Is there a case for Microsoft as your solely enterprise safety companion?

In current GigaOm analysis, we evaluated whether or not there was a superb argument to make use of a single safety companion to guard a company or if a number of “better of breed” options are nonetheless the best way to go.

We checked out two use instances. Microsoft, utilizing the broad capabilities of its M365 E3 platform with its E5 safety add-on, in comparison with deciding on particular person options from a number of main enterprise safety distributors, together with Crowdstrike, OKTA and Proofpoint.

The analysis consisted of price evaluation, technical comparisons, and conversations with senior IT decision-makers to know among the standards they used when evaluating know-how.

Our evaluation confirmed that technically and commercially, Microsoft’s instruments and providers supply a lovely single-vendor proposition. Nonetheless, it additionally uncovered that, whereas this was the case, there was additionally a pervading perspective from a variety of CxOs, that not solely was Microsoft not their major selection, however for some, they’d not even take into account Microsoft as a safety companion.

That raised the query as as to if Microsoft did, the truth is, current a robust sufficient proposition to be a single safety companion for an enterprise and whether or not it was attainable to beat the considerations of CxOs. To aim to reply these questions, we wished to assessment our analysis and produce a contemporary CxO perspective to it. To try this, we enrolled our personal CTO, Howard Holton, to supply further CxO perception into the outcomes of our work.

The analysis round Microsoft as a safety companion

The goal of this submit is to not share all of the analysis. It’s to supply a abstract of our findings which may also help reply among the questions decision-makers would ask when evaluating a single-vendor versus multi-vendor method for cybersecurity instruments and providers.

Analysis scope

Earlier than offering that abstract, it’s helpful to stipulate the scope of our analysis. It is very important be aware that this was not a hands-on technical analysis, detailed performance testing, or TCO evaluation. The scope of the analysis was to supply a C-level briefing that appeared on the following;

• Resolution capabilities
• Excessive-level price evaluation
• Different operational overhead/enterprise dangers

We evaluated these areas to know whether or not the single-vendor versus multi-vendor method might;

• Cut back complexity
• Cut back price 
• Keep/improve safety

We utilized these questions throughout a number of enterprise safety challenges. The Microsoft E5 Safety Add-on covers every of those areas, and we in contrast that to the seller listed in every class;

• Endpoint together with cell – Crowdstrike
• Id Administration – Okta
• Electronic mail Safety together with BEC, phishing safety, virus, and malware protection – Proofpoint
• MFA and adaptive entry controls – Okta/Proofpoint
• Instruments to observe menace and failure – Crowdstrike
• Information Loss Prevention and Related Information Safety Applied sciences – Proofpoint
• Cloud Utility Safety/Cloud Entry Service Dealer – Proofpoint

These areas precisely replicate the important thing safety focus we discover in all varieties of organizations. Subsequently, evaluating the aptitude of any software towards them was a helpful strategy to examine options and functionality, their price, and whether or not they would meet the wants of a company’s fashionable safety calls for.

The professionals and cons of Microsoft as a safety companion

Microsoft’s E3 + E5 Safety add-on provides a complete vary of safety instruments for customers of its Microsoft 365 and Azure providers. Its breadth of functionality would offer a company with wide-reaching safety and complete safety by way of a single vendor.

The Microsoft Safety Toolset

Microsoft’s safety protection is broad and break up throughout a variety of core service suites. This contains;

• Microsoft Defender for EDR, anti-virus, Cloud App safety, anti-phishing, and information loss prevention throughout desktop, server, Mac, cell, and naturally, Cloud
• Microsoft Entra supplies id safety
• Change On-line Safety defends towards phishing and BEC and provides malware safety

This vary of safety instruments is tightly built-in into Microsoft Azure and M365 to supply prospects with a complete, seamless safety expertise. For these prospects, the analysis highlighted that the only vendor, single platform method reduces each technical and industrial complexity, making a compelling safety providing.

Why had been CxO’s not embracing Microsoft’s compelling providing?

Whereas Microsoft did make a robust single-vendor case, why did potential prospects and their safety decision-makers meet this with the view that “Microsoft just isn’t even a consideration” when evaluating safety options and companions?

Causes for not selecting Microsoft

What had been among the key causes we found?

• I don’t wish to spend much more with Microsoft.
• Whereas the options are broad, I don’t imagine their capabilities are pretty much as good as specialist distributors.
• I don’t want all my safety eggs in a single basket.
• The pricing of migration from my present suppliers is important.
• Can they supply me with hands-on menace response help?
• Is their menace response software one thing I might reclaim by way of my cyber insurance coverage?

Are these legitimate considerations?

Whereas all considerations are legitimate throughout our analysis, we discovered proof that could possibly be used to assist reply a few of them. This doesn’t imply the considerations are incorrect, however they supply further context which will alter a possible buyer’s notion.

I don’t wish to spend extra with Microsoft

There are good industrial explanation why this can be the case. We did additionally discover that there was a really robust monetary case made for the single-vendor method.

Primarily based on revealed pricing, our analysis noticed potential financial savings near 80% when utilizing the Microsoft E5 safety add-on in comparison with utilizing three particular person distributors*. Whereas there could also be industrial causes to not spend extra with Microsoft, it is a vital determine, and one that ought to make for nearer examination, particularly the place budgets are below ever-increasing strain.

Microsoft’s capabilities are not so good as specialist distributors

It is a complicated query, and because the analysis was not primarily based on performance testing, it was not definitively answered right here. Nonetheless, we have now present in different GigaOm analysis that Microsoft’s capabilities rating extremely in our security-based stories.

It must also be thought of that the single-vendor method will cut back the complexity that a number of distributors can create. We additionally found that Microsoft’s E5 method is extraordinarily complete and crammed gaps that had been left by the a number of main distributors we additionally evaluated.

I don’t want a single vendor

The worth of utilizing a number of best-of-breed distributors has benefits. To know if that may be a legitimate concern in any given occasion, it is very important perceive why the multi-vendor method is most popular and what it provides {that a} single vendor can’t. We discovered Microsoft’s method technically and commercially engaging. Our findings actually made a case for the re-appraisal of the only vendor method in these situations.

Price of migration

It is a robust and legitimate concern. As IT budgets stay strained, migration prices might deliver unwelcome further strain. This could not imply it shouldn’t be thought of, as there are doubtlessly long-term financial savings available. Nonetheless, organizations ought to research the size of this return to establish its viability.

Risk response and cyber insurance coverage

One of many main questions raised when evaluating Microsoft with different main distributors was its functionality to supply menace response if a cyber incident ought to happen. Whereas Microsoft can certainly cowl menace response, we discovered service definitions and prices much less clear throughout our analysis than these of opponents equivalent to Crowdstrike.

An extra concern was whether or not they  can be coated below cyber insurance coverage when participating in such providers. Each considerations are vital and would require full readability when evaluating adopting or altering or single safety vendor method.

What had been the three key benefits we found?

In exploring this with GigaOm’s CTO Howard Holton, we found a number of key benefits of the only vendor method that the diligent tech evaluator ought to take into account. None of these items is to say Microsoft or any single vendor is the correct reply, however there’s a case to discover, and as Howard talked about on the finish of our analysis, “no less than we’d have Microsoft within the dialog”.

• Price discount: the potential right here is important. Whereas it ought to by no means be the primary criterion, it’s a consideration in a world of under-pressure budgets. Our comparability of Microsoft’s E3/E5 Add-on versus an amalgamated main vendor method confirmed potential financial savings within the area of 80%*. In fact, in the actual world, prospects are unlikely to pay full revealed costs, however the saving potential does exist and should be thought of.
• Complexity discount: Complexity is the enemy of safety. The extra merchandise a company tries to deliver collectively, the extra complicated it turns into to safe, the upper the operational overhead, and the extra possible there shall be safety gaps. Microsoft is extraordinarily robust right here, if not good. Their options are managed from its single M365 platform however not essentially in a single console. It supplies consistency of safety coverage and process throughout the platform. And, in fact, the breadth of the platform ensures detailed insights and analytics from throughout a company are made accessible to assist with menace investigation and searching. That is additionally augmented by each automated incident response and, extra lately, the additions of managed response by way of Microsoft Safety Consultants. This isn’t inconceivable to realize with third-party distributors, particularly those we checked out right here, who share a variety of tight product integrations that share intelligence to supply broad safety insights, nevertheless it does take further work.
• Improved Safety: This one is much less clear. There isn’t any doubt that the breadth of protection and capabilities Microsoft supplies can actually assist enhance safety posture, particularly for these utilizing E5 to fill current gaps. The E5 license provides a robust resolution, particularly for these deeply invested in Microsoft’s cloud platforms. Nonetheless, it’s much less clear whether or not these already invested in different instruments would see the identical enhancements. Whereas in some instances, Microsoft will ship parity and even characteristic enchancment, there shall be many instances the place best-of-breed opponents do issues Microsoft doesn’t. Safety should be the primary criterion in these instances, no matter potential price financial savings.

Ultimate ideas

In reply to the query we posed on this submit, the reply is sure, Microsoft could possibly be a single safety supplier for a company. Nonetheless, not for all. Whereas it supplies stable safety capabilities at a really engaging worth, there are gaps. In actuality, Microsoft’s method is barely going to be efficient for these with a robust funding and strategic dedication to Microsoft Azure and M365 already.

There, in fact, would be the comparability of capabilities. Specialist distributors are, on the very least, perceived to supply “higher” safety capabilities than Microsoft’s native instruments and, in lots of instances, present issues Microsoft don’t. The concept Microsoft supplies “adequate” safety is true, nevertheless it mustn’t have adverse connotations. Adequate safety is precisely that, adequate to satisfy wants. Nonetheless, organizations should completely consider whether or not any potential options meet their wants.

More and more organizations additionally want providers to reinforce their inner assets. Distributors like Crowdstrike supply complete skilled providers with menace and incident response groups. Microsoft does supply this, however the full route of its Safety Consultants service and the way that may examine is unclear. This shall be a vital consideration.

This analysis confirmed us {that a} single vendor, particularly Microsoft, could make a robust case by way of functionality, efficacy and value. They might both change into a single vendor filling safety portfolio gaps, and even exchange different distributors in some situations.

Nonetheless, we additionally famous that best-of-breed market-leading options are perceived as that for a motive, and that price alone should not be the one criterion for changing them. 

What was actually true for individuals who take the time to completely consider Microsoft’s capabilities, as our CTO Howard Holton identified, it ought to no less than make Microsoft a part of the dialogue.

Word

*Our worth comparisons had been primarily based on a 5000-user enterprise, 10,000 gadgets evaluating M365 E3 plus E5 safety versus Crowdstrike, Okta and Proofpoint as a part of Crowdstrike’s Spectra Alliance offering the identical safety protection. Primarily based on revealed record worth comparisons, analysis confirmed a 77% saving utilizing Microsoft’s instruments in comparison with an built-in method utilizing the three main distributors confirmed.

This didn’t embody any discount in operational price, as this was outdoors of the scope of this analysis. Nonetheless, it ought to be famous that in earlier analysis, trying on the affect of safety software consolidation, we have now seen reductions in operational prices of 3-7 occasions.