Flexible Security for the Cloud
My wife and I have a favorite restaurant in our little hometown. It’s a combination of a fancy restaurant and a bar, and they accomplish this by dividing the space in half. If you go to the left, you get nattily-clad hostesses who escort you to your candle-lit table and present you with the leather-bound wine list. Go right to seat yourself on the bar side, where the completely separate menu is actually titled ‘Bar Eats.’ Accompanying those completely separate experiences are completely separate prices, and to an extent, varying levels of service.
Sometimes it feels like cloud security products work in much the same way: ooh this product sounds great, but am I a high-roller or a lowly bar patron today? Collared shirt or cut-off jeans? Did I want that MDM solution to be full-featured or limited to just protecting my mail environment?
It’s easy to forget with all the great security capabilities offered these days that many of them are true enterprise-grade solutions, and that while those solutions are now available to literally anybody with a credit card, there is still a cost associated with increased complexity. I’ve heard more than one customer get upset that top-tier protection workloads aren’t included with base subscriptions.
It’s probably a fair argument, to an extent, because security matters to all organizations, regardless of size. GDPR has made that abundantly clear.
Back when we just had one kid to worry about, we had no idea we could request the ‘Bar Eats’ menu from the fancy side of the restaurant. So every time I wanted a steak, it meant my son was constrained to the high-brow menu full of decadent offerings with zero appeal to a 3rd grader, and corresponding prices with zero appeal to his parents.
But one day the server told us that we had options: just because we’d chosen fancy for one member of our party didn’t mean we had to go fancy for everyone. Now with 3 kids, mom & dad get the fancy menus (hey, we drove AND we’re paying the check!) and the kids get bar menus. They don’t want or need pan-seared scallops or asparagus with saffron butter, they just need to actually eat. Chicken tenders will be just fine, thanks. And the same is true for cloud licensing, and that opens up a whole litany of options for picking the right security workloads for your environment.
Need MFA, conditional access, endpoint compliance & configuration control, and anti-phishing technologies? Sure, Monsieur (or Madame) can order the Microsoft 365 E5 suite, but the same set of features can be achieved via a combination of Enterprise Mobility + Security E3, Office 365 E3, and a dash of O365 Advanced Threat Protection. That may or may not be the right set of offerings to achieve your baseline security requirements, but there is flexibility.
The critical thing to determine is which workloads are necessary for meeting your business requirements - your firstline workers are unlikely to need the same protection as your C-suites. We believe strongly that the combination listed above is a minimum set of security requirements that any organization should consider, but yours may vary by product, contractual obligation, legal requirement, or specific threat.
If you’re trying to make heads or tails of the rich tapestry/morass of security offerings in the Microsoft cloud suite, just know that we’ve been there, done that. We know how to help get the best of the Bar Eats menu while still perusing the wine list. And don’t knock it: the meatloaf and quesadilla from the bar side are AMAZING.