How To Save 40 to 60% on Your IT Security Spend

How to Save 40 to 60% on Your I.T. Security Spend

“How would it impact your business if  you saved 40 to 60% on your overall security spend, and get better security?”

This is the question I ask clients most during consulting engagements. Typically there are a variety of responses that end with the question “how?”

On average organizations spend 5% of their total I.T. budget on security solutions and probably have the bare minimum. When those organizations attempt to adequately secure their environments or are driving towards compliance they spend 8 to 12% of their total I.T. budget on security solutions. They are purchasing many point products that don’t work well together. And because they are purchasing point products from several manufacturers there is no real relationship and the manufacturer, and potentially reseller, will want to make more because this is the only deal they are getting.

Imagine cutting your I.T. security spend in half
The following example is real and common. Recently we looked at the three security solutions a client purchased through us. This organization definitely purchases many more security solutions. These are just the ones we have visibility to. I am keeping the client’s name private because most organizations don’t want anyone to demonstrate what could be perceived as a lack of strategy. I am keeping the manufacturers private to keep this unbiased (even though there are a couple of manufacturers I do this with more often with than others).

To renew the following three solutions, this is what the client would pay for a new three year term:

  • Endpoint Anti-Virus – $320,000
  • Full Disk Encryption – $156,000
  • Web Security Gateway – $182,000

The organizations current security renewal comes in at approximately $658,000.

We put together a package from two major security software and hardware manufacturers that included suites and a couple of their point products. One of the manufacturers is already represented in the environment in the Full Disk Encryption solution. We typically try to find at least one manufacturer the client has an existing relationship with when doing this and often look to an endpoint solution because they can be more painful to change.

This is where the new solutions landed on price for three years:

  • Vendor A – $276,000
  • Vendor B – $224,000

By consolidating security vendors we have saved this client approximately 42%, and got them more security.

What’s more, consider that this is only a few technologies and that there are a couple more typically implemented to protect client computing devices. Then consider the fact that you are probably spending 5 times this number in the data center. You can do that math on what those savings look like.

Strategizing with one security vendor can help to accelerate longer term plans with regards to security by helping to narrow the vendor selection and work on pricing.

chart_1 (2)

The only question we typically get at this point is of the risk of having layered security from a single manufacturer. The various solutions offered from the leaders in this space today are very different. It’s no longer that you are getting the endpoint anti-virus signatures on the email gateway.

Security is one of those things that sound sexy in the news when something bad happens, but is considered nice to have in most organizations. Because security crosses all technology boundaries (servers, storage, networking, clients, etc.) it is easy to see how point products are purchased reactively to fill a gap. Developing a strategic partnership with as few security manufacturers as possible will yield the best capital savings, operational savings, and because things will likely work to get you better security.

As usual please feel free to reach out if you would like to discuss further.

Related Posts

Disruptive technology: Trends gaining traction Where would we be without computers, smartphones, music and video streaming? Likely, we’d still be using decade-old technologies like typewriters, landlines, CDs and DVDs. The...
Why the Shellshock Vulnerability Is A Perfect 10 Another big buzz in the media again. Looks like there has been another dangerous vulnerability identified and rated a 10 for impact, and a 10 for exploitability. This is t...
Are you protected from password security breaches? There have been a lot of headlines in the news recently about password security breaches. From “Russian Hackers Amass Over a Billion Internet Passwords” to “Stolen Password...

About Stephen Perciballi

Stephen Perciballi is the Director of Security Solutions for Softchoice, one of North America’s largest technology solutions and services providers.