Discover Performance

HP Software's community for IT leaders // November 2012
Subscribe

5 questions to spur security innovation

Sometimes the best innovations are right under your nose. In security, there’s a huge opportunity lurking in simply doing more with what you’ve already got.

For every problem, there’s a product that promises a quick fix. That’s why a common strategy to solving a new challenge—in security and elsewhere—is to buy something. Eventually, short-sighted fixes pile up into an unmanageable collection of poorly integrated, partially utilized solutions.

Instead of a highly orchestrated response to the risks your enterprise faces, you end up with overlap, solutions that don’t communicate well, and a lot of unused technology firepower. At a time when every part of the IT organization is under pressure to provide value through innovation, and to do more with less, exploring the underutilized tools at hand can let security deliver new value with what it’s already got.

Make what you’ve got work harder

Take a second look at your inventory of security solutions, and look for new and better ways to use them, singly and together. Start like this:

1. Why did I buy this solution? Rushed implementations designed to solve one urgent problem often overlook the full range of possibilities. Now is the time to look deeper.

2. How often do I look at all the dashboards for this product? If you only look at one part of the management interface, it’s time to find out what there is that you’re not using.

3. Have you updated this product—and how you use it? Most vendors provide major updates to their security solutions every six months. A solution you once bought for a single function may have added features that will work better with what you’re doing now, and will save you the cost of another point solution.

4. How many of your security products don’t integrate at all with anything else? Isolation puts negative drag on a solution’s overall value. Poorly integrated solutions should be the first on your list to replace/retire with something that can work more cooperatively in your environment. 

5. Do I have multiple products that can do the same thing? Many businesses make the mistake of believing that they need the top-performing solution for every function, which leads to feature overlap. Look for a single solution that gives you the best overall performance for all of the features it performs.

Don’t forget you have a willing (and free!) assistant to aid your investigation into these issues: your vendors. You should trust your vendor enough to say: “I bought this from you. Am I getting the most out of it?”

Broadening security’s reach

With just a little outside-the-box thinking, security specialists can stretch the boundary of where security technology adds value. Consider ways to use the tools at your disposal, such as your application security solution or security information and event management (SIEM), to solve new problems, especially those that go beyond traditional data-level security. Some examples:

  • Consider ways of using log data from your application security solution to uncover anomalies, such as fraud.
  • A SIEM solution knows about all your internal and external IP addresses you are communicating with. It can be used in conjunction with IP/Domain reputation to uncover malicious traffic. It can tell you, for example, when you are communicating with an IP address of dubious reputation—or a bot.
  • Use vulnerability reports from your applications security solution to identify how the exploit would look and use it to actually write rules on your IPS. There are some vendor solutions that would do this automatically for you.

Going forward

This reexamination of existing tech resources is a gift that can keep on giving. Make it a best practice to never make another expenditure on new technology without first checking to see whether you already own something that can do the trick. And don’t just wait until you have a new problem to shop for—review your use of existing solutions regularly.

After you’ve combed through your existing products, see how HP Enterprise Security’s solutions can help you better integrate your technology for greater utilization, efficiency, and value. For insight into maximizing your security investment, talk to the experts at HP Enterprise Security Services.


x

IT leader assessment

This tool evaluates the correlation between IT attributes and business success and, based on how your answers compare with average scores, will advise you where to invest in IT.

It is based on data HP collected from 650 global companies about a range of IT characteristics (server capacities, approach to information management, security, BYOD, etc.) and how they correlate to revenue gain. This assessment will compare your answers to the average scores in that study.

There are 12 questions that will require an estimated 10 minutes of your time. You'll receive a summary of your rating upon completion.



Let's get started
x

Please select an answer.
x

Analysis:

Your answer:
Your score:
Average score:
Revenue leaders' score:


x

Please select an answer.


x

Results

Your score:
Average score:
Revenue leaders' score:


Get detailed results:

Subscribe

Popular tags

Events

Ponemon’s 2014 Cost of Cyber Crime study

Security analyst Larry Ponemon discusses his 2014 findings in a series of region-specific webinars covering Europe, the Americas and Asia.


HP Discover 2014

Join thousands of IT execs, engineers, and solution experts to explore IT trends, strategies, and best practices. (Barcelona,
Dec. 2–4)


Discover Performance Weekly

HP Software’s Paul Muller hosts a weekly video digging into the hottest IT issues. Check out the latest episodes.

Enterprise 20/20

Security 20/20

Preparing today for tomorrow’s threats.

Introduction to Enterprise 20/20

What will a successful enterprise look like in the future?

CIO 20/20

Challenges and opportunities for the CIO of the future.

Dev Center 20/20

How will we organize development centers for the apps that will power our enterprises?

Marketing 20/20

Welcome to a new reality of split-second decisions and marketing by the numbers.

IT Operations 20/20

How can you achieve the data center of the future?

Employee 20/20

What the workforce of 2020 can expect from IT, and what IT can expect from the workforce.

Mobility 20/20

Looking toward the era when everyone — and everything — is connected.

Data Center 20/20

The innovation and revenue engine of the enterprise.

Read more

HP Software related

Most read articles

Discover Performance

Archive

Tweets @ HPSecurity