Change is an opportunity for optimisation

With a proliferation of security applications and infrastructure designed to combat the increasing number of advanced threats, many organisations are finding management of their security systems complicated, time consuming and costly. Desktops are often littered with applications for everything from anti-virus to encryption, firewalls with jumbled rules and policies deployed over many years. In the current economic climate, it is more important than ever for businesses to ensure they are gaining the most from their assets, rather than reactively deploying new services. The economic climate continues to drive cuts in security budgets. How often do we hear the request from above to "do more with less”, while continuing to preserve the integrity of the network?Compliance requirements, mobility, remote access and the continual malware threat require robust security implementations. As market conditions decline, security requirements tend to increase. Staff layoffs raise the "insider threat” from disgruntled employees, and the global financial crisis increases regulatory compliance. With more people and organisations struggling financially, levels of computer crime rise. Now more than ever, organisations should address their security architecture to assess the potential risk of each component and discover new ways to reduce cost in line with budget needs.Historically, organisations have taken an organic and reactive approach to their security infrastructure. In response to advanced threats, IT departments will typically deploy point products against each threat. While this ensures those threats are managed, it leads to multi-vendor infrastructures that are fragmented, inefficient and more costly to operate and manage.In a survey by the ISSA Journal in 2009, the average number of rules in a typical firewall increased dramatically over the last seven years, by as much as 500%. In Datacraft’s own assessments, we have found in many cases up to 50 per cent of rules in a typical firewall are not used. Five years ago many organisations didn’t even have anti-virus installed on the desktop. However, today a typical desktop is cluttered with security software including personal firewall, VPN, anti-spyware, anti-virus and host-based intrusion prevention; all increasing the load on our already constrained desktops.The need for IT Managers to make the decision to rationalise, consolidate and optimise their security infrastructure has been present for some time, as budgets have been squeezed. Organisations looking at their aging infrastructure are faced with the opportunity to review and get more value from IT security. It is pivotal for IT managers to take steps to ensure that their security investment is fully exploited and investments are optimised, while maintaining and improving security posture.Security solutions:Firewall AssessmentFirewalls are the foundation of any security implementation and often a significant expense in respect to maintenance and management. Firewall deployments grow quickly as new communication channels open up to the internet and firewall upgrades are often necessary to cope with this increase. These upgrades are often unnecessary, driven by poor firewall performance as a result of complex and poorly configured rules. In many cases, unused and duplicate rules are not purged from the rule base, reducing the performance of the firewall. Undertaking a comprehensive firewall assessment provides organisations the opportunity to reduce the size and complexity of the rule bases leading to better performance, cost and improved security.Unified Threat Management (UTM)Security components within the network can be consolidated into fewer solutions, reducing licensing and support costs and improving operational management. UTM devices are now a mature technology and have been deployed across medium to large enterprises and service providers.Migrating to a UTM environment may require upfront investment, but IT Managers may find their existing infrastructure is upgradeable with additional services. The kinds of consolidation that can occur on a UTM solution include services such as:

• Firewall/VPN
• Intrusion Prevention Systems (IPS)
• Web content and email filtering
• Anti-virus and malware filtering
• Web 2.0 Application Controls
• Traffic acceleration
• Data loss prevention

Return on investment can be rapid through reduction in licensing and support costs with streamlined operational management leading to further cost reduction. Software as a Service (SaaS)SaaS solutions provide cloud-based services in place of customer-owned solutions. Email and web security, security information event management and intrusion prevention all lend themselves well to SaaS solutions. Removing viruses, malware and SPAM from email and web traffic in the cloud rather than on-premise also has the added advantage of freeing up vital internet bandwidth. Datacraft’s SaaS solution has shown that approximately 95% of all email today is unsolicited for most organisations. Handing this off to the cloud effectively removes that unsolicited traffic before it reaches your business, reducing the need for high performance solutions on-premise and reducing required internet bandwidth.  Filtering in the cloud can also improve security by preventing malware from reaching the corporate network edge, while simplifying and consolidating operational management through comprehensive administration portals for multiple services.Managed Security Infrastructure ServicesAs an alternative to SaaS, Managed Security Infrastructure Services can provide CAPEX reduction benefits while providing on-site, customer-managed security infrastructure. This allows companies to benefit from the best technology for a fixed monthly, quarterly or annual fee. This can provide predictable technology refresh options, future-proofing and long term budgeting visibility and control.VirtualisationMigrating your security infrastructure to a virtualised environment is another way to reduce security costs. Virtualisation of firewalls, IPS and anti-virus gateways can markedly reduce licensing, hardware and software support costs. Addressing environmental impacts such as power, cooling and rack space can also increase savings for large organisations with considerable security deployments. Assessments carried out by Datacraft for large multi-national organisations who have moved their security infrastructure to a virtualised environment have demonstrated savings in electricity costs alone of between $150,000 and $1 million over a three year period.Unify the DesktopSimilar to UTM, endpoint security has improved dramatically over the past few years as vendors have introduced new capability in response to advanced threats and changing security requirements. Personal firewalls, VPN clients, host-based intrusion prevention, anti-virus/spyware all exist on our desktops, resulting in many organisations managing multi-vendor, multi-agent platforms. This leads to a number of issues which scale proportionally to the number of users:

1. High license costs
2. Increasing complexity and risking desktop incompatibility, increasing the number of help desk calls and desktop resource utilisation
3. Software updates burdening the user, placing further cost and risk to security if not done

Without undergoing a level of assessment, organisations remain unaware of the high costs incurred from of a multi-vendor, multi-agent deployment. Moving to a single, unified client for the endpoint can dramatically decrease costs and improve productivity in all these areas.As organisations are faced with maintaining higher levels of security in tough times, under pressure to reduce costs, a need has arisen for IT Managers to foster fresh thinking, review their current security architecture and adopt a strategic, rather than organic approach to how their security should evolve.Whether it is a simple firewall assessment to remove redundant rules and improve performance, or redesigning to reduce licensing and support costs, real business benefits and savings are achievable for all organisations.