The news has constant reminders of the risks of an unsecure infrastructure. The Colonial Pipeline ransomware event recently caused blood pressure spikes in boardrooms and C-Suites all over the world.
Microsoft continues to expand their security and compliance offerings, with a dizzying and confusing array of services, bundles, and add-ons to your 365 subscriptions. As we come into June, the end of the Microsoft fiscal year, clients are getting heavy pressure from management to “do something” about the very high-risk security and compliance requirements in today’s enterprise – and Microsoft is happy to sell “solutions”. But are they really the only and best solution?
This ambition is ironic considering the latest high-profile hack has been attributed by Nicole Perloth, New York Times Cyber Security reporter, to a vulnerable version of Microsoft Exchange Server. Microsoft of course has denied this citing lack of evidence (so far).
IT pros know that people are always going to be the weakest link in tech security, but Microsoft knows that FUD sells, and that the most important thing is to get the contract inked, before June 30th. And buying some software always seems preferable to buying training for end users, regardless of any evaluation of the relative effectiveness of those alternatives.
Immediately, there are usually more questions than answers:
- What’s a beleaguered CIO to do, when the board is saying “protect the company”, but the budget is nowhere near large enough to buy E5 for everyone?
- How is a CISO supposed to demonstrate compliance with internal and external requirements, except by pointing to an outsourced, cloud-based service?
Obviously, there are plenty of viable alternatives for every product that Microsoft sells. Almost all of our clients have multiple solutions already in place, and for the most part, working just fine. So, what is to be gained by ditching those and using Microsoft instead? And do any of these solutions truly provide the protection that the board demands? The answer is of course, no. Humans are always going to be the weakest link from the C-Suite to the rank-and-file IT worker.
The real question is, what alternatives do you have to Microsoft’s monopoly bundling game? If you are in the unenviable situation of being tasked by leadership to ‘fix it’, but not extra budget to get it done, do not despair – there are many options that can satisfy your Board, Shareholders, Customers, and mitigate the security risk.
At NET(net), we’ve developed a set of processes and tools to quickly:
- Analyze your security toolset
- Translate your incumbent solutions and requirements
- Convert those into specific, negotiable strategies to control costs while delivering the protection your company needs.
Our immediate and free advice? Don’t sign your next Microsoft renewal until you have fully evaluated your options and understand what you are, and are not, getting from Microsoft.
It’s never too late. Contact us today to have a quick conversation and get some peace of mind.
Founded in 2002, NET(net) is the world’s leading IT Investment Optimization firm, helping clients find, get and keep more economic and strategic value. With over 2,500 clients around the world in nearly all industries and geographies, and with the experience of over 25,000 field engagements with over 250 technology suppliers in XaaS, Cloud, Hardware, Software, Services, Healthcare, Outsourcing, Infrastructure, Telecommunications, and other areas of IT spend, resulting in incremental client captured value in excess of $250 billion since 2002. NET(net) has the expertise you need, the experience you want, and the performance you demand. Contact us today at firstname.lastname@example.org, visit us online at www.netnetweb.com, or call us at +1-866-2-NET-net to see if we can help you capture more value in your IT investments, agreements, and relationships.
NET(net)’s Website/Blogs/Articles and other content is subject to NET(net)’s legal terms offered for general information purposes only, and while NET(net) may offer views and opinions regarding the subject matter, such views and opinions are not intended to malign or disparage any other company or other individual or group.