Being a security solutions provider, we get into a lot of conversations about specific security strategies, some of which we help with and some we don’t.
Many security teams start off their search for data security solutions with something specific in mind, like a privileged access management solution, for example. Occasionally, when we get down into the nitty-gritty conversations with these teams, we find that the problems they are looking to solve cannot be solved by our solution. In these cases, we think it is important to fully understand the problems the organization is trying to address and direct them in the right way.
We see a lot of vendors that will claim to be what the customer is looking for in order to win the deal, but they don’t address the fundamental problems that their customer is looking to fix. This leads to a lot of customers that are unsatisfied with their vendors.
Vendors certainly have an obligation to be more responsible and act as solution providers. Unfortunately, most vendors aren’t likely to change their approach any time soon. So, how can security teams approach choosing the right data security solution for the enterprise?
Here are some tips:
Make Sure You Know Your Problems
Don’t fall for the marketing hype. Solutions that fall into nice neat little categories often won’t actually solve the problems you’re looking to fix. Deploying security solutions shouldn’t be a check-box exercise. You don’t need a complex ecosystem of solutions because Gartner (as an example) says that those solutions are important.
Instead, what you should do is do a thorough risk assessment within your environment and identify what problems you actually have. Fundamentally, in most cases, it comes down to a lack of visibility over what is happening to data. Not being able to detect threats, produce compliance reports, and govern access are all symptoms of not having that visibility at the data level.
So, find out what you know about your data and what you don’t know. If you don’t know which users have access to sensitive data, or what changes are being made to data, then you know you need a solution that will provide you with that visibility.
Come up with a list of the problems that you have and take these to vendors and see if they can fix them. Don’t just take their word for it either, it’s best to try for yourself if you can.
What Problems Can You Fix Already?
A lot of the time, there will be native solutions to your problems (at least for some of them). Now, these solutions are often not fit for purpose, but there may be things that you hadn’t thought of. It’s also worth looking into your existing tech stack to see if you have any existing security tools that can be used to accomplish the specific tasks that you now know you need to accomplish.
If you do have existing security tools in place, but you still have problems to fix, then you need to consider how your future security solution will integrate with your existing one. In an ideal world, seamless integrations will help you get the best of both solutions and save you money in the long term.
Look to the Future
When considering solutions, especially if you need more than one, it’s critical you evaluate scalability. As your organization grows and evolves, you want to make sure that your solution can keep up. Ripping out security solutions is a painful and expensive process. You should consider how your organization will look in 5 or 10 years’ time and make sure that the solution has the ability to scale appropriately.
Make Sure You’ve Considered Compliance
If your organization is bound by a compliance regulation (it probably is), then you need to consider how your new security solution will contribute to your ability to achieve and maintain compliance. For example, if the security solution enables you to discover and classify data covered by HIPAA compliance, then you know you are a step further to being able to run reports and subject access requests.
Many solutions come with pre-built compliance reports. Make sure you investigate which areas of the compliance regulations this will help you to achieve and which areas are still lacking.
Finally, Can You Actually Use It?
So, you’ve found a powerful SIEM solution that solves all of your problems, good to go, right? Unfortunately, we’ve heard so many stories of organizations committing to deploying a solution without realizing just how difficult it will be to deploy, manage or get any value from. Many solutions require dedicated specialists to translate the reports into meaningful data or even just to work out how to use it.
Make sure that you have had your hands on the solution that you are choosing and you know how to run the reports or set up the solution for your needs. Usability is so important. You want your solution to be saving you time, not adding in extra steps.
You should consider how much time it will take to deploy the solution, train your admins to use it effectively, and generate the reports you need.
If this all feels a bit overwhelming, come and speak to us. Our promise to you is that we will act as your security consultant, and direct you towards the solutions that we believe will solve your problem. It doesn’t benefit us to just sell to you if you don’t actually need it. Schedule a Risk Assessment to book in some time with an expert and determine what problems you need to fix.
Good luck!