply the expertise and tools needed to assist companies with compliance. It is an added bonus that when IT Governance procedures are put into place correctly, they increase productivity, decrease risks and reduce business cost. Organizations have to remember that prevention is not only better than the risk, it also leads to cost savings." In further research, out of the last 10 "IT Health Checks" which iQuate has performed on organisations who 'thought' they followed IT Compliance, the following issues were found: Where acceptable usage policies in relation to web/email usage exist, not all areas were sufficiently covered All of the networks had mp3 files on over 20% of machines, with an average of 200 mp3 music files on each of these machines. The average number of mp3 files in a 100 employee organization was 7,500. Movie/DVD "rip" files were found on 6 of the networks Proved that mp3 downloads were taking place on work PC's, during working hours in 3 companies which had website filtering in place, and strong firewall rule sets. - In 7 out of 10 cases, the worst offenders were among the IT support staff themselves, as they had the ability to circumvent the security measures put in place for the majority of staff. Proper IT Governance procedures lead to high levels of cost savings in IT Management. It is essential that companies realise that by adhering to IT Governance practices they not only safe guard their business against legal and regulatory risk, they can also save money in the process. Julian McMenamin, Chair, BSA Ireland said, “ the findings of this study emphasise our recent IDC findings which confirms that Ireland continues to have an unacceptably high piracy rate of 38%. We must continue to strive for good corporate governance in Irish business.” iQuate would recommend that companies adopt the following procedures: Directors need to ensure that the actions of their staff don’t inadvertently expose them or their company to legal and financial risk. Companies need to: Evaluate the level of personal and corporate risk they face in relation to activities of staff members within the organization. Evaluate how to reduce costs and increase revenues through better control of IT policies, procedures and infrastructure. It is essential to: Identify relevant risks Control and manage/mitigate these risks Lower IT costs and overheads Ensure adherence to legislation Increase productivity through IT Governance best practices Organisations can save money when purchasing or renewing software licenses With certain software inventory tools (such as iQNetScan from iQuate), IT Managers can be kept up to date daily on software installations and usage patterns in the organization. This means they have a clear view of what software exists on the network, who is using the various software applications and how often they are used. This information allows for informed business and financial decisions when purchasing and renewing licenses, rather than "ball-park" figures. Accurately purchasing and renewing software licenses, reduces risks related to under-purchasing and costs relating to over-purchasing. Machines which never run specific software applications, can be excluded from renewals, again reducing costs and saving money. With many software licenses costing hundreds (or thousands) of euro each, these savings quickly add up. Save time using automated solutions It is essential that networks are audited regularly to ensure that the costs of software licenses and the risks of under-licensing/software piracy are managed. The costs associated with manually auditing a computer network, with hundreds or even thousands of PCs, can be prohibitive. Time must be spent physically visiting each and every PC on the network, and this also causes disruption to each PC user as their machine is audited. This process can take anything from days to months to complete and is inherently flawed, as the information is out of date by the time the audit has been completed. Attributing a cost to this work is sometimes difficult to achieve. However, one thing is certain - the larger the number of users, the higher the cost in terms of staff hours and business interruption. Using an automated, clientless software tool to gather this information means the information can be updated accurately, daily. Furthermore, any changes to the network environment (for example if software is added or removed from machines) can be tracked, allowing for proper change management and faster problem resolution. * Eliminate problems caused by non-standard software Using iQuates' software auditing tools, software applications can be defined as "required" or "unwanted". IT staff can be automatically informed when unwanted software is found installed, or when required software has been removed. This reduces support costs, reduces risks which directors face in relation to prosecution due to staff members violating copyright legislation through using peer-to-peer tools to share music and video files and improves network standardization and security. About iQuate iQuate specialise IT asset management and corporate governance applications and services. It develops software tools for use in the areas of hardware and software inventory, software deployment, helpdesk and network monitoring. Its products provide IT managers with solutions that address and solve issues associated with corporate IT lifecycle. iQuate's customers span all areas of industry, from legal and financial institutions to government organisations, technology companies and SMB's who recognise the importance of implementing software asset management or have corporate governance requirements. For more information visit www.iquate.com About BSA The Business Software Alliance (www.bsa.org) is the foremost organization dedicated to promoting a safe and legal digital world. BSA is the voice of the world's commercial software industry and its hardware partners before governments and in the international marketplace. Its members represent one of the fastest growing industries in the world. BSA programs foster technology innovation through education and policy initiatives that promote copyright protection, cyber security, trade and e-commerce. 4D, Adobe, Apple, Autodesk, Avid, Bentley Systems, Borland, BVRP Software, Cadence Design Systems, Cisco Systems, CNC Software/Mastercam, Corel, Dell, Entrust, HiT Internet Technologies, HP, IBM, INSYSTEK, Intel, Intergraph, Internet Security Systems, iQuate, LMS International, Macromedia, McAfee, Magix, Mamut, Microsoft, Microstar, Monotype Imaging, Nemetschek, O&O Software, OWG, Panda Software, PTC, Realviz, RSA Security, SAP, SGS, SIA, Softline Pastel, SolidWorks, SP Grupo Sage, Staff & Line, Sybase, Symantec, UGS Corp., VERITAS Software, Visma, WRQ and Young Digital Poland. |
Monday, June 20, 2005 Network Security
Wireless Security
InfoSec Directory
 Press Releases
|
| Copyright © 2000 - 2005 eBCVG IT Security | Affiliates :: RSS feeds :: Privacy |