Purchasing the best-of-breed solutions in each security category has left many IT teams managing disparate tools. Now, IT managers feel more like they are managing a zoo, than a well connected security posture.
Best-of-breed has been the mantra in IT security for many years
Find the best tool available for anti-virus (AV), go to another vendor who is said to have the best firewall, a completely different supplier for the number one Intrusion Protection System (IPS) and yet another source for the finest in encryption. On and on it goes as more layers of security are added.
The beleaguered IT manager living in the middle of this complexity and told to keep the enterprise secure has been handed a thankless task. As best-of-breed means that security information is stored in a series of separate siloes, the IT manager is forced to hop from screen to screen attempting to put out one fire after another. Not only is this time consuming, it is ultimately frustrating.
Even best-of-breed devotees have suffered embarrassing headlines
Organizations such as Target, the State of South Carolina and South Korea Banks & Broadcasters have lost countless customer identities and millions of dollars of business, as well as taking a pounding in the press as they failed to keep pace with the ever evolving threat landscape. These, and many other examples, expose the fatal flaw in a best-of-breed approach to security – it leaves gaping holes in your security posture.
Each best-of-breed component, or security point product like AV, anti-malware, IPS, firewalls, web gateway security, data protection, mobile security, analytics, endpoint protection, and compliance may do a good job many individually. But together, they represent no more than a disconnected jumble of largely ineffective measures. Like a collection of all-start athletes, these components may look impressive but they just don’t hold together as a team.
Some IT managers defend this approach by insisting they meet any and all compliance mandates. Others try to wrap themselves in a safety blanket of industry standards. But some of the largest breaches in history have taken place in organizations that were fully PCI compliant, met all other regulatory requirements, followed industry best practices and had vast security budgets at their disposal.
It’s time for a connected approach to security
What is needed is connected security composed of one integrated system that ties everything together to provide a holistic approach to enterprise security. Let’s review some of the benefits.
Take the case of alerting. Modern systems are constantly under attack and best-of-breed security point products do a fine job of detecting possible attempts to breach their defenses or execute suspicious code. But the problem is that they churn out alerts by the thousand every hour. IT managers struggle to identify serious security issues as they are buried under a mountain of relatively insignificant log items. A truly connected security suite, on the other hand, would curtail alerting volume. Instead of 20 systems each reporting the same item over and over, connected security generates one alert. This factor alone leads to a massive drop in the number of alerts. To really slice through the alerting confusion, though, it takes analytics.
The latest analytics software is a vital element in the modern security arsenal. It must be understood that the bad guys have gotten more organized and more technologically astute. It takes analytics to level the playing field. But once again, analytics can’t be implemented as a standalone technology. If you make the mistake of adopting a best-of-breed approach to analytics, you end up having to import data from the many other security siloes that are spread throughout the enterprise. This slows you down to the point where you can’t respond fast enough to potential threats.
So an integrated security package is the way forward in today’s sophisticated security landscape. Be aware, however, that many vendors argue that they provide one integrated package, including analytics, and that they indeed offer connected security. But how did they assemble this collection of security tools? In almost all cases, it has been through acquisition. They bought up one best-of-breed tool after another and cobbled them together as their best effort to lessen the security confusion. The results are there to be seen in the latest hacker heist headlines.
Intel Security offers a truly connected security architecture
Only in the presence of a truly connected security suite can operational simplicity reign. Consolidating consoles into a single endpoint management environment makes for less security point product agents and easier policy management for administrative staff. Changes can all be made in one place and easily allow a small number to manage massive environments. Agent reduction creates a model that’s easier to deploy, reduces the host footprint and considerably shortens the time to manage security events.
Intel Security’s Reference Architecture provides a concrete path from ideas to implementation. Use it to adapt the Security Connected concepts to your unique risks, infrastructure, and business objectives. Solution guides outline broad security challenges and best practice considerations. Technology blueprints provide a deeper dive into the Intel Security solution, detailing product functionality and additional technical considerations.
An interesting side benefit to implementing connected security is costs. Fewer security point product agents, vendor consolidation, and the elimination of dedicated hardware and appliances bring about a drastic drop in costs – perhaps as much as 50% by adopting the Intel Security’s Security Connected Architecture.
Steps to take:
1. Our security experts designed a tool to help you find out how many security tools you’re actually using, and get immediate recommendations based on your results. Assess your risk level right now.
2. Add up the actual price tag for all the hardware, software licensing, cloud, and other security products and services you have running right now that are NOT keeping your organization as secure as it has to be
3. Visit our Security Connected page to learn more about Intel Security’s solution, our dedicated resources, and how we will help you find a better solution for your security posture.