Twenty-Five Percent of ASPs Have Sub-Par Security, IDC Survey Reveals

FRAMINGHAM, MA – FEBRUARY 26, 2002 – A recent IDC survey of 50 ASPs indicated that approximately 25% had sub-standard security, lacking fundamentals such as user authentication, virus protection, network security and firewall services. These are integral elements of a security plan and quite necessary to be considered a player in the market. Although the majority of respondents seem to have the basics down, there are still ASPs offering customers access to applications in an unprotected environment. IDC considers this unacceptable and strongly recommends that ASPs do not enter the market unprepared. A breach in security is highly visible and will set back the industry as a whole.


"Businesses understand that a breach in security could result in severe financial losses, never mind the damage to the company's reputation," said Jessica Goepfert, program manger with IDC's ASP and Application Management Services research program. "It's up to the ASP to stay on top of these security systems in order to simply stay in the game."

The current ASP market is crowded and undergoing healthy consolidation – while still welcoming new entrants. As evidenced in IDC's survey data, these ASPs are at different points in their life cycle and may each take unique approaches to attack the market opportunity. Despite these disparities, they must all understand that security is essential to winning new customers and propelling mainstream adoption.

IDC believes that in order for ASP adoption to accelerate, vendors must continue to educate the market about their security precautions and convince prospects that they can better protect the application environment than an internally deployed system.

"High-end ASPs that are rolling out enhanced security services are setting a strong example and new entrants would be well served to observe," said Goepfert. "In fact, in recent months IDC has witnessed announcements from leading ASPs that demonstrate this trend and commitment to providing state-of- the-art security services."

To purchase this document, Delivering Software as a Service, Delivering a Sense of Security (IDC #26445) call IDC's volume sales hotline at 508-988-7988 or email

For more information about IDC's ASP and Application Management Services research program, contact Jill Toole at

About IDC

IDC is the foremost global market intelligence and advisory firm helping clients gain insight into technology and ebusiness trends to develop sound business strategies. Using a combination of rigorous primary research, in- depth analysis, and client interaction, IDC forecasts worldwide markets and trends to deliver dependable service and client advice. More than 700 analysts in 43 countries provide global research with local content. IDC's customers comprise the world's leading IT suppliers, IT organizations, ebusiness companies, and the financial community. Additional information can be found at

IDC is a division of IDG, the world's leading IT media, research and exposition company.

All product and company names may be trademarks or registered trademarks of their respective holders.