Value based selling has always been a core mantra in our business at sustainableIT. We start with how can we add value to our clients but more importantly, can we back up whatever we are doing with a solid, bullet proof business case. I for one have never been keen on selling tactics based on fear but with the “WannaCry” ransomware outbreak across the world in recent days, fear and security is very much top of mind. As Dylan prophetically wrote, “the times they are a changing”.
The challenges we face today in terms of potential cyber-attacks are enormous. In a massively interconnected world, if someone sneezes we may all get the virus. Protection, mitigation and threat detection are paramount.
The advancement in technology has obvious benefits but just this week the head of Dutch intelligence, Rob Bertholee warned that the world could face cyber threats which could trigger unrest, chaos and disorder. Speaking this week he posed the question: “Imagine what would happen if the entire banking system were sabotaged for a day, two days, for a week”. After recent virus outbreaks, these questions really need to be taken seriously.
Based on this challenge, what can we do and how can we help our clients. With threats, security and risk, can we change the conversation back to value based selling. The obvious answer is yes as I wouldn’t be writing this blog if it wasn’t. Through our strategic relationship with 1E, we can provide best in class solutions that save our clients real money and improve their security stance significantly.
Security updates and patching
The WannaCry virus leveraged a known vulnerability in the Windows operating system. This was first exposed and communicated by an anonymous group calling itself “Shadow Brokers” in April. Shortly before Shadow Brokers released their files, Microsoft issued a patch for affected versions of Windows, ensuring that the vulnerability couldn’t be used to spread malware between fully updated versions of its operating system.
For many reasons, from lack of resources and bandwidth to a desire to fully test new updates before pushing them out more widely, organisations are often slow to install such security updates on a wide scale. For many of our clients running Microsoft SCCM, these updates take significant time to get down the wires due to reasons too technical for this blog.
However, this is where we can turn the conversation back to value. Nomad Enterprise from 1E can deliver any SCCM content, faster and in a more bandwidth friendly fashion than a native SCCM deployment. This means, not only can you get patches down to your devices faster, but you are more likely to do this because Nomad will never impact your business traffic. The value is that the solution reduces the server infrastructure required to run SCCM and limits any network upgrades that you may have had in mind to cater for risks and threats. Furthermore, due to a collapsed SCCM architecture, SCCM is easier to manage and requires less effort. Nomad does not replace your SCCM investment, it just allows you to extract more value out of it and saves you future real money in the process.
Have you hit junk status?
One of the challenges with maintaining an acceptable security posture is making sure you understand exactly what is installed and running on your network. If you don’t know something is there, how can you maintain the risk associated with it?
Again, 1E has the solution in the form of AppClarity. AppClarity answers the question of what you have; this is probably the risk and grudge purchase. The value is that it allows you to take business actionable decisions based on this data within the solution. An example, purely based on risk is that AppClarity can show you all the versions of a particular product you are running (back releases may be a risk as they may not be supported and patched) and allow you to set a policy to uninstall and reclaim the older versions behind the scenes without ever impacting the end user. This cleans up your estate and will definitely improve your risk exposure.
This functionality can be extended to getting rid of junk on your network however. By junk in this context I mean software lying around that is not being used and which may or may not be costing you money in terms of subscription or maintenance renewals. AppClarity can also reclaim software purely based on usage, and it can do this across all vendors and all products. With average unused software in organisations being as much as 30% of licenses deployed, the business case for AppClarity is a no-brainer.
Endpoint Detection and remediation
Finally, if something does get through all of your protection, which it will do at some stage, how do you deal with the threat. Will you have the information on hand to understand exactly where the threat is and which machines have been impacted. When this happens, speed is absolutely of the essence. Waiting hours or even minutes to get a report from the networking or infrastructure departments may actually be too late. Again, our partner 1E has the answer in the form of Tachyon.
Tachyon provides the fastest query and remediation capabilities on the market. In fact we blogged about Tachyon a couple of months ago in “Tachyon is the Google for your IT infrastructure”. Cyber-attacks will happen and your ability to respond rapidly is essential to limiting their damage.
Not only can you use Tachyon to identify a threat, you can also use it to take an action to eliminate or mitigate the threat. And you can do this in a matter of seconds across 1000’s of devices which is all explained in our previous blog.
Tachyon has value in spades as it is extensible and can be used across multiple departments and multiple use cases. Its limit is really your imagination and we build a business case specifically on your use case. It just so happens that as an added benefit you get the best query and remediation tool on the market today. If you want to ask a question across all your devices and all your operating systems, Tachyon gives you the answer.
The long and short is that buying based on risk is often a grudge purchase, if you can buy based on value and still secure your network, surely that makes for a sound business decision.