ASG's Security Solutions Blog

The Tool Problem Has an Answer

  

 Email Article  

Tweet  

  

  

  

By Scott Schmidt, VP of Engineering & Professional Services

I took the challenge from our Professional Services Group to answer the probing questions around an approach that might help security professionals choose the right solution, or, a set of tools used for a measurable process by people with definitive roles and responsibilities.

The following are the questions and my answers:

• What applications have you seen work best to help increase the efficiency of a company? Why?

I have found that a company must first identify its security performance baseline, KPI’s and methods to measure performance before implementing applications and solutions.  When a company does this, it can then identify the applications that will help it meet those KPI’s and goals.  Unfortunately, applications usually are selected and implemented before the KPI’s are identified which forces the company to work within the limits (constraints) of the application or solution.  So it is important to have the company’s KPI’s drive the types of applications and solutions needed rather than have the applications, solutions and technologies drive the company’s KPI’s.

With that said, there are several applications that can help increase efficiency of a company.  However, they cannot simply be implemented without a clear understanding of how they will meet the security KPI’s and company mission.  Having the ability to measure performance against a performance baseline provides the ability to improve efficiencies.  The types of applications and solutions or tools deployed should provide the data, management and process control that a company needs to meet its KPI’s.  

• What emerging technologies do you think will change the way companies do business? How can someone adopt this now?

I believe the emerging technologies that will fundamentally change the way security and business operate is a combination of cloud computing and mobility.  These two technologies combined will provide companies with more efficient and cost effective security solutions as well as reduce the operational overhead by pushing security management out to the edge.  Companies will need to establish a new operational management program for its security to begin to move to the cloud and interconnected mobility solutions.

• How do you evaluate new technologies for your clients?

Security Executives need to be assured that their solution can predictably address their needs and organizational goals.  But, unfortunately, the vendors and service providers have not always provided a true benchmarking of the capabilities.  So many executives end up with a good PowerPoint and proposal but no predictability in the outcome.  ASG has a different way.  We choose to evaluate new technologies based on the needs from our clients as well as on our persistent research on emerging trends and technologies.  Based on our client's business case and needs, we can evaluate technologies with a clear goal of identifying how the technology can improve our customers’ security programs. The actual evaluation is performed in a controlled environment with documented evaluation goals and results.  We believe this ability to 'benchmark' technology before recommending it, sets ASG apart from all other consultative integrators in the market.

• How do you measure the value of a technology once you have deployed it?

We can measure the value of a technology after it has been deployed as long as a performance baseline and KPI’s have been identified in advance of deployment. The baseline and KPI’s provide the areas that we can measure the deployed technology against.  Without these, we cannot truly measure a technology’s performance.  ASG has invested heavily in assessment tools and consultants to ensure our clients create the baseline that will be the validation and proof point for the value premise they used to justify the solution to their business.