softchoice security consolidation survey results

If you are facing an increasing volume of logs

from multiple sources, you are managing a flood

of information. Not only that, you still need to

analyze that data in order to find evidence of

security incidents, and make sure you stay

compliant with industry regulations.

To help our clients learn more about their

security environment we put together a tool that

examined how many security tools our clients

really used, and offered some recommendations

from our experts based on the results.

WHY WE DID IT

» Endpoint buyers» ProSuite buyers» Security buyers in retail verticals» Security buyers in legal verticals» IT managers» Security decision makers

» PC and client software buyers» Security buyers in education» Security buyers in finance» Security buyers in healthcare» Networking buyers

TARGET AUDIENCE

Gross responses were reviewed and scrubbed if:

A. Answers for questions 1 through 9 were the same

B. All questions had the same answer

C. The same result was received for each completed survey in rapid succession

D. A response for a required question was missing

DATA HANDLING

The Results

What are you using for endpoint virus?

We often encounter clients using Microsoft Forefront to maximize their Enterprise Agreement. However, its possible to realize a more robust endpoint security and overall security posture by utilizing a comprehensive solution from Trend Micro, Symantec, McAfee or Sophos.

21%

40%

21%

5%

13%

1%

Endpoint Virus

Trend Micro Symantec McAfee SophosOther Nothing

Avast

AVGES

ET

Kaspers

ky

Microso

ft Foref

ront

Syste

m Center

Thirt

yseve

n4

Untabngle

VIPRE0

2

4

6

8

If other, please specify

What are you using for mail gateway?

As Microsoft discontinued the TMG (Threat Management Gateway) we are seeing significant changes in this area. We anticipate continued changes in the future, as more organizations adopt Office 365.

Our clients that have been using TMG are often looking to existing security providers as well as networking technologies to protect their messaging technologies. Building upon the investment with the current endpoint security solution provider is a strategic opportunity to minimize costs and overhead.

ASSP NoS

pam

Forti

net

Ironp

ort

Kaspe

rsky

Mai

lWat

ch

Micr

osof

t

Other

Racks

pace

XWal

l0

2

4

6

8

10


19%

27%

17%

3%26%

8%

Mail gateway

Trend Micro Symantec McAfee Sophos

Other Nothing

What are you using for WEB gateway?

Our clients that have been using TMG are often looking to existing security providers as well as networking technologies to protect their messaging technologies. Building upon the investment with the current endpoint security solution provider is a strategic opportunity to minimize costs and overhead. 21%

21%

13%5%

27%

12%

Web Gateway

Trend Micro Symantec McAfeeSophos Other Nothing

0

2

4

6

8


What technology are you using for intrusion prevention?

Intrusion Prevention services are being integrated into UTM (Universal Threat Management) devices as well as NGFW (Next Generation Firewall) technologies.

16%

29%

13%

5%

21%

16%

Intrusion prevention


0

2

4

6


What technology are you using for firewall?

We are seeing a significant movement from legacy “layer 3’ firewalls to NGFW (Next Generation Firewalls).

17%

21%13%

7%

37% 5%

FIREWALL


AVG

CheckPoint

Cisco

Custom

Forti

Gate

Forti

net

Juniper

Kaspers

ky

Microso

ft

Palo Alto

Physical

Device

Sentinel

Sonicw

allSq

uidTM

G

Untangle

Watc

hGuard0

0.5

1

1.5

2

2.5

3

3.5

4

4.5


What are you using to encrypt data?

We are seeing concerns around some encryption technologies. Organizations implementing an encryption solution should be aware of potential limitations when using Truecrypt and Bitlocker.

15%

28%

7%5%

19%

26%

Encrypt Data


BitLocke

r

CheckPoint

Cisco

Forti

gate

Guardian

/PGP

Juniper

Microso

ft

Mimeca

st

Others

Proofpoint

SSL

TrueC

rypt

Utimaco0

1

2

3

4

5

6


What are you using for data loss prevention?

Data Loss Prevention (DLP) is a significant concern for our clients working to adhere to compliance mandates like Payment Card Industry (PCI) and Health Insurance Portability and Accountability Act (HIPAA) etc.21%

30%

6%3%

13%

28%

Data Loss Prevention


Acronis

Arcserv

e Back

up

Carbonite

Cisco

Cloud backup

CommVault

DdpeEv

ault

Forti

gate

Other

NovaBack

up

Source

One

Veeam

0

0.5

1

1.5

2

2.5


What are you doing to protect your servers?

Standard endpoint protection is not an complete security solution for servers. Servers should utilize technology designed specifically for server protection.

19%

44%

10%

7%

12%

8%

Server Protection


Cloud backup

CommVault

ESET

Nod32

Evau

lt, VMW

are re

plication

Foref

ron En

dPoint Pro

tection

IPTables

, Hard

ware Fi

rewall

Kaspers

ky

Microso

ft Foref

ront

Other

Patching

Sonicw

all

Syste

m Center

Endpoint P

rotec

tion

Untangle

VIPRE0

0.5

1

1.5

2

2.5


How are you managing mobile data?

Mobile consumerization is driving our clients to protect both mobile devices as well as the data residing on those devices. You must consider the planning and policies in place, as there will be policy differences between Bring Your Own Device (BYOD), and corporate-issue device environments.

21%

20%

4%5%

16%

34%

Mobile Data

Trend Micro Symantec McAfee Sophos

Other Nothing abso

lute Man

age M

DM

Airwatc

h Bes

BlackB

erry

Casper

Cisco

Forti

net Fir

ewall

InTune/A

zure

Maas3

60

Meraki

MobileIro

n

Office365

Other

XenMobile

0

0.5

1

1.5

2

2.5

3

3.5

4

4.5


How do you manage the logs from all these tools?

Real time log management is a core component for corporate security as well as compliance requirements, specifically around incident management and incident response processes.

Logs Management

SIEM Solution Managed SolutionOpen Source Nothing

Are you happy with your main security vendor?

If it’s not broken, don’t fix it. Right? We encourage our clients to test their security architectures to ensure they are well-designed and effective. More simply, keep in mind our goal is to prevent security incidents before they happen!

Are you happy?

Yes No

SUMMARY

1. Understand business and compliance drivers, and integrate these requirements in to the technical specs when considering a security solution.

2. Deploying technology without understanding the risks and sensitive data repositories is not an effective solution.

3. A robust security architecture requires continued testing and improvement to assess risks to critical systems, identify threats, remediate risks, and protect business assets.

4. We see value in consolidating security technologies to fewer vendors. Both from a cost savings perspective, and a daily operations management perspective.

Based on the results of this tool, here are the 4 most important things our clients should remember:

THANK YOU

With over 40 locations across the U.S. and Canada,

Softchoice is one of North America’s largest providers of IT

solutions and services. Our holistic approach to

technology includes solution design, implementation,

and managed services.

softchoice security consolidation survey results

Technology

security providers

security tools

education security buyers

finance security buyers

security environment

robust endpoint security

complete security solution

security consolidation