Has shopping for a security solution ever felt tedious? Some U.S. media, for example, PC Magazine, have the [shopping] exercise easier by providing comparison tables listing the features of competitive solutions, and even offering recommendations to fit different situations.
However, the situation may not be as clear cut in Asia given that many solutions are delivered by way of channels. Still vendor marketing, media coverage and analyst commentaries do make it sound easier than it seems.
The result is that sometimes we are led to believe that buying for a security solution is as simple as buying a smartphone.
Bada bing, bada boom!
Truth be told even the simplest home security solution comes with a complicated set of parameters
FutureCIO spoke to Yee Keat Phuah, senior manager, Product Engineering at Silverlake to shed some light on current practices in the security solutions space, including common mistakes adopted in the journey towards securing the enterprise.
Critical step for securing the organisation
Often most enterprises start their security journey with the security solution in mind. Yee Keat Phuah, argues against this and suggests that the first step actually begins with identifying the company’s most valuable asset. He also suggests having someone to police the police.
“You should also identify the most trustworthy people in the organisation as they will be the ones you should lean on these to help protect the business,” noted Phuah.
Most common bad practice
For Phuah, buying the best security solution won’t deliver the expected results if it is handed over to the wrong people.
“There are more security products out there in the market today. But people fail to see that security products are just like locks. Every lock has a key. Whoever is given responsibility for the key can become the weakest point in the security system,” noted Phuah.
He is quick to remind us that while the security solution is important, asking who will be charged with the keys to the company is just as important.
One size fits all security strategy
As with many things in business, not all security solutions are created equal. Phuah is of the opinion that depending on the situation, some solution may actually be sufficient for the job at hand. He cautioned that the best practice is to first understand the security requirements of the business before identifying the solution and approach to tackling the issue.
First question to ask solution vendor
Given the wide availability of security solutions, it is important to ask the right questions. Phuah suggests asking your vendor – “why do I need your product?” The reseller or vendor must provide clear steps on how they can solve your security needs.
Gartner acknowledges that there is no perfect protection and that security needs to be adaptive, everywhere, all the time.