Survey: SOA Security a Growing Concern for IT Execs

More than half of IT professionals say they have deferred or slowed SOA or web services adoption due to security concerns. Many wants vendors and services firms to improve SOA security solutions. The global study was released at Computer Associates' CA World in mid-November in Las Vegas.

Tags: Security, Web Services, SOA, Applications, Management, Respondents, Externally-facing,


More than half of IT professionals say they have deferred or slowed their adoption of SOA or web services due to security concerns. Many wants vendors and services firms to improve SOA security solutions. The global study was released at Computer Associates' CA World in mid-November in Las Vegas.

The survey found 57% said they have deferred or slowed adoption of some SOA and web services because of security-related concerns, according to the survey. Moreover, 43% of senior IT executives view security threats as "the most important issue" in the implementation of SOA and Web services-based applications.

Why is there a mounting concern over SOA security? Respondents in the study said they experiencing an average of seven XML-targeted attacks against externally facing SOA or Web services applications in the past year.

Other notable findings from the global survey:
  • 93% of respondents said they believe integrating SOA and Web services security systems with their identity and access management solutions is "critical."
  • 43% of IT executives have installed identity management or access management for their SOA projects.
  • 75% of respondents said they had externally-facing web services.
  • 68% of respondents said they had external SOA-based applications.


  • "The state of SOA and Web services security is similar to what we saw with Web sites and portals about 10 years ago. As organizations rolled out Web applications, best practice security management approaches had not yet been resolved and security became a significant challenge," said Lina Liberti, vice president for CA Security Management, in a statement.

    "Web services and SOA applications have experienced those same security issues, but we believe the best practice approaches implemented for Web applications apply to these application architectures as well," Liberti added.

    The CA-sponsored study surveyed nearly 555 IT directors or above about SOA and Web services deployments. Respondents came from North America, Europe, Asia Pacific and Central and South America.



    back