When choosing an enterprise security solution
for your organization is it better to choose an
all encompassing security suite from one vendor
or select the best software in each class even
if it means using a number of different vendors?
Security software tends to come in modules with
each module protecting against a specific type
of threat. Different types of Internet threats
include:
- Viruses, worms, Trojans
- Spyware
- Adware
- Spam
Organizations such as Symantec, Trend Micro,
McAfee and others offer security suites that
protect against a wide range of threats. By
using a security suite from one vendor your
organization:
- Reduces IT time - dealing with one
vendor reduces IT time to install and
maintain the software
- Reduces administrative time - by
purchasing from one vendor, your
organization reduces your number of vendors,
checks produced, approvals needed, etc.
- Reduces conflicts - in theory, by
purchasing a security suite from one vendor,
the vendor has tested its code and has fewer
software conflicts
There may be downsides, however, to limiting
your security software to one vendor:
- Single point of failure - should the
security suite not function as designed
(software expires, not licensed, bug or
error in the code, etc.), your organization
may be vulnerable to a wider range of
threats
- Best of breed - by choosing a security
suite, software modules from the chosen
vendor may not be up to par with competing
packages. For example, a security suite from
a specific vendor may offer overall
protection, however one component, say
anti-spyware, may not offer the same level
of protection as a best of breed
anti-spyware software package
Network security audits help provide answers
to questions such as "Should we purchase a
security suite from one vendor or purchase
security software modules from a number of
different vendors?"
Risk
assessments identify an organization's
assets, threats to the assets, vulnerabilities
that exist as a result of the threats, and the
resulting impact on the organization. The risk
assessment helps prioritize risk areas so that
the organization can make an informed decision
when deciding between one vendor's security
suite or electing best of breed software
packages from a variety of vendors.
Security Blog menu
Tags: network security | security software |
anti-virus software | anti-malware software
|