To help our clients learn more about their security environment we put together a tool that examined how many security tools our clients really used, and offered some recommendations from our experts based on the results.
2. If you are facing an increasing volume of logs
from multiple sources, you are managing a flood
of information. Not only that, you still need to
analyze that data in order to find evidence of
security incidents, and make sure you stay
compliant with industry regulations.
To help our clients learn more about their
security environment we put together a tool that
examined how many security tools our clients
really used, and offered some recommendations
from our experts based on the results.
WHY WE DID IT
3. » Endpoint buyers
» ProSuite buyers
» Security buyers in retail verticals
» Security buyers in legal verticals
» IT managers
» Security decision makers
» PC and client software buyers
» Security buyers in education
» Security buyers in finance
» Security buyers in healthcare
» Networking buyers
TARGET AUDIENCE
4. Gross responses were reviewed and scrubbed if:
A. Answers for questions 1 through 9 were the same
B. All questions had the same answer
C. The same result was received for each completed
survey in rapid succession
D. A response for a required question was missing
DATA HANDLING
6. What are you using for endpoint virus?
We often encounter clients using Microsoft Forefront to
maximize their Enterprise Agreement. However, its
possible to realize a more robust endpoint security and
overall security posture by utilizing a comprehensive
solution from Trend Micro, Symantec, McAfee or
Sophos.
21%
39%
21%
5%
13%
1%
Endpoint Virus
Trend Micro Symantec McAfee
Sophos Other Nothing
0
2
4
6
8
If other, please specify
7. What are you using for mail gateway?
As Microsoft discontinued the TMG (Threat
Management Gateway) we are seeing significant
changes in this area. We anticipate continued changes
in the future, as more organizations adopt Office 365.
Our clients that have been using TMG are often looking
to existing security providers as well as networking
technologies to protect their messaging technologies.
Building upon the investment with the current endpoint
security solution provider is a strategic opportunity to
minimize costs and overhead.
0
2
4
6
8
10
If other, please specify
19%27%
17%
3% 26%
8%
Mail gateway
Trend Micro Symantec McAfee
Sophos Other Nothing
8. What are you using for WEB gateway?
Our clients that have been using TMG are often looking
to existing security providers as well as networking
technologies to protect their messaging technologies.
Building upon the investment with the current endpoint
security solution provider is a strategic opportunity to
minimize costs and overhead.
22%
21%
13%
5%
27%
12%
Web Gateway
Trend Micro Symantec McAfee
Sophos Other Nothing
0
2
4
6
8
If other, please specify
9. What technology are you using for intrusion prevention?
Intrusion Prevention services are being integrated
into UTM (Universal Threat Management) devices
as well as NGFW (Next Generation Firewall)
technologies.
16%
29%
13%
5%
21%
16%
Intrusion prevention
Trend Micro Symantec McAfee
Sophos Other Nothing
0
2
4
6
If other, please specify
10. What technology are you using for firewall?
We are seeing a significant movement from
legacy “layer 3’ firewalls to NGFW (Next
Generation Firewalls).
17%
21%13%
7%
37% 5%
FIREWALL
Trend Micro Symantec McAfee
Sophos Other Nothing
0
0.5
1
1.5
2
2.5
3
3.5
4
4.5
AVG
CheckPoint
Cisco
Custom
FortiGate
Fortinet
Juniper
Kaspersky
Microsoft
PaloAlto
PhysicalDevice
Sentinel
Sonicwall
Squid
TMG
Untangle
WatchGuard
If other, please specify
11. What are you using to encrypt data?
We are seeing concerns around some encryption
technologies. Organizations implementing an
encryption solution should be aware of potential
limitations when using Truecrypt and Bitlocker.
15%
28%
7%5%
19%
26%
Encrypt Data
Trend Micro Symantec McAfee
Sophos Other Nothing
0
1
2
3
4
5
6
If other, please specify
12. What are you using for data loss prevention?
Data Loss Prevention (DLP) is a significant
concern for our clients working to adhere to
compliance mandates like Payment Card Industry
(PCI) and Health Insurance Portability and
Accountability Act (HIPAA) etc.21%
30%
6%
3%
13%
27%
Data Loss Prevention
Trend Micro Symantec McAfee
Sophos Other Nothing
0
0.5
1
1.5
2
2.5
If other, please specify
13. What are you doing to protect your servers?
Standard endpoint protection is not an complete
security solution for servers. Servers should
utilize technology designed specifically for server
protection.19%
44%
10%
7%
12%
8%
Server Protection
Trend Micro Symantec McAfee
Sophos Other Nothing
0
0.5
1
1.5
2
2.5
If other, please specify
14. How are you managing mobile data?
Mobile consumerization is driving our clients to
protect both mobile devices as well as the data
residing on those devices. You must consider the
planning and policies in place, as there will be
policy differences between Bring Your Own
Device (BYOD), and corporate-issue device
environments.
21%
20%
4%
5%
16%
34%
Mobile Data
Trend Micro Symantec McAfee
Sophos Other Nothing
0
0.5
1
1.5
2
2.5
3
3.5
4
4.5
If other, please specify
15. How do you manage the logs from all these tools?
Real time log management is a core component
for corporate security as well as compliance
requirements, specifically around incident
management and incident response processes.
Logs Management
SIEM Solution Managed Solution
Open Source Nothing
16. Are you happy with your main security vendor?
If it’s not broken, don’t fix it. Right? We encourage
our clients to test their security architectures to
ensure they are well-designed and effective.
More simply, keep in mind our goal is to prevent
security incidents before they happen!
Are you happy?
Yes No
17. SUMMARY
1. Understand business and compliance drivers, and integrate these
requirements in to the technical specs when considering a security
solution.
2. Deploying technology without understanding the risks and sensitive
data repositories is not an effective solution.
3. A robust security architecture requires continued testing and
improvement to assess risks to critical systems, identify threats,
remediate risks, and protect business assets.
4. We see value in consolidating security technologies to fewer vendors.
Both from a cost savings perspective, and a daily operations
management perspective.
Based on the results of this tool, here are the 4 most important
things our clients should remember:
18. THANK YOU
With over 40 locations across the U.S. and Canada,
Softchoice is one of North America’s largest providers of IT
solutions and services. Our holistic approach to
technology includes solution design, implementation,
and managed services.