The IT Manager’s Dilemma
IT professionals are constantly making decisions regarding which security solutions they should purchase to protect their organizations. One of the most common dilemmas they face is whether to go with a consolidated, “Swiss army knife,” solution or choose a number of stand-alone, best-of-breed, products. A consolidated solution has clear advantages such as simpler integration, no interoperability risk, less expertise required to manage multiple siloed solutions and, usually, a lower TCO. However, there has always been the notion of a tradeoff between the benefits offered by a consolidated solution, and the superior security provided by best-of-breed products. Simply put, to gain the benefits of consolidation you have to lose some degree of security.
Is Best-of-Breed Really the Best?
In a survey conducted by Dimensional Research1 among global security leaders, 69% of the respondents agreed that vendor consolidating would lead to better security.
In a recent Gartner survey2, comparing a vendor consolidation strategy versus a best-of-breed approach to security solutions procurement, 41% of respondents stated that the primary benefit they’ve seen from consolidating their security solutions was an improvement in their organizational risk posture. It’s not that the other 59% didn’t view it as a benefit, they just didn’t see it as the primary one.
This might seem counter intuitive. Best-of-breed literally means getting the best product for each security category. Logically this should lead to the best overall security posture. So how have we arrived at a reality where a growing number of IT leaders believe that a consolidated whole is greater than the sum of its best-of-breed counterparts?
What Makes Consolidation More Secure?
There a several reasons why a consolidated solution leads to a better security posture:
When More Becomes Less. Deploying a large number of stand-alone solutions requires the IT team to have the necessary expertise to manage, capacity plan, monitor, an carry out software updates and security patching, for all those different products. The greater the number of products, the thinner the IT team is spread, increasing the risk of a device, service, or security policy misconfiguration and greater vulnerability. According to a survey conducted by IDC5, misconfiguration is the number one cause of cloud security breaches. More products mean more complexity and more room for error, ultimately leading to a less robust security posture.
Big Targets Are Easier to Hit. The greater the number of products, the greater the diversity of operating systems, OS versions, drivers, and third-party software. This directly translates into a greater accumulative attack surface and more opportunities for bad actors to breach your network and assets. As far as security is concerned, the more the scarier.
One for All. Separate stand-alone products typically require separate management systems, which can lead to security gaps caused by duplicate, and sometimes inconsistent, configurations of the different security engines. Single-pane-of-glass management promotes coherence and better visiblity, which contributes to improved protection.
All for One. A solution consisting of stand-alone products is typically stitched together via service chaining, in which the security engines process traffic one after the other. A truly consolidated solution leverages a single–pass architecture, in which, security engines process traffic in parallel with a unified single context. This facilitates one fully informed decision instead of a series of half-blind ones, and greatly enhances security coverage.
Simple is the New Black. When evaluating a solution, it is easy to get excited about all the bells and whistles included in a best-of-breed product. It is, however, important to have an objective and pragmatic understanding of what you actually need. A recent report published by Pendo.io3 reveals that 80% of software features are either never or rarely used. When a thin-spread IT team is at the helm of a large number of disjoint products, an unnecessary configuration option can quickly turn into a liability. In a recent report4, Gartner wrote “After decades of focusing on network performance and features, future network innovation will target operational simplicity, automation, reliability and flexible business models”. Keeping things simple helps keep them secure.
Word of Warning: Single vendor doesn’t always mean consolidated
There is an important distinction we should make between a truly consolidated solution and a single-vendor solution composed of separate products, often obtained through a merger or acquisition. Although the latter are sold by a single vendor, they are still, more often than not, separate solutions with separate management. As such, they do not reap the above benefits.
The ever-evolving cyber-threat landscape is creating a continuous need to adopt new security solutions in order to keep our networks and IT assets protected. Each organization has a tipping point at which the number of products they bring on board becomes too complex to handle and begins to hinder their security posture. As a growing number of IT leaders come to realize this, the demand for simple, coherent, consolidated solutions will continue to grow and become their de-facto go-to security strategy.
No longer are security and consolidation on opposite sides of the trade-off scales. They are, in fact, growing increasingly synonymous.
1 Why Cyber Security Consolidation Matters – Dimensional Research, published by Checkpoint.
2 Security Vendor Consolidation Trends – Should You Pursue a Consolidation Strategy? – Gartner
3The 2019 Feature Adoption Report – Pendo.io
4 Strategic Roadmap for Networking 2019 – Gartner
5 IDC Security Survey of 300 CISOs – IDC 2020