What Happens When 'Tool Sprawl' Makes IT Security Operations Too Complex
Enterprises today have become increasingly reliant on mobile workers and flexible working lifestyles. Plus, they are opening internal resources to outside users, including contractors, partners and service providers. All these users want to connect to enterprise resources from anywhere, using any device, in as simple a manner as possible.
The challenge that security leaders face is to efficiently deploy the secure access tools required provide simple, safe and consistent access to data and applications wherever they reside — in the data center or the cloud.
Multiplicity of tools leads to complexity
A recent research study, “The 2019 State of Enterprise Secure Access,” conducted by IDC Connect and sponsored by Pulse Secure, found that instead of efficiency, many companies are relying on at least two separate tools in secure access. On average, of the 300 companies surveyed, organizations are using at least two in the categories of virtual private networks (VPN), next-generation firewalls, network access controls (NAC) devices, cloud access security brokers (CASB) and mobile device management (MDM).
This underlines the ways that enterprises have amassed a variety of duplicate secure access tools or capabilities in the process of addressing new threats, enabling new features or addressing compliance requirements. Decentralized purchasing authority and acquisitions also contribute to tool proliferation.
Unsurprisingly, the issue of “tool sprawl” is particularly applicable to larger companies, which have about 30 percent more tools than SMEs. Large companies with over 20,000 staff will use over five tools on average for cloud access security. Smaller companies with 1,000-2,500 staff will use five or more tools for VPN access. The resulting tool smorgasbord leaves enterprises to cobble together a piecemeal access security strategy in order to support their distributed environment and business needs.
“Tool sprawl” increases security vulnerability
Given consistent and mounting news of breaches and private data theft, what companies intend to do is fortify their security capabilities to prevent and contain cyberattacks. But instead, the survey found that “tool sprawl” is contributing to complexity for both users and administrators while reducing visibility across users and devices connecting to resources.
The results of this proliferation in tooling include security gaps, delayed threat response and increased costs. For example, 79 percent of respondents cite poor user and device discovery and mobile computing exposure as a known security control gap that is both significant and impactful. Over 75 percent also cited weak device access, security gateway sprawl and inconsistent, incomplete remediation.
It’s no surprise, then, that the survey found unacceptably low confidence in respondents’ ability to mitigate some access threat areas. For example, 22 percent of security leaders expressed low or no confidence in their ability to provision, monitor and enforce access for bring your own device (BYOD) and Internet of Things (IoT) devices. A fifth said the same about orchestrating dynamic access authentication, as well as defining and enforcing network segmentation.
The alternative: tool suites that meet buyer needs
Close to half (48 percent) of respondents expressed an interest in reducing the number of tools they have and exploring secure access platforms or suites as an alternative to purchasing individual tools for each function. They did make it very clear what they expect vendors to deliver in the way of tool attributes:
- Overall performance and scalability (64 percent)
- Data Center and cloud platform support (hybrid IT) (59 percent)
- A good end user experience with client and client-less operation (58 percent)
- Identity and endpoint access management features (57 percent)
- Value pricing and ease of administration (56 percent)
The findings vary by company size. Hybrid IT coverage and end user computing coverage, and performance and scale are of relatively higher importance to smaller companies in the study. Larger enterprises worry more about breadth of authentication and single sign-on (SSO) options for hybrid IT, depth of access context visibility and anomaly intelligence, and protected connectivity options – perhaps indicating that performance and scale are table stakes.
Secondary desired tool features include end-user platform coverage; breadth of authentication and SSO options; and depth of access context visibility and anomaly intelligence. The least important feature cited by respondents, or perhaps the one that buyers feel is a standard, is access ecosystem interoperability.
The time to evaluate your tool set is now
IT organizations are consolidating tools and exploring platforms to gain operational and cost efficiencies. They are looking primarily for these tools to be integrated in a secure access platform or suite: VPN, NAC, CASB, multi-factor authentication and web application firewall.
Enterprises should assess their current tool portfolios to determine the degree of redundant or limited capabilities of each tool and determine if a suite of tools can better satisfy business and audit requirements. Beyond coverage, visibility, control and management functionality, suites can yield demonstrable integration, administrative, support and cost benefits.