For each investment in a commercial environment a question plays a central role: it pays the like? On the topic of IT security, there is the question of costs and benefits of acquisition, even with an integrated enterprise security platform. But what does that mean for a solution?
One Enterprise Security Platform provides networking, cloud and endpoint security in a common architecture. As an integrated security platform, it ensures transparency and control, allowing organizations to detect and prevent cyber-attacks, during the operation of productive applications is ensured.
Many companies shy away at first glance not inconsiderable investment and rely on their self-compiled over years grown security architecture. Forrester Consulting conducted a study on the economic impact (Total Economic Impact, TEI) recently.
The aim of this study was to clarify the financial implications of a platform-based approach and the potential return on investment (ROI) display. In order to gain a practical assessment, Forrester companies surveyed who use a current enterprise security platform for several years.
Integrated approach vs. grown security infrastructure
Such a platform consists of next-generation firewalls (NGFWs), Web security components and additional cloud-based threat detection and prevention services. In order for the network operation as well as the data and assets in the company prior to an ever-increasing number of increasingly complex targeted cyber-attacks to be protected.
Formerly had company no choice but a number of different, non-contiguous security techniques to implement. For example, packet filter and proxy firewalls were mixed with other hardware and software solutions. This one had to manage many devices at different levels of the network.
A network security strategy encompassed example, basic stateful firewall functions, intrusion detection and intrusion prevention systems (IDS / IPS), URL filtering, sandboxing and logging and auditing. But this fragmentation was not very effective, also slowed to the low performance of the security systems slowed business processes.
End users could because of the unsatisfactory network speed often not very efficient. These "chronic" productivity losses could worsen as a result of failures of security breaches have. IT security staff also spent a lot of time hunting for threats by scoured security protocols.
Threat Detection and Rapid Response
The automated Enterprise security platform automatically detects threats and take independent measures to prevent unwanted traffic at the application level. The network administrator can view the whole network and all traffic-click, regardless of which port or protocol uses an application.
At the same time, such a platform help to increase productivity and keep costs under control. Based on the survey results presented Forrester on a practical sample calculation.
The financial model is based on the assumption that a company with 14,000 employees, has an existing security solution in use, based on the current generation of security appliances and software that the end of life approaches.
Example calculation for integrated security platform
The company wants its existing solution to replace it with a new platform that provides OSI Layer 7 application monitoring. Security administrators should not waste their time with guesswork out of managing application rules based on port and protocol guidelines thereby.
The sample calculation that refers to a currently available in the market enterprise security platform comes with the assumed size of the company at the following numbers: For investment costs of EUR 1.12 million estimated US dollars and an annual cost of about 781,000 dollars Forrester, the total cost savings to an impressive 5,263,638 million dollars.
In the first year resulting economic benefits amounting to 2,549,157 million US dollars compared to 1,907,379 US dollars cost of implementation. In addition, a cumulative net present value (NPV) of 2.1948 million US dollars over the course of a three-year lifecycle. Based out of values in practice, it is assumed in this calculation that the company can reduce the remediation of infected systems by 90 % by using the enterprise security platform.
With regard to the technical optimization feature security administrators the ability to optimize network policies with a view to organizational needs. This allows the control of unauthorized applications. The implementation of the new security policy at the application level increases end-user productivity. Forrester comes here with a financial advantage in the amount of 5,879,379 US dollars.
The business drivers in detail
Forrester has the economic factors calculated on the basis of practical values in the companies surveyed. In detail, the following aspects and items were considered:
A reduction in the end-user downtime through improved threat prevention and rapid detection of threats: The improved identification of threats leads to better balance thwarted threats and improved transparency, such threats endanger the network, ultimately allowing security managers to set up optimized security policies. Thus the attacker intrusion is prevented, so that reduce downtime at the end-users by 90 %, which corresponds to an equivalent of 196,952 dollars.
A reduction and redistribution of security operating costs: Improved visibility of threats, along with the benefits of a consolidated platform, increase the efficiency of security personnel. It starts with 10 per cent during the adjustment period in the first year, with a significant improvement to 40 % as early as the second year.
Avoiding unnecessary work on Helpdesk: An additional advantage of reducing endpoint infections is a significant reduction in working hours, the IT staff needed previously to take care of affected computers. The time required for the help desk and the time for recovery will result in a net present value of avoided labor costs in the amount of 109,144 US dollars - or the equivalent of more than 1,100 working hours per year for the rehabilitation of endpoints.
Replacing and consolidating outdated security and software: Next-Generation Firewalls, in conjunction with a broad range of cloud-based security services, work efficiently together here. This eliminates the cost of ownership for the formerly used security appliances, which corresponds to a present value adjusted savings of 3,874,522 US dollars. A streamlined platform, as it is used in the sample calculation of Forrester, proves to be 28 % more cost-effective compared to a solution with piecemeal security features.
Regarding royalties amounting to 556 482 US dollars per year. This is to be paid annually royalties for access to services for threat prevention, mobile security, URL filtering and cloud-based threat detection.
Yearly support fees of 224,672 dollars. These are incurred for 24x7 premium maintenance and support of the overall solution.
Hardware cost of 1,086,255 US dollars. These include costs of purchasing, maintenance and replacement of specific hardware to support the enterprise security platform.
Professional Services for US $ 40,000. This is a one-time fee for professional services for training in best practices for Layer 7 protection systems as well as migration policies from the former security solution.
Contemporary security level
A natively integrated platform can replace punctual tools at multiple levels and streamline the daily work of security teams. In addition, it protects even mobile workers, branch offices, campus, virtual data centers or cloud-based services.
No comments:
Post a Comment