With Security, You Get What You Pay For 

An ETR Insights CIO Interview

ETR Insights 

| August 12, 2022

In a recent ETR Insights Interview, the CIO of a large logistics enterprise discussed how he evaluates moving to the cloud on an application-by-application and service-by-service basis and methodically determines the value proposition of going to the cloud for each application. Read on for extensive commentary on the products and vendors this CIO has evaluated across his stack to secure a distributed enterprise, fulfill customer obligations, and enable a productive workforce. Keep reading for some of the highlighted takeaways from the interview including vendor comments on Atlassian, Cloudflare, CrowdStrike, CyberArk, Elastic, Microsoft, Palo Alto, Splunk, and many others.

Leveraging Public Cloud: This logistics enterprise employs a blend of Google Cloud, Microsoft Azure, Amazon Web Services, and on-prem instances. They are in the process of implementing Intune, SCCM, and a number of different Microsoft platforms that best integrate with Azure AD and the organization’s Azure environment. For business intelligence, the organization’s applications are developed and maintained on AWS. “I'm sure they would do just as well in any of the others, but once you've invested in one environment, it can be challenging to migrate.” The organization is in the process of assessing Google Cloud’s Prisma Access SD-WAN and traffic analysis capabilities.

Fail-Over Capability is Essential: In any hybrid or multi-cloud environment, fail-over capability is critical. As a logistics company with just-in-time needs, they cannot depend on a single cloud environment or on-premise data center – either of which will at some point go down, if only for a few minutes. Among smaller alternatives, Cloudflare is one of this CIO’s favorites. They plan to deploy Cloudflare Access to replace their existing hub-and-spoke-style VPN, as well as Cloudflare’s DNS filtration capabilities. Our guest enjoys the ease with which Cloudflare products can be deployed. “You just implement an agent on any given system that you want to be part of that internal network, and then it will reverse proxy to give you that connectivity capability within a virtual private network.”

Full Stack Security Hygiene: Our guest employs CrowdStrike’s full-service offering, including management, maintenance, monitoring, alerting, and escalation for any detection and response on the endpoints, server, and workstation. While their pricing is a little high, “You get what you pay for when you're at that level.” Broadly, our guest is not yet comfortable with an automated response and the AI/ML trend in the information security space but says that services from CrowdStrike are more viable than others in the way they integrate some automated response to lock down systems or prevent a process from exfiltrating information.

They endorse Palo Alto’s SD-WAN service and ION boxes and appreciate that Palo Alto makes their entire platform available as VMs, a bonus for IT departments. Our guest would recommend either Proofpoint or Mimecast for traffic analysis and has had a good experience in the past with F5’s PCI environment security. This enterprise is currently examining its SIEM solution. “We will probably be orienting towards Sentinel for everything in the Microsoft environment, and Elastic as a CLF for on-premise, and consolidating from multiple different environments.” Our guest finds Splunk one of the best tools for logging, but it is relatively expensive compared to Elastic and Sentinel. While BitSite offers a great product, the organization is not yet ready for it.

They have migrated their endpoint management system to Microsoft Intune, so that any device can connect, be managed, and update software and policies pushed, including all protection tools. Additionally, the company is in the midst of implementing CyberArk, which they find a bit pricey at times but otherwise well worth it. They applaud Zscaler’s very strong customer support but have little business to give them at this time. In light of Okta’s recent security breach, our guest commented that he is happy they went with Cisco’s Duo for MFA and user risk.

Managing Productivity in a Distributed Environment: To secure a work-from-home environment, our guests’ Director of Development swears by Atlassian’s Jira and Confluence. The company favors Confluence in the dev team and ClickUp outside of the dev team; this CIO loves both Confluence’s project plans and ClickUp’s synchronization tool, which allows them to report to upper management easilly. The company has used Zoom and Citrix for communications but is in the process of consolidating all onto Microsoft Teams, and our guest looks forward to eliminating Jabber and their legacy Cisco phones and managing all via Teams and Intune. To address a shortage of hardware, our guest is exploring Citrix’s Virtual Desktop Infrastructure, which would allow remote employees to use any affordable laptop to access their data center.

Storage and Servers: In Storage, this logistics enterprise is not yet cloud-mature enough to be using much outside of Amazon S3 and Azure Blob. They do own some on-premise HP storage equipment and employ Veeam for backup, and cite Iron Mountain as another reliable tool for secure archiving. Our guest has used Barracuda in the past, but not within the last two to three years. Our guest expects to upgrade and/or replace their current storage due to end-of-life in the next year or year-and-a-half. Their admin team loves HP’s Nimble storage, though HP hardware is currently very expensive due to global shortages of technological components.

This organization has VMware running on almost every server this CIO employs but they are frustrated that the latest supported versions of VMware don’t work on "five or six-year-old hardware" which is otherwise perfectly capable of running everything most organizations would need. Our guest cites this issue as another driver for more cloud adoptions. “You just can't upgrade there. There's no path to do so, which forces a number of organizations to run old versions of VMware software.”

To access the full Interview or Summary, log in to ETR and check out our Insights Library packed with hundreds of ITDM interviews. Not a member yet? Start your free trial today.

Enterprise Technology Research (ETR) is a technology market research firm that leverages proprietary data from our targeted IT decision maker (ITDM) community to bring you actionable insights about spending intentions and industry trends. Since 2010, we have worked diligently at achieving one goal: eliminating the need for opinions in enterprise research, which are often formed from incomplete, biased, and statistically insignificant data. Our community of ITDMs represents $1+ trillion in annual IT spend and is positioned to provide best-in-class customer/evaluator perspectives. ETR’s proprietary data and insights from this community empower institutional investors, technology companies, and ITDMs to navigate the complex enterprise technology landscape amid an expanding marketplace. Discover what ETR can do for you at www.etr.ai