The Web    Google
Corporate Data Leaks Spur Interest in Storage Security

Corporate Data Leaks Spur Interest in Storage Security
April 21, 2005

Recent data security breaches like the loss of backup tapes at Bank of America and Ameritrade are boosting the fortunes of storage security vendors such as NeoScale Systems, Decru, Vormetric and Kasten Chase.

''These public events of private data being compromised have increased the number of inquiries,'' says Tom Grubb, vice president of marketing at Santa Clara, Calif.-based Vormetric. ''In particular, we're seeing a lot of interest from financial institutions.''

''The recent breaches have been a point of crystallization for many organizations to escalate or speed approval for security projects,'' agrees Michele Borovac, director of marketing at Redwood City, Calif.-based Decru.

But it's not just outraged consumers and politicians driving storage security interest, vendors and analysts say. The need to secure storage under regulations such as HIPAA are also boosting sales.

''Over the past six months, we've seen a surge of interest in storage security solutions driven by the need for regulatory compliance,'' says Barbara Nelson, chairman and CEO of Milpitas, Calif.-based NeoScale.

Jon Oltsik, senior analyst at Enterprise Strategy Group, concurs that storage security vendors are gaining momentum. He believes the Bank of America tape loss in February gave the vendors a high-profile breach that will bolster sales and marketing efforts. Oltsik hopes that the recent attention to storage security will finally give IT users the chance to obtain much-needed funding for security products.

''I can assure you that security professionals have been screaming about these kind of vulnerabilities for years, and already recognize the value that these vendors bring,'' says Oltsik. ''Companies need to stop talking about security and start dedicating budget dollars to address this business risk.''

How Big Is The Market?

Getting an idea of the size of the storage security market and the scope of the recent upsurge is difficult, however. None of the vendors would disclose exact sales figures.

Vormetric talks about consistent quarter-over-quarter growth as measured by volume and scale of the sale. Decru cites a significant increase in the number of inbound calls, shorter sales cycles, and 70 percent to 100 percent quarter-over-quarter growth. NeoScale reports that it is about 20 percent ahead on inquiries and has a median sales cycle that is 20 percent shorter this quarter. Sales growth overall is said to be greater than 100 percent for the last three quarters.

What does this mean in dollar figures and market size? Unfortunately, no analyst firm tracks the storage security sector with the same degree of exactitude as, say, storage systems sales. Oltsik's best guest is that the entire storage security market is no more than $50 million. But that could be about to change, with many of the vendors now making bullish predictions. Prompted by recent data privacy scares, NeoScale projects the 2005 market will be at least ten times the size of the 2004 market. Now that's growth.

It seems then, that the early days of storage security evangelism may be over. By all indications, customers get it now, and many are seriously looking at how to adopt encryption and other technologies to safeguard their data.

''Customers now view encrypting sensitive data as inevitable,'' says Borovac. ''They know they need to do it, either for internal best practices, or because the regulations are moving strongly in that direction. Breaches like ChoicePoint and B of A provide justification for doing it more quickly.''

But there is still a gap between talking about storage security or testing products and companies actually purchasing the software or appliances in volume. Enterprise Strategy Group surveyed 388 storage professionals last year and found a surprisingly low number of people were securing their stored data. Only seven percent always encrypt backup tapes, and 60 percent don't encrypt backup tapes at all. Data encryption on disks, file systems, or databases is even rarer.

''While there are early adopters, most of the large financial services organizations are in RFP or pilot mode,'' says Borovac. ''Most of these organizations have started pilot projects for encryption so they can better understand how and where to deploy this technology.''

NeoScale's Nelson agrees that the finance sector has not yet taken the plunge. ''From our conversations with financial institutions, we believe that the percentage is very low today but rising,'' she says. ''Many of these customers are piloting storage security solutions, so we expect dramatic increases over the next year.''

This article was first published on To read the full article, click here.

  • AntiOnline Spotlight: Network Security Made Easy?
  • Netsky-D Ranked as High Risk
  • MS Patches 'Moderate' DirectX Flaw
  • New Alliance Opposes Anti-Piracy Mandates
  • 7/23: Psyme-AI Downloads, Executes Trojan
  • CERT Issues Warning for OpenSSH Flaw
  • House Panel OKs Anti-Spyware Bill
  • Making Outlook Less Insecure
  • 9/7: MyWife-C a Mass-Mailing Worm
  • 10/20: Mydoom-AA Worm Spreads Via Email
  • 8/6: Lovgate-F a Mass-Mailing Worm
  • Computer security background information