Outsourced security services will jump in the next five years as companies use more outsourced applications, according to a report released today by Gartner Inc.
The research firm said outsourced services this year account for 20% of revenue in the messaging security market, such as antimalware and antispam services for email and instant messaging, but will jump to 60% by 2013.
With on-demand services such as Salesforce.com and Google Apps, mobile employees are bypassing the corporate network to access business data, which increases the need for companies to put security controls between those users and outsourced services, Gartner said.
"Although perimeter security controls will be required to protect the remaining data center functions and the large portions of enterprise populations that are not mobile, new approaches will be needed to secure cloud-based IT services," John Pescatore, vice president and distinguished analyst at Gartner said in a statement.
"One answer will be cloud-enabled security 'proxies' whereby all access to approved cloud-based IT services will be required to flow through cloud-based security services that enforce authentication, data loss prevention, intrusion prevention, network access control, vulnerability management and so on," he said.
According to Gartner's report, cloud computing will allow enterprises to obtain security services such as distributed denial-of-service attack (DDoS) protection without huge capital investments. Enterprises could use on-demand security services to respond to specific situations, such as detecting botnets or filtering network traffic for a targeted threat.
Managed security services to climb as IT costs rise: The market for managed security services is expected to grow significantly, led by messaging security software, Web gateways and security intelligence products.
Could managed security services cause data woes? In this podcast, SearchSecurity.com editors discuss managed security services, the increase of SQL injection attacks and whether secure software coding is improving.
On the flip side, outsourced computing services will make enterprises vulnerable to some security risks, the report notes.
"Inexpensive, cloud-based processing will make it easier and cheaper to break encryption keys or find vulnerabilities in software, and financially motivated criminals will certainly seek to take advantage of that," Pescatore said. "Enterprises will need to prioritize the adoption of encryption technologies that provide easy movement to longer keys."
A growing number of companies are looking to outsourced security services, particularly as budgets tighten with the economic downturn. Several companies offer on-demand security services, including Qualys Inc., Alert Logic Inc., Panda Security and Webroot Software Inc. IBM offers an on-demand version of its AppScan Enterprise Edition, and Hewlett-Packard Co. now offers an on-demand version of its Assessment Management Platform.