In recent years, tighter security budgets and macroeconomic headwinds have created a need to optimize security spend. In this fiscal environment, security teams find themselves being asked to identify areas in which spend can be optimized. In other words, where can the same or improved ends be achieved through reduced means?
One important part of this endeavor involves identifying areas in which a smaller number of platform-based solutions can replace a larger number of point solutions. These point solutions were most often acquired over time as the enterprise environment evolved, grew, and became increasingly cumbersome and complex. This resulted in a proliferation of point solutions that not only tie up monetary resources for license fees, they also tie up monetary and human resources to operate and maintain over time.
In most enterprises, there is room to optimize and improve. In this piece, I’d like to examine how consolidating multiple point solutions into a platform-based approach can bring operational efficiencies, budgetary savings, and improved security to enterprises. While there are likely many ways to analyze this topic, here are six points around this topic that enterprises should consider when thinking about moving towards a platform-based approach:
- Overcome Inertia: Over time, security teams have found themselves confronted with a changing enterprise environment. New environments popped up as market pressures and customer demands made them necessary for the business. Security teams were often forced to act in a reactive manner, implementing point solutions, leaning on custom code, and/or leveraging native capabilities (even if inadequate) in order to keep up. But just because things came together this way doesn’t mean that they have to continue like this. Now is a great time for the security team to take a step back, look at their requirements strategically, and work towards consolidation. Inertia should not be a justification for continuing in a less than ideal manner.
- Centralize Management: As point solutions proliferate, so does management of them. It can be hard for an outsider to fully understand and believe just how many different tools and interfaces the average security team needs to interact with on a regular basis. Never mind when an incident needs to be responded to or any type of change needs to be made – whether critical or routine. To think that this inefficiency doesn’t distract or otherwise negatively impact security team members, leading to oversights, errors, and loss of productivity would be naive. Centralizing management is one way in which enterprises can remove some of the obstacles that prevent security team members from delivering the highest level of security that they can to the enterprise.
- Simplify Operations and Maintenance: If only it were true that security solutions ran autonomously. Like any technology solution, they require patching, fixing, tuning, and various other types of care and feeding. All of this obviously carries a cost with it – not only for the technology resources themselves, but also for the staff required to carry out these activities and the training required to facilitate them doing so. A consolidation play reduces this burden – less training on fewer technologies along with less time invested in care and feeding. This doesn’t mean that security is sacrificed or that security organizations don’t continue to practice defense-in-depth. Quite the opposite – consolidation allows for optimizing the resources available towards the challenges at hand.
- Ease Recruiting and Retaining Talent: In the security field, we have been hearing about the talent shortage for quite some time. So why would we make recruiting and retaining talent harder on ourselves? When we require increasingly numerous sets of skills alongside increasingly stressful work environments, we are not helping ourselves. Eased recruiting and retention is another benefit of the consolidation play and a good reason for security teams to look at moving towards a platform-based approach.
- Facilitate Visibility: The greatest security strategy, processes, procedures, and talent won’t help if the team is flying blind. When telemetry data is absent from large portions of the environment, it makes securing that environment nearly impossible. As the number of security solutions increases, so does the complexity of ensuring that the telemetry data they collect and produce finds its way into the security workflow. The improved flow of telemetry data and the enhanced visibility it brings is a key win for security teams that comes out of a consolidation play.
- Improve Reporting and Metrics: Security teams will inevitably need to show their value to their stakeholders – whether business units, management, executives, and/or others. While building and maintaining relationships is important, reporting and metrics is still one of the primary ways in which security teams show their value on a regular basis. While reporting and metrics are a challenge for many security teams, an overabundance of tools and data sources certainly doesn’t help matters. Yet another benefit to the consolidation play is in reducing the complexity and difficulty in consistently and accurately obtaining the data required to produce solid reporting and metrics.
It certainly takes effort to step back from the day-to-day and think about strategic ways to improve the enterprise’s security posture. Consolidating from an overly burdensome number of point solutions to an easier to manage platform-based approach brings with it a number of benefits. This effort is a worthwhile investment, however, as it can bring operational efficiencies, budgetary savings, and improved security to enterprises.
Related: Consolidation vs. Optimization: Which Is More Cost-Effective for Improved Security?