Simplifying the vendor jumble

October 20, 2017 Emily Davidson

IT COMPLEXITY HAS NEVER BEEN MORE ACUTE.
Factors such as the cloud, mobility, virtualization, the Software Defined Data Center (SDDC), the Internet of Things (IoT) and Big Data are driving a new period of technology and business transformation. As a result, whole new business models are evolving. Who would have thought that one of the world’s biggest retailers (Alibaba) would have no inventory or the largest taxi service (Uber) would have no cars?

Technology is opening the door to new ways of doing business that adds convenience, efficiency and reduced cost.

But there is a dark side to this transformative period. As companies rush to deploy the latest and greatest tools, they end up with a plethora of technologies and systems that integrate poorly, if at all.

The resulting IT infrastructure would make a Rube Goldberg invention look simple in comparison. IT staff waste half their time jumping between multiple interfaces, writing scripts to move data from one system to another and troubleshooting endless compatibility issues.

While this may be viewed as merely inconvenient from an operational standpoint, it is a disaster waiting to happen on the security side. Companies, these days, typically have an endless catalog of point solutions to address every possible security category. They have several tools to deal with network security, firewalls, intrusion detection systems and intrusion prevention systems. They have another bag of tricks to deal with antivirus (AV), malware, ad blocking and spam. They have liberal sprinkling of endpoint security suites, encryption, public key infrastructure (PKI) products and analytics engines.

Those left with the job of overseeing an organization’s security face a Herculean task of sifting through thousands of event logs and alerts to isolate actual threats. Once they find something suspicious, they have to hop across half a dozen or more screens to determine if there is an actual threat.

THIS MIGHT HAVE BEEN WORKABLE TEN YEARS AGO, BUT IN THE THREAT LANDSCAPE OF 2016, IT IS A RECIPE FOR DATA BREACH HEADLINES.

After all, the speed with which the bad guys can infiltrate, compromise information and disappear, is such that rapid detection and remedial action is a must.

This new world of threats calls for a change of the approach. The days of best-of-breed point products are now coming to an end as the liabilities of this haphazard security frontier are continually being exposed to the glare of adverse publicity and an erosion of customer trust.

A NEW ERA OF SECURITY CONSOLIDATION

We are entering a new era of consolidation as the solution to ongoing security chaos. Selecting one security vendor capable of effectively handling all zones of information protection leads to benefits such as:

  • A rapid ROI from cost/time savings
  • The elimination of security complexity
  • The ability to respond to, and neutralize threats in real time before serious damage takes place

ON THE FINANCIAL FRONT, THOSE ORGANIZATIONS THAT HAVE TRANSITIONED TO HAVING ONLY ONE TRUSTED SECURITY PARTNER HAVE REALIZED MAJOR SAVINGS...

By no longer having to install, operate, integrate and manage multiple disparate security systems. Having one comprehensive and fully integrated security suite that reaches from one end of the enterprise to the other, means fewer employee hours spent on fewer tasks, freeing up time for IT to invest in strategic projects.

The ROI from this transformation is rapid and manifests in many ways: Speedier time to launch, increased buying power, economies of scale by dealing with one source, simplified personnel training on security systems and an end to vendor finger pointing-are a few of the advantages.

When security specialists are no longer bogged down by the complexity, and tedium of managing multiple tools, they have the time and ability to get a holistic view of the entire enterprise threat landscape.

This enables them to isolate potential threats long before they breach the defenses and take action to keep the enterprise secure in an ever more dangerous environment. The value to the organization of this transition in security perspective is immense. Consider that the Verizon 2015 Data Breach Investigations Report found that 80,000 security incidents were reported in one year out of only 70 large organizations surveyed. While IT dealt with the bulk of these encroachments, more than 2,000 serious security breaches occurred.

This is particularly disturbing in view of the fact that these companies were already heavily invested in the latest security technologies.

The cost of each serious breach reached into the millions of dollars in some cases either from theft, damage to corporate image, bad press, customer churn and stock price drops.

At the end of the day, it’s up to the IT team to design a holistic security stance that’s well prepared for modern threats. To decide if a consolidated strategy is for you, you must gauge your risk by discovering how many point products you actually use, and the cost of the IT team’s time maintaining them. Then, add the cost of downtime and decide – is it worth the risk?

To dive deeper into the benfits of security consolidation, view Sophos’ Synchronized Security: A Revolution in Protection.

Previous Article
A new platform brings new risks
A new platform brings new risks

Next Article
The Story of ADWIND MAAS
The Story of ADWIND MAAS