Partager via


Security Poll: The "I need to" List

I've been running an informal poll since October 2005 targeted to IT pros and IT "generalists" asking them what their security "priorities" were. The reason I asked is because it helps my team focus on what security guidance content we build. Here's the results so far and please feel free to comment. Updated 2.20.06 with some additional items based on more email comments coming in:

1 I need a way to block spyware, malware, and malicious sites 16%
2 I need help understanding and dealing with the requirements that regulatory compliance places on my organization 15%
3 I need to be able to monitor the overall level of security of my environment and remediate any machines that are not up to security standards 13%
4 I need a good incident response process and tools so I can better deal with attacks 10%
5 I need a way to secure email and messaging from viruses and spam 7%
6 I need a way to automatically wall off untrusted or infected computers from the rest of the network 6%
7 I need to be able to easily provision new users, including account setup, group additions, and mailbox configuration 6%
8 I need to protect against internal threats, both inadvertent and deliberate 6%
9 I need to provide my partners with secure access to documents over the Internet 4%
10 I need to be able to provide my users a way to securely reset their own passwords to reduce Help Desk calls 4%
11 I need to secure my Exchange Server(s) 3%
12 I need to protect the confidentiality of email 3%
13 I need an easy way to configure all the components required for a remote access VPN to Windows RRAS server 2%
14 I need to configure the auditing of my users’ file access and alert me of unusual activity 2%
15 I need a way to support smart card logon for remote access VPN connections, and help on what hardware and software is required to make it work 1%
16 I need Windows Update/Microsoft Update to work for networks that use authenticating Web proxies 1%
17 I need to consolidate directories between multiple applications/environments 1%
18 I need a way to protect insiders from social engineering threats 1%
19 I need to secure SQL server(s) 1%
20 I need to secure laptops/mobile devices including pocket PCs and Smartphones 0%
21 I need to configure our WAPs to support WPA and to configure the required supporting network infrastructure 0%
22 I need to provide my users with the ability to manage their own distribution and security groups for communications and permissions 0%
23 I need to provide single-sign-on capabilities for my users across both Windows and Unix/Linux machines 0%