Safely Shaving SMB Security Costs - InformationWeek
Mobile // Mobile Applications
01:34 PM
Keith Ferrell
Keith Ferrell

Safely Shaving SMB Security Costs

Cutting security expenditures is tough -- short-term savings can all too easily introduce long-term (or short-term) risks. Here are three solid, safe ways to save on security.

Cutting security expenditures is tough -- short-term savings can all too easily introduce long-term (or short-term) risks. Here are three solid, safe ways to save on security.Looking for ways to cut your security expenditures without cutting your security? Three good areas to explores are:

1. Security training and education

2. Local security vendors and contractors

3. Security as a Service

Education and training:

A good first step in trimming security training costs is to take a look at the recommendations in John Sawyer's Dark Reading piece on that very subject.

Sawyer suggests looking at local or online security conferences and security training resources. Good advice -- the threat environment changes constantly, and while there's no substitute for ongoing education and monitoring of those changes, most of them can easily be kept up with at home rather than at costly remote conferences and seminars.

Not doing seminars and training anyway? All the more reason to apply some effort to looking at resources available in your area or on your desktop. Just because you don't budget for security training, doesn't mean you shouldn't be training your security team. Training doesn't need to cost a lot, and up-to-date security education can repay its price many times over.

Local security vendors and providers:

If you're already sourcing out your security to local providers, how long has it been since you've compared the prices your vendors charge with those of other is your area? While cost-savings is not the only reason to sever what may be a long-term relationship with an existing vendor, you certainly should be aware of what your vendor's competitors are charging -- and should make your vendor aware of your knowledge.

Local and regional security resources are always worth looking into, a process made easier by sites listing security vendors and companies by specialty.

Bear in mind, of course, that changing security vendors shouldn't be undertaken on a whim, even one that carries a substantial discount. Make sure that your new vendor provides everything your previous provider delivered before making the leap.

Security as a Service:

Security budgeting is the right time to look into security as a service (SaaS). With major security players applying more and more effort to marketing to -- and pricing for -- small and midsized businesses, hosted security services may offer you one-stop security savings.

Bear in mind that, depending upon the size of your company and the number of seats requiring security services (and thus security service subscriptions), the outlay for in-depth cloud-based security services may look at first as though you're growing, rather than shrinking your security budget, the bottom-line to look at is the level of services you're buying.

For instance, if your current security provider or in-house team and tools doesn't provide total end-point monitoring and protection, but a security service does, the increase in security expenditures is more than offset by the increase in overall security.

Small comfort there, i know, if you're watching -- and pinching -- every penny, but with the bulk of IT security professionals' time being spent on patching, dealing with malware and responding to incidents, an increase in spending that reduces staff time and overhead while heightening security may not be so expensive after all.

It's all in how you look at it, of course -- and these three security areas offer you a variety of ways to look at your security budget, how you spend it and what you get in return.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll