According to IDC, compliance drives investment priorities in 2011 while financial companies will grow their compliance investments up to 15-20% of their IT budgets

Budapest, Hungary – May 9th 2011
IDC EMEA Headquarters, London, May 9th 2011

In its recent White Paper titled “Compliance is More Than Just Cost: Creating Value Beyond Compliance” (#IDCWP05T) published in February, 2011 and sponsored by Balabit, IDC, a leading provider of global IT research and advice firm, highlights that compliance investments, which are basically treated only as a spending to align with compulsory regulations, when extended to all processes including privileged and super users, can build trust and competitive advantage for the organizations. Not only banks, but all companies with complex IT systems must implement advanced controls to comply with regulations. Organizations and IT experts should look beyond the pressure for compliance and create added value by extending the existing investments with an activity and access management tool. Well-managed IT will contribute greatly to improve organizations margins, quality, reputation, attractiveness, brand, and global results.

According to IDC, 2011 will see a return to growth for IT investment strategies in EMEA banking after two years of regressive or flat spend. This market has multiple growth drivers, but the key component is the sheer volume of new regulations that are being added by local and regional oversight organizations that compound an already highly regulated industry. On average, European banks spend around 10% of their IT budget on compliance. In 2011, IDC expects this to increase to 15% to 20%, depending on the size of the organization.

”Compliance is a new task for many IT directors and Internal Security Experts. It calls for specific budgets and investments. Handling compliance efforts as an investment and utilizing them in value creation will become a new field in marketing competition. Organization must find a way to create value while spending on a compulsory basis.” – said Eric Domage, European Security Research and Consulting Director at IDC.

IT pervasion has transformed PCs, networks and servers into production tools that contribute to the value chain of any product or service. Once an automation gadget or task-easing tool, IT is now a pure tangible asset, a major contributor to added value. Therefore tight and agile management of assets is critical to the global organization. Within less than a decade, IT administrators who were once low value support resources became key to the generation of value.

Organizations should focus on improving access control on both the network and application layers, and not only for IT privileged users, but in many cases for specific users such as IT supports, executives, private bank operators, who also have access to the increasing volumes of transactional and customer data. The White Paper enhances, that all users with specific rights should be managed with the same way or more granularly than system administrators.

Key benefits of controlling advanced users:
•   Fraud prevention and detection: log and event analysis tools can help to replay events and distribute liability over fraudulent internal IT operations.
•    Employee clearance: in case of any incident, event and logging tools will build the real history of the IT actions and clear those who behaved correctly.
•    Organizational transparency: tools can demonstrate and prove what the organization did in a critical situation and helps to prove the compliant behavior.

The IDC White Paper sponsored by Balabit is available at Balabit’s website:

About Balabit Shell Control Box Privileged IT User’s Monitoring Tool
Balabit IT Security – “the syslog company” – is aiming this promising market with Shell Control Box, an activity monitoring appliance for privileged access. Developed as the very first activity monitoring solution for privileged access in the global market, in cooperation with Sun Microsystems, Shell Control Box is one of the leading solutions worldwide. With Shell Control Box, Balabit offers the most comprehensive privileged access monitoring solution in the industry, helping customers to meet even the highest level of IT Security and compliance regulations.

About Balabit
Balabit IT Security is an innovative information security company, one of the global leaders in developing privileged activity monitoring, trusted logging and proxy-based gateway technologies to help customers be protected against insider and outsider threats and meet security and compliance regulations. As an active member of the open source community, we provide solutions to a uniquely wide range of both open source and proprietary platforms, even for the most complex and heterogeneous IT systems across physical, virtual and cloud environments.
Balabit is also known as “the syslog-ng company”, based on the company’s flagship product, the open source log server application, which is used by more than 650.000 customers worldwide and became the globally acknowledged de-facto industry standard.
Balabit, the second fastest-growing IT Security company in the Central European region concerning Deloitte Technology Fast 50 list, has local agencies in France, Germany, Italy, Russia and cooperates with partners worldwide. Our R&D and global support centers are located in Hungary, Europe.

For more information visit