IT Focus Area: security
July 19, 2021
Who Benefits Most From a Security Platform Approach?
Security that moves at the speed of digital transformation is a necessity, but it often comes with a price. Loss of visibility and control, increased complexity, and increased costs are symptoms that can affect environments using multiple security solutions. As attacks have increased, so have the available solutions designed to protect against them. Over time, organizations have found themselves adopting multiple solutions from multiple vendors to keep pace with rising threats.
Take a moment to be nostalgic about the good old days when a strong firewall and an anti-virus (AV) solution were all that you needed. Now shake it off and realize those days are long gone. And while it’s true that even the best next-generation firewall (NGFW) can’t do the job alone, it is possible to regain much of what was lost as additional protections were added.
The rise of the security platform
It’s always an arms race in security, whether it’s you versus attackers or security vendors competing against one another. Gaining market share is the goal for all businesses, including security vendors who develop solutions to answer top security challenges. These efforts have resulted in numerous best-of-breed products that are easy to adopt, but often don’t deliver the necessary integration with a multi-vendor security stack.
Managing multiple security solutions—especially those that don’t integrate well—can drain staff resources and strain staff skillsets. There’s also the cost of paying for multiple licensing structures. To meet these customer pain points and to gain a competitive edge in the market, security vendors are moving to an integrated security platform approach.
What is a security platform?
Defining what a security platform is can be a bit ambiguous. Each vendor skews the definition in favor of their specific platform. By definition, a security platform—also called a security fabric—provides a vendor-specific approach to security by bringing together multiple security functions and possibly third-party integrations into a single solution. Many vendors are now going to market with this concept, and it offers IT teams multiple benefits.
A security platform generally falls into one of three types:
- Focused on a solution set, such as NGFW or endpoint protection
- Based on a specific vendor’s portfolio of solutions
- Aligned around a SIEM or SOAR tool
The benefits of a security platform approach:
- Reduces security stack complexity and improves control and management
- Expands a minimal security footprint with less cost than single-point solutions
- Produces better visibility and context across an environment
- Limits exposure to threats and risk
- Improves detection and reduces time spent on threat hunting
- Provides more comprehensive protection against the threat landscape
Is adopting a security platform approach right for you?
SecOps and NetOps teams largely operate independently of each other. SecOps focuses primarily on endpoint protection, email, and firewall/IPS. NetOps builds out and manages the infrastructure. In today’s IT environment, these business units are more intertwined than ever before. With crossover technologies such as user and entity behavior analytics (UEBA) and micro-segmentation, these teams now rely heavily on each other to defend against threats.
The need to un-silo these business units for better cooperation is perhaps the strongest argument for a platform approach to security. Vendors with a more complete product portfolio have a strategic advantage as organizations consider moving to a fabric-based approach to security.
There is an argument to be made for relying on best-of-breed single-point solutions instead, but only for organizations that have the necessary security resources to purchase, operate and manage them. For all others—those short on staff, budget or time—a platform approach is a better fit.
Building toward a security platform architecture
How do you choose which security platform is right for your organization? Consider your current environment. What gaps do you have in your security footprint?
If you don’t know, this is a good time for an assessment so you can select the platform that is best suited to improve your security posture. There are hundreds of security vendors you could consider, but only a dozen or so offer good top-to-bottom security.
What to look for in a security platform
Before narrowing your vendor options, first determine the cornerstone for your platform. It could be your email, firewall or endpoint security solutions.
Once you’ve identified the type of security platform you are looking for and your foundational cornerstone, you can narrow your selection options by factoring in the scope of environments it can run on, its integration capabilities, and how it advances your workflows.
While it’s common for companies to look to industry reviews and ratings, such as Gartner Magic Quadrants, when selecting vendors for various security solutions, no single vendor is a leader in all security categories. Because of this, you will need to do your assessment across each vendor’s portfolio by aligning with your cornerstone solution.
Go beyond evaluating individual components to determine how well the portfolio integrates across solutions and with third-party products. Other criteria can include how well the portfolio enriches context, improves visibility, and provides automation capabilities.
When you consider a vendor’s current capabilities, do it with an eye toward their future strategies. It can help you gauge how well they will continue to align with your needs. Significant investments, acquisitions, R&D dollars spent, and product feature roadmaps also provide clues to their developing approach to the market.
From confusion to confidence
Reducing the complexity of your security stack can be achieved with a security platform approach, but selecting the right platform isn’t necessarily a simple, straightforward task. Investing in new technologies often comes with concerns about choosing the wrong solution.
Consider working with a technology integration partner to help you evaluate the various platforms. A strong security partner can provide insight into the strengths and weaknesses of each platform and how well each aligns with emerging security trends.
Along with solution evaluation, your security partner can also help you understand the available purchasing models, which can include subscription-based pricing and enterprise agreements (EAs). More vendors are also advocating the shift to an operating expense (OpEx) model to ease scalability and reduce purchase friction. The right partner will help you consider your organization’s growth trajectory and flexibility requirements in this process.
Your preferred security partner will align with you and your specific needs to help you differentiate the platforms, eliminate any hype, and focus on performance. This strong alliance results in a confident purchase and implementation that strengthens your organization’s overall security posture.