business value analysis-market research reporteval.symantec.com/mktginfo/enterprise/customer... ·...

Business Value Analysis-Market Research Report

Endpoint Security

Table of ContentsExecutive Summary 3Business Value Analysis™ Market Research Reports 3

Endpoint Security MRR methodology 3Technology solution justification and validation 3

Key findings in business drivers 4Key findings in business value 4

Trends in Business Drivers 5Mitigate IT risks 5Remediate intrusions more efficiently 5Improve system performance 5Consolidate endpoint security IT infrastructure and software 6

Standardizing on an infrastructure: component by component 6Single-solution consolidation: becoming the industry standard 6

Manage endpoint security more efficiently 6

Trends in Business Value Analysis 7Centrally managed protection and administration 7Control of user-installed applications and devices 7Automated report generation 8Background PC security scans 8

Conclusion 8

Additional Survey Results 9Respondent profile 9Financial justification required but analysis resources limited 9

Pre-deployment analysis resources 9Post-deployment analysis resources 10

Endpoint security: total endpoints and full-time employees 10

© 2009 The Alchemy Solutions Group All rights reserved Business Value Analysis, BVA, Total Operational and Economic Impact, and TOEI are trademarks of The Alchemy Solutions Group, Inc

Endpoint Security - 3

© 2009 The Alchemy Solutions Group All rights reserved

Executive SummaryBusiness Value Analysis™ Market Research Reports Information technology (IT) organizations need clear markers for valuing investments; the ability to generate business value proof points is therefore critical The Business Value Analysis (BVA) Market Research Report (MRR) series helps create those proof points by answering the following two questions:

• What business drivers compel IT organizations to implement particular technology solutions?

• Post implementation, which areas have generated the greatest total operational and economic impact?

This MRR identifies business value trends in Endpoint Security, which is essential for ensur-ing and managing protection on endpoints

Endpoint Security MRR methodologyThis MRR draws on two major data sources

The first is a survey recently completed by Symantec customers and other organizations Respondents represent a broad range of industries, geographic areas, and sizes They were queried about their recently implemented or upcoming endpoint security technol-ogy solutions Their responses paint a vivid picture of the latest trends driving technology procurement decisions

The second data source is a large and growing stockpile of recently published BVA studies by The Alchemy Solutions Group These exhaustive Total Operational and Economic Im-pact (TOEI)™ research studies analyze an organization’s challenges, its chosen technology solutions, the consequent project rollout and IT transformation, and the lessons learned—what worked and why

Technology solution justification and validationWhile 70 percent of survey respondents are required to justify their proposed endpoint security solutions in financial terms, only 64 percent are given the analysis tools to do so This leaves a significant percentage of IT organizations with-out the means to fulfill their justification mandates (Chart 1)

Even more striking, 56 percent of respondents are denied the opportunity to validate whether the solutions deliv-ered the expected operational and economic benefits Significantly, when respondent organizations are given post-deployment analysis support, every one of them proceeds to gauge the benefits received This underscores the universally recognized importance of benefit valida-tion—and the failure of most companies to meet that need (A greater percentage of companies in the Europe–Middle East–Africa [EMEA] region provide their IT organizations with pre- and post-deployment analysis resources than in the Americas )

Chart 1 Is IT Financial Justification Required? Are Resources Available?

4 - Endpoint Security


Key findings in business drivers

Overall, the survey found that the same decision criteria that drove endpoint security pur-chases in the last two years will drive, to a similar degree, these purchase choices in the next two years The following drivers are ranked from most to least cited for the two years ahead:

Mitigate IT risks: Although a relatively weak driver in large enterprises (5,000 or more employees) and in the EMEA region, keeping out malware is still the number one business driver influencing endpoint security decisions

Remediate intrusions more efficiently: This driver shows the strongest growth in the two years ahead, especially in the Americas Companies are increasingly concerned with quickly and cost-effectively handling the aftermath of a security breach

Improve system performance: This driver is the one most cited by large enterprises, where degraded system performance can have a widespread negative impact

Consolidate endpoint security infrastructure and software: Firms are driven to stan-dardize endpoint security components on the same hardware platform Consolidating on a single solution, though still a strong driver in the two years ahead, is less important than in years past This indicates that such consolidation is already widely implemented, especially in the Americas

Manage endpoint security more efficiently: This is another strong driver, which suggests a continued push to control costs

Key findings in business value

The BVA studies document significant time savings in the following business value areas:

Centrally managed protection and administration: A centrally managed solution boosts efficiency in several areas, including delivering security updates and new software to end users; resolving virus and malware issues; locating users on a network; creating accounts and maintaining policies; and providing user access and authorization

Control of user-installed applications and devices: Keeping unauthorized applications and devices off the network saved companies an average of more than $1 million per year

Automated report generation: Firms are able to better identify security problems and quickly satisfy auditing and compliance requirements Time to generate reports is cut by 99 percent and time to complete security audits by 97 percent

Background personal computer security scans: Background scans boost IT and end-user productivity, netting companies an average of $670,000 in savings per year



Trends in Business DriversThe survey asks Symantec global IT customers and other organizations to select their top three criteria for having made endpoint security procurement decisions over the last two years, as well as their criteria for planned procurements over the next two years (Chart 2)

Mitigate IT risksBlocking malware and thwarting attacks are still the principal goals of companies deploying end-point security solutions Over the last two years, IT risk mitigation was the number one reason to deploy an endpoint security solution, cited by slightly more than 70 percent of respondents Just over 60 percent of respondents indicate that this factor will also drive implementation decisions over the next two years IT risk mitigation and other endpoint security business drivers identified in the survey are presented below

It is important to note, however, that limiting IT risk exposure is cited much less frequently by

large enterprises than by small to midsize businesses (SMBs; fewer than 500 employees) and enterprise-size firms (500 to 4,999 employees) This phenomenon persists across all geographic areas Large enterprises are apparently satisfied—much more so than their SMB and enterprise counterparts—with their current capabilities to keep the organization safe Mitigating IT risk is also a considerably stronger driver in the Americas than in EMEA, especially over the next two years

Remediate intrusions more efficientlyThe need to use fewer IT resources when remediating security breaches is on the rise Over the last two years, less than 40 percent of respondents cited this factor as driving their end-point security solution decisions As firms look to the next two years, that number surges by nearly 20 percentage points—the largest past-to-future gain of any driver measured in the survey

While keeping out malware and hackers remains the number one priority for most firms—especially those with fewer than 5,000 employees—IT organizations also realize that if an attack breaches their defenses, they must quickly and cost-effectively repair the damage and return the company to full operations This is a much stronger driver in the Americas than in EMEA

Improve system performance System performance improvement is the third strongest driver for the last two years as well as the two years ahead, cited by roughly half of survey respondents Companies show little willingness to settle for endpoint security solutions that degrade overall system perfor-mance In terms of its ability to influence endpoint security purchasing decisions over the next two years, this driver is cited by large enterprises more than any other

Chart 2 Business Drivers for Endpoint Security Solutions



Consolidate endpoint security IT infrastructure and softwareConsolidating security IT infrastructure is the survey’s most consistent driver, cited by 41 percent of respondents over the last two years and 44 percent over the next two years Organizations of all sizes continue to see the value in standardizing endpoint security on a single IT platform

Standardizing on an infrastructure: component by componentFirms tend to standardize their endpoint security solutions on a common platform on a component-by-component basis Some components, such as antivirus and antispyware software, are stan-dardized at much higher rates than others (Chart 3)

In fact, the percentage of firms that have already standardized their antivirus and antispyware software on a single infrastructure ex-ceeds the percentage that has standardized all other components combined This is true across organizations of all sizes But not all solution components are standardized at the same rate across all organizations For example, SMBs are significantly less likely than their enterprise and large-enterprise counterparts to standardize device control and intrusion prevention on the same infrastructure; it’s simply a less critical issue for smaller organizations

Single-solution consolidation: becoming the industry standardThe second strongest driver over the last two years shows the greatest decline going forward The need to consolidate endpoint security software enterprisewide helped drive purchasing decisions for nearly 60 percent of respondents over the last two years That fig-ure drops to slightly more than 40 percent of respondents in the two years ahead, a drop most pronounced among SMBs and large enterprises Presumably, a greater number of IT organizations have recently standardized their endpoint security software installations, thus diminishing the future strength of this driver

Nevertheless, consolidating endpoint security is a considerably stronger driver in EMEA than in the Americas, especially over the next two years And with 40 percent of respondents overall citing it as a driver, software consolidation remains a potent consider-ation in endpoint security

To what extent have companies standardized security across all endpoints? Nearly 60 percent of respondents report having already standardized enterprisewide on a single endpoint se-curity solution (Chart 4), which is consistent with the 40 percent of respondents who cite such standardization as a driver going forward This percentage is fairly steady across all company sizes

Manage endpoint security more efficientlyThe need to manage endpoint security using fewer IT resources is also cited by 44 percent of respondents over the next two years Endpoint security solutions have grown more robust in response to greater threats that are more numerous, more damaging, and more difficult to prevent Now, in addition to maximizing end-user protection, organizations are

Chart 3 What Endpoint Security Components Have You Standardized on the Same Infrastructure?

Chart 4 Have You Standardized Security Across All Endpoints?



seeking to minimize management time and effort This is especially true for enterprise-size firms in the Americas over the next two years

Trends in Business Value AnalysisStandardized, centrally managed endpoint security solutions deliver business value by creating IT labor efficiencies and by reducing—in some cases, virtually eliminating—the time and cost required to identify, prevent, fix, and report on infections and other security breaches (Chart 5) Through greater visibility, control, automation, and ability to be proac-tive, companies in the BVA studies dramatically reduced regularly recurring events that ab-

sorb IT as well as end-user time, producing a combined average productivity gain that saves more than $600,000 per year

Centrally managed protection and administrationA patchwork effort to continually and thoroughly update end-user computer protection—across different platforms (desktops, servers, laptops, etc ) and across dispersed locations—can cost IT departments a great deal of time and money Updating ef-forts conducted this way are likely to produce a rolling series of exploitable security gaps, which expose organizations to huge risks The automatic deployment of personal computer protection software and updates—including antispyware, antivirus, personal firewall, and other solutions—can drastically reduce these threats and deliver tremendous savings

Likewise, the ability to centrally automate the creation, roll out, and updates of user accounts can eliminate thousands of hours tied up in administration and in travel to dispersed locations

In the BVA studies, companies that employed a centrally managed endpoint security solu-tion were able to achieve the following average time savings:

• Delivering security updates and new software to end users: 96 percent, a savings of more than 780 hours annually

• Resolving virus and malware issues: 88 percent, a savings of more than 1,000 hours annually

• Locating all the dispersed users on a network: 98 percent

• Creating accounts and maintaining policies: 92 percent

• Waiting for access and authorization: 700 hours annually

Control of user-installed applications and devicesUser-installed applications can undermine network performance, causing everything from local area slowdowns to system-wide crashes They can also interfere with the operation of legitimate, often mission-critical, applications; increase hardware storage and server re-quirements; and unnecessarily expose the system to additional security risks User-installed

Chart 5 IT Hours Saved Performing Security Tasks

Endpoint Location

Awareness Virus, Malware

and Issue Management

Customer Data From Business Value Analysis Studies

Security Upgrade

and Patch Management

Role- based User

Administration

Security and

Audit Reporting

Managing Policy and Accounts



devices—such as CD drives or USB attachments—may not only introduce problematic ap-plications to the larger network, they can also be used to copy data without authorization Inappropriately copied data can be intentionally or inadvertently misused (e g , industrial espionage or accidental posting online), creating enormous problems for an organization

In the BVA studies, endpoint security solutions that kept unauthorized applications and devices off the network saved companies, on average, more than $1 million per year

Automated report generationReport generation involves everything from locating and collecting the necessary data to populating the fields in a document For most IT departments, it is a manual and time-consuming process This is clearly untenable in an age when organizations must meet stringent and varied auditing and compliance requirements (e g , Sarbanes–Oxley) in a full and timely manner

In the BVA studies, several companies previously unable to collect data were soon issu-ing detailed, comprehensive reports on security issues and monitoring Other companies reduced the time required to generate reports by 99 percent, cut auditing time by 97 percent, and saved more than 17,000 hours or $500,000 each year

Background PC security scansPersonal computer (PC) malware scans can be intrusive, productivity-robbing procedures, resulting in slow-running machines, frustrated calls to the help desk, and the temporary abandonment of PC-based work activities

Firms in the BVA studies that adopted scan solutions that run seamlessly in the background saved, on average, 2,700 hours or $670,000 per year in recovered productivity

ConclusionWhat does the future hold for IT investment in endpoint security solutions?

The survey results strongly suggest that IT organizations have many compelling reasons to develop new endpoint security solutions and improve on existing ones And the BVA studies published by The Alchemy Solutions Group demonstrate that these solutions save substantial money and time

The trends in endpoint security business drivers identified in the survey map well with the business value trends identified in the BVA studies That is, endpoint security solutions that effectively address IT business drivers—mainly by providing centralized visibility, auto-mation, and control; enhancing labor efficiencies; accelerating processes; and ensuring greater security—will generate exceptional, quantifiable TOEI

Organizations will make better decisions if they can determine, prior to implementation, whether a proposed solution is destined to succeed IT procurement should be based on solid financial projections, otherwise the enterprise as a whole will not be able to evaluate the impact of a key business investment Providing greater access to analysis resources will better enable IT groups to financially justify their procurement requests and validate the benefits to the larger organization



Additional Survey ResultsRespondent profileSurvey respondents represented the following regions: Europe–Middle East–Africa (EMEA); Asia–Pacific–Japan (APJ); and the Americas (Chart 6)

The surveyed organizations represent virtually all sectors—from publishing to manufacturing—although they are mainly concen-trated in two industries: manufacturing and financial services (Chart 7)

Organization size varies greatly as well More than 20 percent of the firms are large enterprises, employing more than 5,000 people Slightly more than 60 percent are enterprise size, with between 500 and 4,999 employees About 16 percent are consid-ered SMBs, with fewer than 500 employees (Chart 8)

Financial justification required but analysis resources limitedIT organizations are no longer isolated in a solely technological role and therefore embrace business value as a core deliverable

The survey bears this out Seventy percent of respondents are required to justify the operational and economic impact of endpoint security solutions The percentages are higher among enterprise and large-enterprise firms—71 percent and 88 percent, respectively (We presume the percentage that actually provides financial justification is even higher This is because endpoint security procurement requests are more likely to be granted if the proposed solution can be shown to be economically ad-vantageous to the larger organization IT organizations should be motivated, if not strictly required, to financially justify their procurement requests )

Pre-deployment analysis resourcesThe financial justification impera tive borne by 70 percent of respondent organizations exceeds the availability of analysis sup-port resources, with barely 65 percent of respondents reporting they are given access to such resources (Again, the percentages are higher among enterprise and large-enterprise firms—71 per-cent and 75 percent, respectively ) That means more than one-third of IT organizations are ill-equipped to accurately determine the economic value of a proposed endpoint security solution

Chart 6 Survey Respondents by Geographic Region

Chart 8 Company Size: Percentage of Survey Respondents by Number of Employees

Chart 7 Top Industries Responding to Survey



Post-deployment analysis resourcesAn even smaller percentage of respondents—only 44 percent—were able to evaluate their new solution’s total operational and economic impact after implementation (Chart 9) (Once again, enterprise and large-enterprise firms do a better job than their SMB counterparts, in this case enabling 59 percent and 50 percent, respectively, of their IT organizations to validate an implemented solution’s success ) With so few companies assess-ing whether their endpoint security solutions actually paid off, it is easy to imagine much of the corporate world investing in poor solutions without ever knowing it

Based on our survey, if companies provide post-deployment analysis tools for validating solution benefits, IT organizations are all too happy to take advantage of them In fact, 100 percent of survey respondents performed the validation analysis when given the tools And the results are largely positive Almost two-thirds of respondents reap more than 50 percent of the anticipated gains (Chart 10)

The survey results suggest that many companies could do a much better job of matching expectations with results Giving IT organizations greater access to resources for validating solution benefits, post implementation, should help enormously

Endpoint security: total endpoints and full-time employeesNot surprisingly, a respondent organization’s total number of endpoints roughly aligns with its reported workforce size Forty-two percent of respondent organizations manage between 1,000 and 4,999 endpoints (47 percent have that many employees) Thirty-six percent manage fewer than 1,000 endpoints (30 per-cent have that many employees) And 22 percent manage more than 5,000 endpoints, the exact percentage that report having that many employees

For the overwhelming majority of organizations, three or fewer full-time employees (FTEs) are required to manage the endpoint security solution (Chart 11) Not surprisingly, the number of end-point security FTEs increases in lockstep with a firm’s number of employees (and endpoints) For example, only large enterprises report the need for four or more FTEs

Chart 9 Did IT Have the Opportunity to Validate TOEI after Deployment?

Chart 10 For IT Organizations Given the Opportunity, What Percent Benefit was Realized?

Chart 11 How Many FTEs Manage Endpoint Security?



The Alchemy Solutions Group www alchemygroupinc comThe Alchemy Solutions Group is a global management consulting and marketing research firm providing program level support to senior IT, sales, marketing, and customer reference professionals in Fortune 1000 companies Alchemy’s Research and Publishing services help clients assess the economic impact of leading technology solutions in the global supply chain

The Total Operational and Economic Impact (TOEI)™ Research Practice delivers public and private research services that measure a product’s positive and potentially negative impact in post-implementation environments Alchemy’s Business Value Analysis (BVA) Market Re-search Report (MRR) is one of the public communication mediums available for this research

Alchemy leverages deep industry expertise and formal research best practices to help busi-ness leaders understand the key attributes of and constraints on corporate performance TOEI research enables our clients to make decisions based on the operational and economic impact of select products and services, and help support integrated, marketing best practices

Stanley King — Managing Director stanleyking@alchemygroupinc comAs MD of The Alchemy Solutions Group, Stanley King is responsible for establishing strategic relationships with executives who are committed to understanding the economic impact that products and services have in the global supply chain King’s international sales and market-ing experience and ongoing research efforts provide industry executives with the candid insight required to educate employees, customers, and their extended supply chains The repurposing of TOEI research has proven valuable in terms of IT procurement, product de-velopment, go-to-market planning, enterprise sales, and long-term customer support

Prior to founding The Alchemy Solutions Group, King served in the software industry for 19 years, specializing in mergers and acquisitions, executive management, field opera-tions, and sales management With global experience in large technology companies like Oracle and in smaller technology start-ups, King brings a wealth of insight in the support of Research and Publishing efforts at The Alchemy Solutions Group

business value analysis-market research reporteval.symantec.com/mktginfo/enterprise/customer... ·...

Documents