Tip

Start with centralized endpoint security management when buying suites

Managing endpoint security has always been a big part of the job for over-stretched IT staff at midmarket companies, making strong central management an important consideration when choosing endpoint

    Requires Free Membership to View

security suites.

More endpoint security resources
Think about performance, data protection when choosing endpoint security suites: Endpoint security suites offer multiple malware detection techniques and data protection features that appeal to midmarket IT organizations. This is part one of a two-part series on choosing endpoint security suites.
Security School Lesson: Intelligent Threat Management: Assessing the state of your security.

If you've been using an antimalware protection product without strong central management capabilities, you're overdue for a change, especially with multiple detection engines and other security capabilities, such as full-disk encryption, application and device control, and data loss prevention (DLP).

First, think in terms of a single vendor. Companies that have gone the best-of-breed route may have multiple clients running on their PCs -- antivirus/antispyware, firewall, encryption, device control, maybe network access control (NAC) -- all managed separately. Look for one product suite that meets your needs. It's a lot easier if it's already available from the same vendor, integrated into the package and managed from the same console.

"Get out of the idea of best-of-breed security, and look for what you can get out of these packages," said Natalie Lambert, senior research analyst at Forrester Research Inc. "Look for operational efficiencies for small IT teams."

Look for these essential management capabilities:

  • Centralized signature deployment, including control over signatures to make sure they are actually deployed.
  • Centralized reporting for things such as malware infection detection, and how it is spreading. This includes centralized alerts for quick response.
  • Managed configuration and deployment, enabling you to tweak configurations and push them to all desktops.
  • A single-management console for multiple security technologies, the ability to create policy and report on it.
  • "If you are looking to consolidate of security and management, it's just more policy across more tools," said Lambert. "It's that one single pane of glass."
  • The ability to run remote scans and diagnostics.

NEGOTIATE WITH SECURITY VENDORS BEFORE YOU RIP AND REPLACE
For the most part, consider switching suppliers only if your current vendor doesn't have products with the management capabilities, state-of-the art malware/threat detection, and/or the security tools you need.

Otherwise, proceed with caution. Don't rip and replace if the endpoint security company is meeting your needs. There's just not that much differentiation among the major players, and switching is a daunting project.

"Don't underestimate the transition difficulties and cost," said Ed Skoudis, co-founder and senior security consultant with InGuardians Inc. "It's hard to move from one of these products to another."

That's particularly true for large enterprises; the time, effort and actual cost is prohibitive.

"They know they can't switch, and the vendors know it as well," Skoudis said.

However, switching may be a credible threat for midmarket companies, where it's not such a massive undertaking. In this economy, vendors are being very competitive in pricing. Or, you may be able to cut a deal for a better support package.

"These companies are always looking to make a deal to steal a customer," Skoudis said. "Definitely try to negotiate the best price you can."

Send comments on this technical tip editor@searchmidmarketsecurity.com.

Join our IT Knowledge Exchange discussion forum; please use the midmarket security tag.


 

This was first published in August 2009

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.