This article was prompted by our clients, many of whom regularly ask the same question - "how can we reduce expenses on information security solutions?"
Today, let's figure out whether it is possible to save on implementing IS solutions or not?
Our answer will be brief and clear - Definitely not, because the risks of data loss, organizational downtime, and reputation always cost more than the price of all solutions, both IT and IS.
CAN WE REALLY REDUCE EXPENSES ON IS? — YES, WE WILL TELL YOU HOW TO DO IT CORRECTLY!
As current realities impose requirements for cost optimization or even budget cuts, in response to these challenges, we can suggest two main approaches to security:
Let's take a closer look at the implementation of methods of the second approach "conscious reduction of the functionality of implemented solutions".
How to save on purchasing network firewalls?
Network Segmentation
It is important to properly segment the protected network and, if necessary, check traffic only between critical segments, while using simple protection methods in non-critical segments.
For example, organize guest Wi-Fi in a separate Vlan or, if possible, relocate to dedicated equipment and ensure interaction control without using a network firewall.
- Pros: it is possible to purchase network screening devices with lower throughput and fewer interfaces
- Cons: there will be no possibility for rapid scaling, as well as protection of non-target and non-critical segments
Limiting Subscriptions
Initially purchase only the functionality, the subscriptions, that are required for a minimal solution to the tasks at hand.
For example, if there is no special need or ability to control access of workstations to Internet resources by URL, then it is possible to forego this functionality and limit to only an intrusion prevention system.
As future plans are implemented, the functionality should definitely be purchased.
- Pros: reduces the initial purchase cost of the system
- Cons: no ability to quickly add additional functionality, or it will operate without updates to signature databases
Virtual Execution
Use virtual solutions instead of hardware.
- Pros: virtual solutions are generally cheaper than hardware
- Cons: dedicated servers and supported virtualization platform are required
How to save on purchasing DLP systems?
All-in-One
Purchase an “all-in-one” solution, where all system components are located on one server. Components include: databases, analysis systems, management consoles, etc.
- Pros: possible to reduce the use of server capacities
- Cons: limited scalability due to the inability to process large volumes of data, as well as a fixed maximum number of supported data collection agents from workstations
Limited Number of Modules
Purchase only those control and verification modules that are necessary for solving data leakage prevention tasks. For example, control over messengers and email only
- Pros: each control module is licensed separately, therefore, the overall solution cost will be reduced
- Cons: no ability for the prompt activation of data flow control functionality via alternative channels
Network Data Stream Scanners
Use network data stream scanners instead of deploying on user workstations.
- Pros: savings on workstation connection licenses, as sources of system event data leakage prevention
- Cons: possible omission of some data requiring analysis that bypasses network scanners. For example, data from removable media (USB) that do not pass through the data transmission network
How to save on purchasing SIEM systems?
Is it possible to optimize expenses on retrospective analysis and incident investigation?
Use open source
Use freely distributed software solutions (open source) instead of commercial ones.
- Pros: no costs for software
- Cons: qualified personnel required for support of these solutions, as well as the absence of prompt updates from the engineer community
Delegate some tasks to security monitoring center contractors
- Pros: no need for qualified personnel in-house, nor dedicated equipment
- Cons: requires transferring access to confidential information to an external organization
How to save on HTTP traffic protection?
Is it possible to reduce expenses when purchasing Web Application Firewall (WAF)?
Cloud solutions can be used in rented data centers or solutions from telecommunications operators.
- Pros: no need to install and maintain specialized equipment and software in the company's network
- Cons: difficulties in organizing the interaction between the company's information security specialists, the contractor, and the company's own website developers
On which solutions savings are not possible
Data Backup
Protection against zero-day attacks does not exist, and an organization must always have a plan for data recovery from backup copies.
Network Activity Monitoring
Keep in mind that timely isolation of segments where vulnerabilities have been exploited by attackers significantly reduces the risks of malware penetrating the rest of the network. Without a properly configured alert system, this is not possible.
Workstation Protection
Workstations are sources of increased risk, and savings on their protection are not possible.
Email Protection
Attacks using email are the main vector for malware penetration into the protected perimeter, therefore, having an anti-spam system is mandatory.
In conclusion
There is a possibility of saving on information security solutions, but it is unique for each organization.
WHAT IS PERMISSIBLE FOR ONE ORGANIZATION MAY BE TOTALLY INAPPLICABLE FOR ANOTHER
For detailed consultations, cost estimation of solutions, breaking down the implementation of IS solutions into phases, contact the specialists at LWCOM, who will definitely assist you in securing your business!