The potential damage to a company is so great that security best practices must be examined and a policy devised. How have enterprises attempted to establish consistent security frameworks and policies?

Key trends in 2006

"Enterprises/customers demand less complexity in security management and more value per unit price," said Arun Chandrasekaran, senior research analyst, ICT Practice, Frost & Sullivan Asia Pacific. "The expansion of corporate networks and increasing employee mobility has also created the need to secure multiple touch-points."

"Security risk management through a multivendor 'layered security' approach has been gaining ground in large enterprises," said Chandrasekaran. "Compliance guidelines, both [external] and internal, have begun to have a major impact on organizational security posture/framework and procurement decisions. Integrated security appliances and product suites continued to gain excellent adoption among SMBs in 2006."

Dixon Ho, CSO, Microsoft HK cited data privacy as a key driver: "With information becoming more and more valuable, there is a need for more comprehensive security controls for end-to-end protection of data," he said. "To increase the efficiency of data protection, we should combine security technologies, such as rights management or full drive encryption, and data protection policies to make sure that the data is well handled throughout the process from the moment it is created, to how it is consumed and in the end, destroyed."