A few years back, most organisations big or small tended to adopt a reactive response to dealing with security breaches of their IT infrastructure. Today, IT security is an imperative in an organisation regardless of the size. Symantec’s Kevin Isaacs shares some insight on how to deliver security when budgets have been squeezed.
A few years back, most organisations big or small tended to adopt a reactive response to dealing with security breaches of their IT infrastructure. Today, IT security is an imperative in an organisation regardless of the size. Symantec’s Kevin Isaacs shares some insight on how to deliver security when budgets have been squeezed.
These are tough and nervous times for people and organisations alike around the globe. Countries from different parts of the world face huge economic uncertainty over the state of the economy, interest rates, employment, house prices and the price of crude oil. Organisations on the other hand also face the challenge of security threats – not only from terrorists, but also from the Internet, which is increasingly being used by organised crime to steal and trade in confidential information.
Aside from the threats and the global economic gloom, Syamntec’s Kevin Isaacs says people and organizations can be certain that there are also confronted with a number of certainties.
For one, Isaac believes the reliance on the Internet will grow by people and organisations , and the volume of data that has to be processed and stored will also continue to soar. Much of that data, says Isaac will need to be protected from prying eyes, either because it is confidential to the company, or because it relates to individuals whose privacy and financial details need to be protected.
Meanwhile, data no longer stays within the bounds of a well protected network. It is accessed via the Internet or carried out on mobile devices, or copied on to portable storage devices. The crisp boundaries of the corporate network have almost completely dissolved.
Isaac says as the task of protecting information has become harder, the penalties for mishandling data have also become more severe. In just the last year, the Information Commissioner and the Financial Services Authority in the UK have shown themselves willing to apply stiff fines where it thinks companies have neglected their duty of care. And at EU level, signs of much stronger legislation on the way to punish poor security practices are going to take effect sooner rather than later.
Issacs says organisations, whether private or public sector, are faced with a dilemma.
On the one hand, the economic situation is keeping a lid on their budgets. On the other hand, they cannot afford to risk a security breach with the danger of public shame, loss of business and big fines.
They have to find a way to do more with less money, and handle security and IT in a more efficient way. That means automating processes wherever possible, and rationalising systems that may have grown up over time in a random and ad hoc fashion.
But that kind of efficiency is hard to achieve when you have a range of point solutions that have been deployed at different times to tackle different problems. Even if they do a good job individually, they will struggle to work smoothly together and will be more complex to manage, and will require more intervention by IT administrators.
So, how should organisations go about implementing endpoint IT protection amid budget cuts? Isaacs shares some tips on how to deliver security when budgets are tight.
Best Practices
Endpoint Protection Platform: It makes more sense then to integrate security functions wherever possible under a single umbrella where they can work more efficiently together, and be managed from a single console. In 2007, the research company Gartner recognised the emergence of a new breed of software, which it called the Endpoint Protection Platform (EPP), and which delivers that more integrated approach. “The traditional point product antivirus, anti-spyware and personal firewall markets have been eclipsed by broader suites of related security technologies,” Gartner said.
It made the point that by bringing together multiple functions, EPP can achieve higher performance, a smaller footprint, ease of management, and of course fewer software licenses to manage. Furthermore, it can be extended to include network access control (NAC) and data protection technologies, such as data leakage prevention (DLP) and full-disk encryption. Some EPP suites will also replicate PC configuration life cycle management tasks, such as security configuration management, asset discovery, patching and software management.
The benefits, according to Gartner are clear: “By combining multiple co-related technologies into a single management framework, EPPs have the promise of increasing security while lowering complexity, cost and administrative overhead.” In other words, EPPs provide companies with the possibility of resolving their dilemma, by delivering better security at lower cost.
Integrated security systems: With a properly integrated system organisations have the comfort of knowing their systems and networks are safe, while at the same time saving money, and huge amounts of human effort, through the automation of repeatable IT processes. These processes could include endpoint lifecycle management tasks like hardware and software inventory, application metering, software delivery, patch management, OS deployment and migration, and remote management.
Uponor case study: Early adopters that have gone down the EPP route are already reporting huge benefits. For instance, take the case of Uponor, a supplier of plumbing and heating systems, that is based in Finland but with a global reach.
Having implemented a variety of security solutions for its laptops and servers over the years, it had been having trouble keeping all its security defences up to date. Now, by switching to an EPP suite, the Symantec Endpoint Protection (SEP 11) product, the company management says its systems are much better protected, and at a lower cost.
SEP 11: By integrating antivirus, antispyware, firewall, intrusion prevention, and device control, SEP 11 requires only a single agent that is managed from a single management console. That means a far reduced administration overhead, allowing Uponor to run with just three people worldwide—one in each key region—to administer its global security environment. Coupled with the savings it will make on multiple security software licences, Uponor expects to save several thousands of euros over the coming years.
Consider also the case of the ING Renault F1 racing team – a very different organisation, but with similar problems when it came to security.
End-point security had been a problem for the team with the wide number of device types it had deployed in both France and the UK. But, having adopted SEP 11, it now has seamless end-point protection and network access control with a single agent to protect its systems from compromise, downtime and theft.
According to the team’s IT manager Graeme Hackland, the personal firewall, host intrusion prevention, and NAC systems provide central management, and allow him to enforce policies easily.
“The solution maximises team-wide system protection by delivering centralised configuration, deployment, alerting, and logging of viruses and spyware,” Hackland says, “and this enables our administrators to manage the security of the network to determine which nodes are vulnerable to virus attacks. The administrator can ensure that mobile and remote systems connecting to corporate resources via VPN are compliant with security policies.”
It is clear, then, that automation of security processes can take away much of the risk and effort associated with the use of single point solutions. And by adopting an EPP suite, as identified by Gartner, organisations can not only rise to the challenge of securing their information systems, but can also do it without breaking the bank, concludes Isaacs.
