Working with a multitude of large enterprises on their cloud and technology journeys over the years has given us some pretty valuable insights into the way technology is being approached and implemented by big businesses.
One of the more problematic trends that we’ve been noticing lately is the increasingly siloed nature of various tech-reliant business units , and their tendency to spec their own point solutions without considering or being aware of the “goings on” in the wider organisation.
This not only introduces overlaps and duplications, but also vulnerabilities and inefficiencies that can seriously impact organisations’ security, functionality and bottom line.
Common point solutions by department
Between email security (Proofpoint/Mimecast), data leak prevention and threat protection (McAfee), mobile device management (MobileIron/AirWatch), rights management (IBM/Symantec) and more, your average Security department could easily have anywhere from two to five standalone solutions in action to cover their bases.
Similarly, your Collaboration team may have their own security and access controls in place to enable safe and effective remote working and information sharing. These frequently overlap or even duplicate the solutions put in place by the Security department.
Forensics and eDiscovery, too, often have a full suite of point solutions, from email archiving platforms to specialist data preservation, collection, analysis and review tools.
Compliance and Governance teams are also common users of point solutions (when they’re not desperately trying to enforce their policies and processes with no technology to back them). Popular solutions include file and database analysis, insider threat protection and identity management tools like Varonis, DocAuthority and Stealthbits.
The problem(s) with point solutions
Paying for a different product to solve every problem can appear cost effective when viewed on an individual basis. In fact, cost is the most common justification we’ve heard from enterprises opting for multiple smaller solutions instead of simply upgrading their Microsoft licensing to get the functionality they need.
Interestingly, whenever we’ve added up each department’s third-party tech spend across an entire organisation, stakeholders have been shocked by the number of zeros on the total.
Possible Vendor Lock-In
Vendor lock-in is a hefty topic in and of itself (read more on it here).
Suffice to say that a lot of third-party solutions make it very easy for you to get your data into the cloud, and extremely difficult to ever get it out again. Having several of these solutions in play could cause some serious issues for your IT department should you ever need to extract or move your data to a different provider.
At least you can rest assured that you’re getting the best functionality by using a specialist tool for each task, right?
On their own, these solutions often do what they’re meant to reasonably well. However, in an enterprise environment, technology is almost never operating in total isolation. Since your point solutions aren’t designed to work together (or with the rest of your Microsoft stack, in many cases) this can introduce a number of very real vulnerabilities and operational inefficiencies to your business. It also adds significantly to your IT management overheads.
Don’t miss our webinar: Exit from third-party security
Any documents classified as ‘Company Confidential’ need to trigger events in a variety of spaces, including Data Loss Prevention policies at the email boundary and sharing prevention on OneDrive, Teams, SharePoint and other sharing applications.
If each of these workloads is protected by a different point solution, it becomes almost impossible to co-ordinate and monitor this behaviour from any central platform. It also makes it challenging for compliance teams to keep an eye on problematic behaviour with no central trend and analysis functionality available.
Stepping back to see the bigger picture
Ironically, point solutions themselves are not the real problem here. In fact, there are several third-party tools that we frequently recommend and implement for specific use cases. The real issue is the lack of communication between departments and the rarity of any real, centrally governed, big-picture IT strategies.
We’ve been consistently amazed by how difficult it can be to get all the necessary stakeholders into a single room to discuss the individual requirements for each department and how they fit into the enterprise’s technology suite as a whole. When we’ve managed to do so, we’ve invariably found redundancies, duplications, gaps and inefficiencies that are costing the business money, man-hours and functionality.
The (surprisingly cost-effective) Microsoft alternative
In the search for total functionality, there’s very little that Microsoft doesn’t offer across the modern mobile information worker stack these days. From incredibly sophisticated security, to potent compliance and governance tools, to in-house eDiscovery and forensics, Microsoft does it all.
In true Microsoft style, however, getting access to all those functions is very much license dependent. For most security-sensitive enterprises, a Microsoft 365 E5 license is necessary, and that comes at a pretty hefty cost.
Or does it?
A single department could certainly never justify the expense of top tier Microsoft licensing on its own. But that license isn’t limited to a single department. When you add up all the point solutions you’ll be replacing across all your departments, and add in the streamlined system integration and increased visibility and manageability of a single, central solution, Microsoft’s price tag often takes on a decidedly rosier glow.
Find your ideal balance
As much as we’re Microsoft fans, we’re the first to admit that there are times other solutions are more appropriate. Plenty of our deployments integrate Microsoft and third-party tools to maximise efficiency and minimise cost. Finding that balance can be a complicated exercise, however – particularly in large organisations with the inevitable departmental siloes.
To help businesses get a better handle on where their existing IT deployments could be improved (from both a cost and functionality perspective), Cloud Essentials now offers a customised Gap Analysis, Redundancy and Inefficiency Assessment. These workshops are run collaboratively by our Governance, Security and Technical specialists, ensuring all voices in the room have their requirements fully understood.
Let us help bridge any communication gaps, build a clear and complete picture of your organisation’s technology and unravel the pros and cons of the various solutions available to you.
UPDATE – In response to the Coronavirus lockdown, our security team is now delivering a practical FastTrack security service designed to ensure your have optimal security settings on both your existing Microsoft licensed security options & any third-party services.