SmallCapNews | Delivering security when budgets are tight

Search Site

Latest News

Features

Company Profiles

About

Advertise

Delivering security when budgets are tight

06 November 2008

Kevin Bailey, Director, Product Marketing, Symantec EMEA

We live in nervous times. We face huge economic uncertainty over the state of the economy, interest rates, employment, house prices and the price of oil. We also face the challenge of security threats – not only from terrorists, but also from the Internet, which is increasingly being used by organized crime to steal and trade in confidential information.

On the other hand, we are confronted with a number of certainties. Our reliance on the Internet will grow, and the volume of data we have to process and store will also continue to soar. Much of that data will need to be protected from prying eyes, either because it is confidential to the company, or because it relates to individuals whose privacy and financial details need to be protected.

Meanwhile, data no longer stays within the bounds of a well protected network. It is accessed via the Internet or carried out on mobile devices, or copied on to portable storage devices. The crisp boundaries of the corporate network have almost completely dissolved.

As the task of protecting information has become harder, the penalties for mishandling data have also become more severe. In just the last year, the Information Commissioner and the Financial Services Authority in the UK have shown themselves willing to apply stiff fines where it thinks companies have neglected their duty of care. And at EU level, we see signs of much stronger legislation on the way to punish poor security practices.

Organisations, whether private or public sector, are faced with a dilemma. On the one hand, the economic situation is keeping a lid on their budgets. On the other hand, they cannot afford to risk a security breach with the danger of public shame, loss of business and big fines.

They have to find a way to do more with less money, and handle security and IT in a more efficient way. That means automating processes wherever possible, and rationalizing systems that may have grown up over time in a random and ad hoc fashion.

But that kind of efficiency is hard to achieve when you have a range of point solutions that have been deployed at different times to tackle different problems. Even if they do a good job individually, they will struggle to work smoothly together and will be more complex to manage, and will require more intervention by IT administrators.

It makes more sense then to integrate security functions wherever possible under a single umbrella where they can work more efficiently together, and be managed from a single console.

In 2007, the research company Gartner recognized the emergence of a new breed of software, which it called the Endpoint Protection Platform (EPP), and which delivers that more integrated approach. “The traditional point product antivirus, anti-spyware and personal firewall markets have been eclipsed by broader suites of related security technologies,” Gartner said.

It made the point that by bringing together multiple functions, EPP can achieve higher performance, a smaller footprint, ease of management, and of course fewer software licences to manage. Furthermore, it can be extended to include network access control (NAC) and data protection technologies, such as data leakage prevention (DLP) and full-disk encryption. Some EPP suites will also replicate PC configuration life cycle management tasks, such as security configuration management, asset discovery, patching and software management.

The benefits, according to Gartner are clear: “By combining multiple co-related technologies into a single management framework, EPPs have the promise of increasing security while lowering complexity, cost and administrative overhead.” In other words, EPPs provide companies with the possibility of resolving their dilemma, by delivering better security at lower cost.

With a properly integrated system they have the comfort of knowing their systems and networks are safe, while at the same time saving money, and huge amounts of human effort, through the automation of repeatable IT processes. These processes could include endpoint lifecycle management tasks like hardware and software inventory, application metering, software delivery, patch management, OS deployment and migration, and remote management.

Early adopters that have gone down the EPP route are already reporting huge benefits. For instance, take the case of Uponor, a supplier of plumbing and heating systems, that is based in Finland but with a global reach.

Having implemented a variety of security solutions for its laptops and servers over the years, it had been having trouble keeping all its security defences up to date. Now, by switching to an EPP suite, the Symantec Endpoint Protection (SEP 11) product, the company management says its systems are much better protected, and at a lower cost.

By integrating antivirus, antispyware, firewall, intrusion prevention, and device control, SEP 11 requires only a single agent that is managed from a single management console. That means a far reduced administration overhead, allowing Uponor to run with just three people worldwide—one in each key region—to administer its global security environment. Coupled with the savings it will make on multiple security software licences, Uponor expects to save several thousands of euros over the coming years.

Consider also the case of the ING Renault F1 racing team – a very different organisation, but with similar problems when it came to security.

End-point security had been a problem for the team with the wide number of device types it had deployed in both France and the UK. But, having adopted SEP 11, it now has seamless end-point protection and network access control with a single agent to protect its systems from compromise, downtime and theft.

According to the team’s IT manager Graeme Hackland, the personal firewall, host intrusion prevention, and network access control systems provide central management, and allow him to enforce policies easily.

“The solution maximizes team-wide system protection by delivering centralized configuration, deployment, alerting, and logging of viruses and spyware,” he says, “and this enables our administrators to manage the security of the network to determine which nodes are vulnerable to virus attacks. The administrator can ensure that mobile and remote systems connecting to corporate resources via VPN are compliant with security policies.”

It is clear, then, that automation of security processes can take away much of the risk and effort associated with the use of single point solutions. And by adopting an EPP suite, as identified by Gartner, organisations can not only rise to the challenge of securing their information systems, but can also do it without breaking the bank.