E R T N
P
X
E INIO
OP
One tool
too many?
Getting past
the tool glut of
the modern
enterprise
Research has revealed that the average organisation
uses multiple tools to handle secure access
capabilities. But do we really need of all them? Scott
Gordon, (CISSP) CMO, Pulse Secure, explores how
the ‘tool sprawl’ is fast becoming a problem for
companies and how, in this case, more security tools
does not mean better security.
I
t all looks like a
bit of a mess. A
new IDG survey
has revealed
that the average
organisation uses
nearly three tools
to handle secure access capabilities
including VPNs, MFA, NAC, NGFW,
MDM and more. It’s most pronounced
in the medical and pharmaceutical
industries which, on average, use
three tools for each category. High
tech and manufacturing use 2.8 tools
and finance, banking, insurance and
investment all use 2.6.
All of this boils down to wasted time and
money. Buying licences for products
which effectively do the same thing,
more administration, rifling through data
to clear duplicate entries, blame games;
these are the real-world business
www.intelligentciso.com
|
Issue 19
Scott Gordon, (CISSP)
CMO, Pulse Secure
problems that it seems most businesses
are now dealing with.
But tool sprawl means more than just
wasted resources – it means that a
security outlook is less consistent,
spottier, hobbles visibility and auditing,
complicates the lives of users and
administrators and delays threat response.
This matters especially when
we consider how IT is changing.
Increasingly enterprise environments are
hybrid and diverse with the IDG survey
revealing that most enterprises now
distribute themselves among multiple
clouds as well as the data centre.
Those cloud services often come with
their own tools, which may duplicate but
cannot fully integrate consistently across
private cloud, public cloud and the data
centre. This can create problems.
All of this merely creates more noise
and more false positives for a security
team. Commonly, such teams deal with
thousands of alerts a day – a Ponemon
Institute survey from earlier this year
revealed that security teams spend 25%
of their time pursuing false positives.
Furthermore, more tools mean a wider
attack surface. When an enterprise uses
more tools than they need to, they’re
handling more data than they need to
and providing attacks with more places
to hit and more loot to run off with.
Whether it was to address a new threat,
take advantage of new features, fulfil
new compliance requirements, whether
individual departments could purchase
freely or companies were acquired along
with their tools – it’s clear that there is a
smorgasbord of redundant tools. So how
did we get here?
41