As a marketer for a security software provider in this industry for a few years now, I’ve seen lots of FUD around preventing the next threat. Every vendor does it and every vendor tells you how their solution can help prevent XYZ from stealing your data or disrupting your business. In times like these where money is held a bit more closely to the vest, security is still an important part of the business strategy (arguably now even more important because there are more cybercriminals and insiders looking to profit off your misfortune – see, more FUD). However, organizations that want to remain competitive in today’s business environment really must look at security as more than just an IT function but as a valuable way to to reduce IT costs, improve operational processes and enable business to run more smoothly – all while maintaining a secure work environment.
I recently had the opportunity to sit down with Aberdeen Group’s IT Security Practice VP and Research Fellow, Derek Brink, who just wrapped up some research that shows the cost and performance advantages of “best-in-class” endpoint security and management. Technology and an “always-on” business environment has really brought to the forefront the emerging remote workforce. This ultimately means more software and hardware, i.e. laptops, smart phones, etc. that organizations can either turn a blind eye towards or bring under management.
Turning a blind eye obviously is fraught with great risk as end users are not security experts and will not follow policies if not enforced properly. But bringing the remote employee’s systems under management is not a trivial task and requires the right strategy and technologies to make it effective. This is where Derek Brink highlights some pretty cool research that highlights how “best-in-class” organizations (as defined by Aberdeen Group, top 20% of respondents) are making their security investment work a lot harder for them. The days where ROI was simply about being “more secure” no longer hold water in these economic times. This goes beyond just security… every organization is looking for ways to get more efficient in business processes and cost management. But what the Aberdeen report highlights is how organizations can achieve these two things by effectively managing and securing their endpoints.
Derek discusses the important first step of risk assessment, understanding the threats and vulnerabilities and appropriately prioritizing/managing them, then mapping what’s important to the organization into industry or government regulations as necessary. By starting with what is important to the business rather than what the business HAS to do from a regulatory compliance standpoint, organizations can achieve greater efficiencies and leverage their risk management strategies and controls to assure compliance where needed.
From here, organizations can look to leverage these policies and controls to improve operational efficiencies, reduce costs and enable business growth opportunities. So he’s saying it starts with risk management, gets into compliance, but ultimately yields “well managed” endpoints, which certainly aligns with every organization’s bottom line. What does this mean in terms of numbers? Well, in the Aberdeen research, there is almost an 11% difference in endpoint management costs between “best-in-class” and “laggard” organizations. Depending on the scale, this is beaucoup bucks.
Additional Resources:
Webcast: Best in Class Approach to Protecting and Managing Endpoints: How Do You Stack Up To Your Peers?
Audiocast: Reducing Your IT TCO with Effective Endpoint Security Management
