Three-year wait for PC security to improve, says Gartner

It will be at least three years before PC security improves to any real extent, according to analyst house Gartner.

Until then IT departments will be playing catch-up, scrambling to deal with PC security vulnerabilities as they appear - a big problem when more than 60 per cent of business-critical information sits on the desktop.

Gartner research vice president Brian Gammage said: "We are playing catch-up. Is it going to get any better? Not really; not for the next three years. After that it will start to get better."

He said there are a number of improvements to security available or on the way, including technologies such as the Trusted Platform Module which can boost PC security by encrypting data. But this is not enabled when shipped, has little operating system support at the moment and, as a result, is ignored by most users.

But Gartner does not expect a significant change in the security model until the mature version of Longhorn is delivered.

Technologies such as Intel's IVT and AMD's Pacifica will create different levels of 'privilege' which will also help improve security. And Intel's LaGrande Technology - along with Microsoft's Next-Generation Secure Computing Base - will also go a long way towards tightening up the architecture, Gartner said.

Until better PC security is available, companies should attempt to standardise hardware and PC images, and lock down the systems as much as possible, Gartner said.

Speaking at Gartner's Midsize Enterprise Summit Gammage said: "If you haven't got your environment under control how can you know what the risks are?"

The analyst house also recommends the deployment of hardware security features as early as possible, even if the supporting software is not ready, as they can always be activated later.