Information security tools dilemma: Best of breed vs. big security

Column

Information security tools dilemma: Best of breed vs. big security

Historically, security has been a best-of-breed market. By that, I mean customers would buy the leading product in each category and integrate the products into a cohesive whole. But now, are best-of-breed information security tools still the right approach? Even for small and medium-sized businesses (SMBs), which by definition are time-, resource- and money-constrained?

In 1997

    Requires Free Membership to View

    Login

    When you register you’ll also receive the latest news, advice and technical tips designed specifically for midmarket IT leaders like yourself. Our award-winning editorial team will give you immediate access to emerging business and technology trends.

    Scot Petersen, Editorial Director, SearchCIO-Midmarket

    By submitting your registration information to SearchCIO-MidMarket.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchCIO-MidMarket.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

McAfee Inc. did a series of acquisitions, both in the networking and security space, and dubbed itself Network Associates. It was really the first security aggregator, though Axent followed that model until Symantec Corp. acquired it. The thinking was that by building a broad product line, customers would buy all the products, and growth and market domination would follow.

More from Mike Rothman
A decade later, we can safely say that experiment didn't work out. A few years ago, McAfee spun off pieces of the business and went back to its name and heritage. Symantec has struggled with the Axent products for years, though it keeps buying stuff and integrating it. Customers didn't want integration.

But things have changed. There are a lot more attacks and a lot more security technologies to deal with, and it's not like SMBs have bigger budgets or more resources, right? So you need to do more with less.

Many of the security technologies have also matured. There used to be a big difference between the leading and the 10th-place firewall. Now there isn't. Mature technologies tend to become functionally comparable, and that's where we are in many security sectors. Technical differentiation is gone. All the products can do the job. Which means the value proposition needs to change.

Now integration makes more sense. Wouldn't it be great to enforce a single policy? That would be the Holy Grail, eh? Do you want to always manually aggregate data to get a simple report about what's going on? Maybe dropping a couple hundred grand on information security tools could make that problem go away. Is it still novel to run 10 security agents on each desktop? Of course not.

But that doesn't mean best of breed is dead. So here are a few thoughts on how to know if it remains the choice for you.

  • You still like the knobs. It's OK. I won't tell anyone. There are some administrators who want or need control. They are not going to cede the responsibility of integration to anyone else. So they continue to buy best of breed and keep on keeping on. There is nothing wrong with this, if that's what you're into.

  • You have very specific requirements. Perhaps it's a very specialized application or a detailed policy that you've built into your content filter. In some cases, the amount of work required to move to an integrated solution defeats the economic advantages. In that case, stick with best-of-breed information security tools.

  • Your brother-in-law is CEO of a best-of-breed company. How uncomfortable would Thanksgiving be if you unplugged the standalone antispam gateway and outsourced it, or achieved the same result with a unified threat management box? Not worth risking the candied yams.

  • You root for the underdog. If Cisco Systems Inc. or Symantec represent a Darth Vader-like character to you, then you probably aren't looking for an integrated solution. You wouldn't be able to sleep at night, knowing that you chose the Empire over the Resistance.

    Of course, the last two were a bit tongue-in-cheek, but the reality remains that there will be some situations where it makes sense to buy best-of-breed information security tools, just not as many as there used to be, especially for an SMB.

    Mike Rothman is president and principal analyst of Security Incite, an industry analyst firm in Atlanta, and author of The Pragmatic CSO: 12 Steps to Being a Security Master. Get more information about The Pragmatic CSO at www.pragmaticcso.com, read Rothman's blog at http://blog.securityincite.com, or reach him via email at mike.rothman (at) securityincite (dot) com.