Start with centralized endpoint security management when buying suites

Single vendor centralized management of endpoint security suites, including policy creation and management, and compliance reporting is the primary consideration when choosing and buying an endpoint security suite

Managing endpoint security has always been a big part of the job for over-stretched IT staff at midmarket companies,

making strong central management an important consideration when choosing endpoint security suites.

More endpoint security resources
Think about performance, data protection when choosing endpoint security suites: Endpoint security suites offer multiple malware detection techniques and data protection features that appeal to midmarket IT organizations. This is part one of a two-part series on choosing endpoint security suites.
Security School Lesson: Intelligent Threat Management: Assessing the state of your security.

If you've been using an antimalware protection product without strong central management capabilities, you're overdue for a change, especially with multiple detection engines and other security capabilities, such as full-disk encryption, application and device control, and data loss prevention (DLP).

First, think in terms of a single vendor. Companies that have gone the best-of-breed route may have multiple clients running on their PCs -- antivirus/antispyware, firewall, encryption, device control, maybe network access control (NAC) -- all managed separately. Look for one product suite that meets your needs. It's a lot easier if it's already available from the same vendor, integrated into the package and managed from the same console.

"Get out of the idea of best-of-breed security, and look for what you can get out of these packages," said Natalie Lambert, senior research analyst at Forrester Research Inc. "Look for operational efficiencies for small IT teams."

Look for these essential management capabilities:

  • Centralized signature deployment, including control over signatures to make sure they are actually deployed.
  • Centralized reporting for things such as malware infection detection, and how it is spreading. This includes centralized alerts for quick response.
  • Managed configuration and deployment, enabling you to tweak configurations and push them to all desktops.
  • A single-management console for multiple security technologies, the ability to create policy and report on it.
  • "If you are looking to consolidate of security and management, it's just more policy across more tools," said Lambert. "It's that one single pane of glass."
  • The ability to run remote scans and diagnostics.

NEGOTIATE WITH SECURITY VENDORS BEFORE YOU RIP AND REPLACE
For the most part, consider switching suppliers only if your current vendor doesn't have products with the management capabilities, state-of-the art malware/threat detection, and/or the security tools you need.

Otherwise, proceed with caution. Don't rip and replace if the endpoint security company is meeting your needs. There's just not that much differentiation among the major players, and switching is a daunting project.

"Don't underestimate the transition difficulties and cost," said Ed Skoudis, co-founder and senior security consultant with InGuardians Inc. "It's hard to move from one of these products to another."

That's particularly true for large enterprises; the time, effort and actual cost is prohibitive.

"They know they can't switch, and the vendors know it as well," Skoudis said.

However, switching may be a credible threat for midmarket companies, where it's not such a massive undertaking. In this economy, vendors are being very competitive in pricing. Or, you may be able to cut a deal for a better support package.

"These companies are always looking to make a deal to steal a customer," Skoudis said. "Definitely try to negotiate the best price you can."

Send comments on this technical tip editor@searchmidmarketsecurity.com.

Join our IT Knowledge Exchange discussion forum; please use the midmarket security tag.


 

This was first published in August 2009

Dig deeper on Antivirus, antispyware management

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSecurity

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

ComputerWeekly

Close