One of the most annoying things I see on a daily basis is companies with great security products – huge capital expenditure, spent wisely on market-leading products which are great assets, but which are totally under-utilised and going to waste because the infrastructure, fundamentally hasn't been set up correctly. 

Even worse, we sometimes come across clients who are looking to remove a fabulous product which they've already paid for, to replace it with an inferior solution, all because they didn't understand the capabilities they already had. 

I can't tell you how frustrating this is, but I can totally understand how it happens. 

There is constant pressure in IT teams. Resources are stretched, people are overworked. It's easy to lose sight of the total toolset available, relying on a few tried and trusted routines, wishing more was available.

How many times have you looked at the same report without interrogating your systems to see what else they can tell you?

Typical situations:

  • Products have been implemented to fulfill an immediate need with the intention to go back later and revisit the solution, adding additional configuration to use more of the product, but this last step never happens.
  • A product was implemented and was fit for purpose at time of implementation, but the business has changed since that time, and the product implementation hasn't been updated.
  • A product was implemented and it sits in the corner of the datacentre, whirring away, but no-one from the original implementation team is around anymore, and no-one can tell you what it actually does!
  • A product was implemented but it's now on an out of date software version – which means that the customer is missing out on additional features which have been added to the product suite.
  • Fear – sometimes administrators don't want to rock the boat, so they do nothing, rather than progressing their solutions.
  • Disillusionment – a poor initial implementation means that clients lose faith in their infrastructure and write it off as a bad investment, rather that having someone take a look and get the products to really sing.

The difficulty is, unless your team has the bandwidth to take stock of the current infrastructure, much of the solution value can be lost. 

What's required is a objective set of eyes and opinions, ones that are both abreast of the capabilities of your current technology and able to help maximise those existing investments whilst also considering your organisation's objectives, overall strategy and future growth plans.

If you'd like an off the record chat about optimisation, or anything else security related book into my diary here

Best wishes,

Liz

 

 

10 Security Maxims Debunked

11 Jul 2018

    IT Security is a huge and daunting topic, it takes an expert to stay on top of everything!  So much information, so much conflicting advice, it's difficult to know where to start, but not all advice is good advice.  There are some common messages that we really don't like. Here's our top ten ways that our industry is getting it...

Optimisation - Making the Most of Existing Tools

20 Jun 2018

  One of the most annoying things I see on a daily basis is companies with great security products – huge capital expenditure, spent wisely on market-leading products which are great assets, but which are totally under-utilised and going to waste because the infrastructure, fundamentally hasn't been set up correctly. ​ Even worse, we sometimes...

Lessons from a UK Bank Data Breach

20 Jun 2018

I've been watching the news surrounding one of the UK's major retail banks aghast. I could ask "how could they let this happen" but it's obvious why it happened, and very sad. We have a major UK institution in crisis through ineffective security and archaic data architecture.  First of all there was a data breach following a system upgrade....

Troubleshooting - The Most Expedient Improvement

20 Jun 2018

  If you have a problem, if no one else can help, and if you can find them, maybe you can hire the A-Troubleshooting Team. When you have a solution which isn’t working correctly, or you just don’t think it’s performing well enough, it’s common for organisations to think that a rip and replace strategy is better than spending the time to resolve...

HR: The Front Line in Network Security

20 Jun 2018

  HR has a huge role to play in the security of your networks   Yes, Human Resources. For all the effort your organisation expends to implement robust IT policies and infrastructure, the biggest threat to an organisation’s safety comes from its people. Whether through malice, ignorance or human error; the people in your businesses are the...

;