Feb 23 2021

Cybersecurity: Best-of-Breed Approach or Single-Vendor Platform?

The platform option is gaining popularity among businesses seeking to protect their networks, but they should weigh several factors before choosing.

Some of the best-known nonprofits in the world, like Amnesty International, Human Rights Campaign and March of Dimes, turn to ROI Solutions, based in Medford, Mass., for their customer relationship management systems so they can oversee relations with funders, suppliers and associates.

For its own security and that of its customers, ROI has invested in products from CrowdStrike, Cisco and others to develop a best-of-breed security solution all its own.

Across the country, on the California coast, Hayward Lumber has built a security solution almost exclusively based on Barracuda Networks products.

The companies present two sides of an increasingly ­common debate among IT security professionals: Are organizations better off building their own customized platforms by integrating solutions from several vendors or by picking a single vendor that can deliver a complete package of protection on a single platform?

The answer? Well, there is no single answer, says Jeff Pollard, vice president and a principal analyst serving security and risk professionals at Forrester. Each approach has its place in today’s constantly shifting IT world, and the decision is complex, but he says he’s seen a definitive shift toward single-vendor platforms over the past several years.

“In the past, you might have heard more CIOs tell you that vendor lock-in was a concern,” Pollard says. “Now, you really don’t hear that at all. The advantages from vendor platforms are overriding the negatives. That’s a tremendous change in the industry that didn’t exist three or four years ago.”

The Benefits of a Multivendor Approach to Security

Faced with a number of choices in the security software ­marketplace, leadership at ROI Solutions chose a combination of industry-leading solutions for the organization. Gina VanderLoop, founder and CEO of ROI, explains that her approach to security mirrors her company’s customized approach to its CRM customers.

“We’re a best-of-breed company ourselves,” she says. “For our clients, we look for the best products out there and figure out how we can integrate those into our platform. We do the same for ourselves. We don’t think one company can have all the solutions you need, and that’s why we’ve partnered with a number of companies including CrowdStrike, Cisco and Citrix.”

Because ROI’s CRM handles sensitive data and operations, such as payment processing, the company needs its security, as well as that of the product, to be as airtight as possible. VanderLoop considers the best-of-breed security solution to be a necessary investment.

CrowdStrike was ROI’s biggest purchase this year. The company has also implemented Tenable, RSA SecurID and Cisco’s Duo multifactor authentication solution and Firepower firewalls.

MORE FROM BIZTECH: How to keep data secure with cloud storage encryption.

“All of our clients have security first and foremost on their minds, and every time we get a new client or go through an external audit, we get asked the hard questions — what are we doing to keep our clients’ data protected?” says VanderLoop.  “I’m happy to answer those questions. We can easily explain why we made the decisions and investments we did.”

Those security software decisions can be expensive, but VanderLoop maintains they’re the right solutions for her company and its clients.

“The world is getting worse in the security threat area, and the minute you put in some protective layers you’ve got to keep evaluating it. It requires continuous evaluation of the security measures that you have in place in addition to ongoing training of all of our staff to become human firewalls,” she says. “You have to invest in both the technology and the training to ensure that our clients’ data remains secure.”

The Benefits of the Single-Platform Approach to Security

Ed Davis, the IT director of Hayward Lumber, a building supply company based in Monterey, Calif., began deploying Barracuda solutions in 2012, and has been satisfied ever since. When Barracuda started expanding its solution set beyond the Voice over Internet Protocol phone system it initially bought, Hayward Lumber was all in.

After using Barracuda Essentials for years to filter email spam, Davis upgraded to the full suite of email products. “The newer modules use artificial intelligence to figure out whether something is really an email or not,” he says. “It allows us to test our security and test our users as well.”

Gina VanderLoop
For our ­clients, we look for the best products out there and figure out how we can ­integrate those into our platform. We do the same for ourselves.”

Gina VanderLoop CEO, ROI Solutions

Davis also uses Barracuda’s CloudGen Firewall and VPN solution.

Two key reasons Hayward Lumber has chosen to be a platform shop are the interoperability and the cost savings. Hayward has a small IT team, consisting of two senior-level, full-time employees and various consultants and contract support.

“One of the advantages is how the various components intermesh,” says Davis. “With one Barracuda console, I can control email, backups and security all in one place. Cost is another ­advantage. It’s why we bundled our full security package — we got a good deal.”

Davis did venture away from Barracuda for an external firewall. Because the company operates a number of websites for its various business arms, Davis found that AT&T, which provides Hayward’s internet services, also provided a strong network-based firewall, which he uses in tandem with Barracuda’s security products.

“That adds another layer of AI-based scanning of internet traffic,” Davis says.

WATCH: Get expert advice on how to manage risks in the cloud.

A Healthy Mix of Security Approaches

If best-of-breed security is at one end of the spectrum and full-platform security is at the other, the approach of Samaritan Ministries International is somewhere in the middle. Based in Peoria, Ill., SMI is a nonprofit healthcare cost-sharing organization for nearly 85,000 households.

“Our overall business model is based around sharing,” says Keith Merriman, security manager at SMI. That includes personal and financial information, he says. “In the security space, there are many things that could introduce malicious outside forces and negligent internal entities into our environment. It is my job to make sure we have all of the processes, procedures and education in place to address these concerns for the ministry.”

SMI selected Palo Alto Networks as its first line of defense. “We chose the Palo Alto platform because of the m­assive vectors it can cover as a single platform and its commitment to integration,” he says.

At the same time, SMI supplements the Palo Alto solution with additional products to provide deeper coverage.

“Our CIO is very aggressive with f­inding innovative ways that will allow us to capitalize on the benefits of both multivendor and single-vendor approaches,” Merriman says. “Diversification of products and solutions gives us an opportunity to be flexible and creative in the healthcare industry where we serve our members.”

Photography By JASON GROW