One of the most annoying things I see on a daily basis is companies with great security products – huge capital expenditure, spent wisely on market-leading products which are great assets, but which are totally under-utilised and going to waste because the infrastructure, fundamentally hasn't been set up correctly.
Even worse, we sometimes come across clients who are looking to remove a fabulous product which they've already paid for, to replace it with an inferior solution, all because they didn't understand the capabilities they already had.
I can't tell you how frustrating this is, but I can totally understand how it happens.
There is constant pressure in IT teams. Resources are stretched, people are overworked. It's easy to lose sight of the total toolset available, relying on a few tried and trusted routines, wishing more was available.
How many times have you looked at the same report without interrogating your systems to see what else they can tell you?
Typical situations:
- Products have been implemented to fulfill an immediate need with the intention to go back later and revisit the solution, adding additional configuration to use more of the product, but this last step never happens.
- A product was implemented and was fit for purpose at time of implementation, but the business has changed since that time, and the product implementation hasn't been updated.
- A product was implemented and it sits in the corner of the datacentre, whirring away, but no-one from the original implementation team is around anymore, and no-one can tell you what it actually does!
- A product was implemented but it's now on an out of date software version – which means that the customer is missing out on additional features which have been added to the product suite.
- Fear – sometimes administrators don't want to rock the boat, so they do nothing, rather than progressing their solutions.
- Disillusionment – a poor initial implementation means that clients lose faith in their infrastructure and write it off as a bad investment, rather that having someone take a look and get the products to really sing.
The difficulty is, unless your team has the bandwidth to take stock of the current infrastructure, much of the solution value can be lost.
What's required is a objective set of eyes and opinions, ones that are both abreast of the capabilities of your current technology and able to help maximise those existing investments whilst also considering your organisation's objectives, overall strategy and future growth plans.
If you'd like an off the record chat about optimisation, or anything else security related book into my diary here.
Best wishes,
Liz
