Bolstering security with a trusted advisor
Samresh Ramjith, Chief Technology Officer for Security Solutions at Dimension Data Middle East & Africa, speaks of the importance of a strong partnership to create strong IT security.
The security landscape continues to evolve, as organisations look to prevent and protect against increasingly sophisticated network threats, meet stringent compliance and industry regulations, and achieve an overall robust security posture.
A key element in achieving this is trust – trust in systems and processes, technologies and strategies. And when selecting a systems integrator to partner with, trust also takes centre stage, as companies are increasingly seeking to partner with not just any integrator, but rather a “trusted advisor” who understands and is immersed in their infrastructure, security strategy and overarching business goals – as well as the broader security market, including both the threat and vendor landscape.
This type of close partnership brings with it significant advantages for organisations and integrators alike as they work toward a common goal of bolstered security.
Organisational benefits
It’s a common misconception that companies can “cover their bases” and mitigate risk by working with a large array of security partners, who provide and implement point solutions for as many different aspects of the network as possible. With this piecemeal approach, it’s likely that none of the partners have the “big-picture” and holistic approach of what a given company is trying to achieve, and thus are limited in their ability to implement solutions that support that vision.
On the other hand, working with a select – or a select few – trusted partners can help organisations better understand, identify and quantify their risk. With insight and visibility into business goals, as well as all the moving parts in an organisation’s security strategy, integrators can better assess and address a company’s risk profile, and design architectures and networks that are ideal for that environment.
In order to serve as a trusted advisor and have this visibility, it’s particularly important that the integrator approach security projects with a lifecycle strategy – spanning assessments, planning, architecture, integration and ongoing management – to maximise benefits.
The ideal trusted advisor
So how do organisations know when they’ve met their perfect match? What are necessary qualities integrators can hone and acquire to help build that chemistry? And when it comes time for a Request for Proposals, how can integrators best position themselves for a spot on the short list? While client needs differ, the end goal of an improved security posture is a common denominator – and one that integrators can best address through a variety of skills and qualities:
• Lifecycle approach – IT security, itself, is an ongoing process/lifecycle – one that constantly evolves and, as such, needs to be addressed. Consequently, integrators that can cover as many elements of the security lifecycle as possible are strong choices to partner with. Their far-reaching expertise also boosts companies’ overall Return On Investment – as different security phases and subsequent projects can easily leverage intelligence accrued and investments previously made.
• Focus on consulting – To be competitive and effective, integrators should build a full-service capability, encompassing architecture, technology, managed services and – as the cornerstone – consulting. Being able to identify risk – rather than just implement technology – is a valuable asset that benefits both the integrator and the client.
• Pen testing prowess – Organisations also benefit when working with an integrator that, as a best practice, begins a security project with a penetration test to highlight unknown risks and potential deficiencies. The results set the stage for a fact-based discussion around security architectures and significantly aid in clients’ decision-making processes.
• Discrete project engagements – Clients should stay with an integrator because that integrator does a good job – not because each project locks them into subsequent ones, which can be a turn-off. When integrators provide thoughtful options and recommendations – rather than lock companies into a specific course of action – they promote trust and build stronger relationships.
• Specialised and best-of-breed partnerships – Rather than be completely vendor-independent – which can lead to integrators doing a passable job with lots of different technologies – it’s important to work with an integrator who can do a superior job with a more specialised repertoire. For that reason, it’s important that integrators have a strong portfolio of total security solutions from select vendors and demonstrate their deep experience with these technologies – as well as their commercial engagements with security vendors to support best-possible procurement options and escalation routes.
Conclusion
Maintaining stringent standards of security is a crucial enabler toward achieving organisations’ business objectives. By adopting a strategy that allows organisations to prevent, detect and respond to threats – and honing that strategy with the insight and ongoing help of a trusted advisor – organisations are well en route to achieving a more effective and strengthened security posture.