After working to link their systems more closely with those of their business partners, IBM customers now say they have heightened concerns about protecting sensitive data and resources from their partners.

Security surfaced as this year's major issue confronting members of Share, a large IBM user group, according to a soon-to-be released survey. The volunteer group, established in 1955, issues an annual survey to its roughly 2,000 members, who represent large companies and education institutions. Share then turns over the results to IBM to assist the company's product plans.

What's interesting is that security catapulted from the fifth major concern in 2000 to the top concern this year, replacing last year's major issue: Internet presence. E-commerce-related issues dropped to second in the 2001 survey.

"Someone might view this [year's survey] as a dramatic change of results, but it reflects what's going in general" with businesses, says Pam Taylor, Share's directory of industry relations. "E-commerce is opening up businesses electronically and there are a lot of issues businesses have to face, such as how to deploy their own sensitive data while protecting it and exchanging it with customers, suppliers and vendors."

Security is a given concern for any business, agrees Randy Mowen, director of data management and e-business architecture for Bekins, a moving and storage company. But security issues mostly center on cost, he says.

"There's no budget for [security] and it remains to be seen if there will be," Mowen says. Businesses budget enough for dedicated security resources, but things can get dicey when it comes to unplanned security-related purchases in response to new threats, he says.

Another large IBM user, the Honeywell Aerospace Division, is tackling security by organizing staffers to ensure authorization, authentication and auditing is happening throughout the unit, no matter where data resides.

"You have to make sure [data] that is secured in one environment will be secured when it's moved someplace else," says Dave Kulakowski, application development manager who is a member of Honeywell's security group. Businesses need to be more rigorous around security, he says. Specifically, this means ensuring that the person they want to talk to is really that person; the document that was moved was approved; and if anything went awry, what exactly happened.

Kulakowski says security concerns are underscored when dealing with governments, where you need to balance international partnerships while not compromising a business' internal policy.

Share's Taylor says this year's findings point out that application development and deployment are "high on the minds" of IS and network executives. IBM customers are struggling with whether to build or buy their applications, as well as outsourcing them. "[Technology] has become a business decision - why might they buy and deploy applications internally," she says.

Other concerns confronting Big Blue customers include training and retention; shortage of IT professionals; complying with regulatory privacy requirements; and managing the growth of software maintenance and infrastructure costs.